Synchronized, efficient, always growing.
Privacy Policy for Minors
Status: Public draft
Last updated: 2026-03-16
Application: ClubSy
1. Purpose and scope
This policy explains how ClubSy handles personal data related to minors (children under the legal age in the applicable jurisdiction), including data processed through parent/guardian-assisted flows.
This policy complements the general Privacy Policy and applies whenever a minor profile is created, linked, or managed in ClubSy.
2. Minor accounts and guardian-assisted access
In ClubSy, minors may be onboarded through a guardian-assisted invitation flow ("Minor with guardian (token)").
In that flow:
- The minor is registered as the athlete/member in the corresponding team context.
- The parent/guardian is linked as a supervising adult for management actions.
- The parent/guardian is not automatically converted into the minor's sports role.
3. Data we may process for minors
Depending on usage, ClubSy may process:
- Child identity data: full name and platform identifier(s).
- Team and club operational data: memberships, roles, event participation, attendance status, invitations.
- Guardian relationship data: guardian-child link records and related supervision metadata.
- Technical/security data: authentication logs, device/session metadata, and abuse-prevention records.
ClubSy is designed to avoid requiring direct email or phone number from minors in guardian-assisted flows.
4. Data we may process for parents/guardians
For parent/guardian-assisted onboarding and management, ClubSy may process:
- Parent/guardian account identifiers.
- Optional guardian contact details entered during invitation flow.
- Actions performed on behalf of the linked minor for club/team operations.
5. Legal basis and parental authorization
Where required by applicable law, processing of minor data is based on parental/guardian authorization and/or legitimate service operation for sports club management.
ClubSy and each club using ClubSy are responsible for implementing age checks and collecting any legally required consent language in their jurisdiction.
6. Purposes of processing
Minor-related data may be processed to:
- Register minors in teams and events.
- Allow guardians to manage participation and club communications for minors.
- Protect account integrity and platform security.
- Provide essential sports-management features requested by clubs and users.
- Comply with legal obligations.
7. Data sharing
Minor-related data is shared only as needed to operate the service, including:
- Authorized club/team staff under role-based access.
- Service providers acting as processors (infrastructure, authentication, storage, notifications), under contractual safeguards.
- Competent authorities when legally required.
ClubSy does not sell minors' personal data.
8. Retention and deletion
Minor-related data is retained only for as long as needed for operational and legal purposes.
Where applicable, authorized deletion requests can be submitted by legal guardians (or by the data subject when legally eligible), subject to legal retention obligations and integrity requirements.
9. Security protections
ClubSy applies reasonable technical and organizational controls to protect minor-related data against unauthorized access, alteration, and loss.
Controls include authentication protections, access controls, and role-scoped operational visibility.
10. Rights related to minors' data
Depending on jurisdiction, legal guardians may request:
- Access to personal data.
- Rectification of inaccurate data.
- Deletion (when legally permissible).
- Restriction or objection to specific processing.
Requests should be sent to the privacy contact listed by the controller.
11. International transfers
If data is transferred internationally, appropriate safeguards are applied according to applicable law.
12. Controller and contact
For data-controller details and contact channels, refer to:
Legal notice
This document is a product policy draft and must be reviewed by qualified legal counsel before production/legal use in any jurisdiction (including COPPA, GDPR-K, UK GDPR, LOPDGDD, or local equivalents).