Privacy Policy

1. Principles §

• Minimal data: only what’s needed to run a free, skill‑only fantasy platform.
• No sale, no ads: we do not sell personal data and we don’t run targeted ads.
• Transparency: clear policies, versioned docs, and user controls.
• Security by design: encryption, access controls, and audits.

2. Data We Collect §

We do not collect financial information because SSH has no payments or real‑money features.

3. How We Use Data §

• Provide and improve core features (lineups, scoring, leaderboards, anti‑abuse).
• Operate clubs and social features (private leagues, invites, moderation).
• Communicate service notices (lock timers, corrections, policy updates).
• Secure the service and detect fraud (rate‑limits, duplicate accounts, collusion checks).
• Aggregate analytics to understand usage (never for targeted ads).

4. Legal Basis §

• Contract: to provide the service you sign up for.
• Legitimate interests: keep the platform secure, prevent abuse, improve features.
• Consent: optional features like email digests or push notifications.
• Legal obligations: to comply with applicable laws and lawful requests.

5. Sharing §

• Service providers: hosting, email delivery, analytics (bound by contracts; no selling).
• Community features: usernames, teams, and leaderboards are public in contests you enter.
• Safety & legal: we may disclose data to investigate abuse or comply with lawful requests.
• We do not sell personal data.

6. Retention §

We keep personal data only as long as necessary for the purposes described:

• Account data: while your account is active, then up to 30 days after deletion (backups up to 90 days).
• Gameplay data: retained for historical leaderboards and integrity; you may request pseudonymization.
• Logs: typically 30–180 days unless needed for security investigations.

7. Security §

• Encryption in transit (TLS) and at rest for core data stores.
• Strict access control and audit logs for administrative actions.
• Regular backups and disaster recovery procedures.
• Vulnerability management and incident response plan.

8. Cookies & Local Storage §

SSH aims to minimize client‑side storage. We may use only essential, first‑party cookies/local storage for login sessions and performance.

We do not use third‑party ad cookies. You can clear site data anytime via your browser settings.

9. Your Rights §

• Access a copy of your data.
• Request correction, deletion, or export (portable format).
• Withdraw consent for optional features at any time.
• Object to processing where we rely on legitimate interests.

To exercise rights, email support@cricket2025x.site. We may verify ownership before fulfilling requests.

10. Children §

SSH is for users aged 13+ (or the minimum age in your jurisdiction). We do not knowingly collect personal data from children under 13. If you believe a child provided data, contact us to remove it.

11. International Transfers §

Our servers or providers may be located outside your state or country. We use contractual safeguards and industry‑standard security to protect your data wherever it’s processed.

12. Changes §

We may update this policy to reflect new features or legal requirements. Material changes will be notified in‑app or via email. The “Effective date” will be updated.

13. Contact Us §

Questions about privacy? Email privacy@cricket2025x.site or support@cricket2025x.site. For press inquiries, see Contact.