Bench Coach — Legal

Privacy Policy

Last updated: 2026-05-04

1. Information We Collect

Information you provide

  • Account information: email address, display name, and authentication data (via Clerk)
  • Bet tracking data: wagers you record in your personal bet tracker
  • Communications: messages you send to support or feedback channels

Information collected automatically

  • Usage data: pages visited, features used, session duration, clicks
  • Device data: browser type, device type, operating system, IP address
  • Cookies: authentication tokens, age-verification cookie (bench-coach-age-verified), analytics identifiers

Information from third parties

  • MLB Stats API: publicly available game, player, and statistical data — no user-linked data
  • The Odds API: publicly available sportsbook odds — no user-linked data
  • Clerk: account verification data

2. How We Use Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Authenticate your account
  • Personalize your experience (e.g., bet tracker, preferences)
  • Analyze usage patterns via PostHog; track errors via Sentry
  • Detect errors and technical issues
  • Comply with legal obligations

We do not sell your personal information.

3. Sharing Information

We share information only as follows:

  • Service providers: Clerk (authentication), PostHog / Sentry (analytics/error tracking), Vercel (dashboard) + Railway (backend) — each bound by their own privacy terms
  • Legal compliance: when required by law, court order, or to protect rights and safety
  • Business transfers: in a merger, acquisition, or sale of assets (users notified in advance)

We do not share personal information with sportsbooks or affiliate programs. If you click an outbound link to a sportsbook, your interaction is governed by that sportsbook’s privacy policy.

4. Cookies, Storage, and Tracking

We use cookies and browser storage for:

  • Authentication (Clerk session) — cookies
  • Age verification — cookie, remembered for 30 days
  • Analytics (PostHog) — anonymous identifier in browser localStorage; opt out by clearing site data for benchcoach.io
  • Error tracking (Sentry) — no personal data transmitted

You can disable cookies and clear site data in your browser settings (which removes both authentication cookies and PostHog’s localStorage identifier). Disabling authentication cookies will prevent account access.

Affiliate click events. When you tap an outbound affiliate link to a sportsbook, we record a click event for attribution purposes. Each event captures personal data and operational click metadata.

Personal data:a SHA-256 hashed IP (SHA-256 with a server-side salt, truncated to 32 hex characters — not reversible to the original IP), your browser’s user-agent string, and your account ID if you’re signed in (anonymous click events have no account ID).

Operational click metadata: the bookmaker name, market type (moneyline / total / spread), dashboard surface where the click originated, game ID, an internal attribution slug indicating which dashboard component initiated the click, and the server-resolved destination URL. Pre-approval, the destination URL is an internal transparency page (/affiliate-coming-soon); post-approval, it is the bookmaker’s deep-link.

These fields are recorded so that, on the day an affiliate-program application is approved, attribution for prior clicks is in place. We do not currently earn commission from any bookmaker referenced on the Service. Click-event records may be deleted on request via the rights process described in Section 6. Full affiliate disclosure at /affiliate-disclosure.

5. Data Retention

  • Account data: retained for the life of your account; deleted within 30 days of account closure
  • Usage analytics: retained up to 12 months for aggregated data
  • Error logs: retained 90 days
  • Affiliate click events: retained for the life of your account; deleted on request
  • Bet tracking records: retained for the life of your account unless deleted by you

6. Your Rights

Depending on your jurisdiction, you may have the right to: access your personal information, correct inaccurate information, request deletion of your account and data, opt out of certain data processing, and receive a machine-readable copy of your data.

California residents (CCPA): You may request to know, delete, or opt out of the sale of personal information. We do not sell personal information.

EU/UK residents (GDPR): Legal basis for processing: (a) performance of contract, (b) legitimate interest, (c) consent where required.

To exercise any right, email: legal@benchcoach.io.

7. Security

We use industry-standard measures including encryption in transit (HTTPS) and at rest, authentication via Clerk, and secure hosting at Vercel (dashboard) + Railway (backend). No system is perfectly secure — you are responsible for maintaining the confidentiality of your account credentials.

8. Children’s Privacy

The Service is intended for users 21 and older. We do not knowingly collect information from users under 21. If we learn that we have collected information from a minor, we will delete it promptly.

9. International Users

The Service is operated in the United States. If you access it from outside the US, you consent to the transfer and processing of your information in the US, which may have different data protection laws than your jurisdiction.

10. Changes to This Policy

We may update this Policy from time to time. Material changes will be communicated via email to registered users and/or a prominent notice on the Service. The “Last updated” date at the top reflects the most recent revision.

11. Contact

Questions? Email legal@benchcoach.io.

Operator: [PLACEHOLDER: company legal name / DBA], [PLACEHOLDER: state of formation], USA.

← Back to Bench Coach