FirstWIN SportsFirstWIN Sports

Sign InRegister

Privacy Policy

Effective Date: March 3, 2026

Privacy Policy

This Privacy Policy describes how FirstWIN Sports™ collects, uses, processes, and discloses your information in conjunction with your access to and use of our services.

1. Introduction

FirstWIN Sports™ ("Company," "we," "us," or "our") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and services (collectively, the "Services").

We operate under the laws of the State of Texas and serve users globally. Where applicable, including for users in the European Economic Area (EEA), United Kingdom, and Switzerland, this Policy is designed to comply with the General Data Protection Regulation (GDPR) and UK GDPR. For Texas residents, we comply with the Texas Data Privacy and Security Act (TDPSA).

Please read this Policy carefully. If you disagree with its terms, please discontinue use of our Services.

2. Data Controller Information

For the purposes of applicable data protection laws, the data controller is:

If you are located in the EEA or UK and have questions about our data processing activities, you may contact us at the address above. We will respond to all legitimate requests within 30 days.

3. Information We Collect

We collect information to provide, improve, and secure our Services. The types of personal data we may collect include:

3.1 Information You Provide Directly

  • Identity Data: Name, date of birth, gender, and profile photograph
  • Contact Data: Email address, phone number, and mailing address
  • Account Credentials: Username and encrypted password
  • Professional Data: Coaching certifications, employment history, references, and qualifications
  • Assessment Data: Responses to assessments, evaluation scores, and related performance data
  • Payment Data: Billing information processed securely through our payment provider (we do not store full card details)
  • Communications: Messages, support requests, and feedback you send us

3.2 Information Collected Automatically

  • Device & Technical Data: IP address, browser type and version, operating system, and device identifiers
  • Usage Data: Pages visited, features used, time spent, and clickstream data
  • Log Data: Server logs, error reports, and access timestamps
  • Cookies & Tracking: Cookie data and similar tracking technologies (see Section 9)

3.3 Special Category Data

We may process certain special category data (sensitive personal data under GDPR) where you voluntarily provide it, such as information relevant to disability accommodations. We process such data only with your explicit consent and implement additional safeguards for its protection.

3.4 Data Relating to Minors

Our platform may be used by organizations that work with individuals under 18. We do not knowingly collect personal data directly from minors. Organizations using our Services in connection with youth programs are solely responsible for obtaining appropriate parental or guardian consent before submitting any minor's data to our platform.

4. Legal Basis for Processing (GDPR)

For users in the EEA, UK, or Switzerland, we process your personal data under the following legal bases as defined in Article 6 of the GDPR:

  • Contract Performance (Art. 6(1)(b)): Processing necessary to provide you with our Services under our Terms of Service, including account management and assessment delivery
  • Legal Obligation (Art. 6(1)(c)): Processing required to comply with applicable laws, tax obligations, and regulatory requirements
  • Legitimate Interests (Art. 6(1)(f)): Processing for fraud prevention, platform security, product improvement, and analytics, where such interests are not overridden by your rights
  • Consent (Art. 6(1)(a)): Processing for marketing communications, optional cookies, and special category data, which you may withdraw at any time

5. How We Use Your Information

We use the personal data we collect for the following purposes:

  • Providing, operating, and maintaining the Services
  • Processing and delivering assessment results
  • Managing your account and authenticating your identity
  • Processing payments and managing subscriptions
  • Communicating with you about your account, updates, and support
  • Improving and personalizing the Services based on usage patterns
  • Complying with legal obligations and enforcing our Terms
  • Detecting and preventing fraud, abuse, and security incidents
  • Sending marketing communications where you have given consent

6. How We Share Your Information

We do not sell your personal data. We may share your information in the following limited circumstances:

  • Service Providers: Trusted third-party vendors who assist in operating our platform (e.g., cloud hosting, payment processing, email delivery) under strict confidentiality obligations
  • Organizational Administrators: If you use our Services through an organization, that organization's administrators may have access to your profile and assessment data
  • Legal Requirements: When required by applicable law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to standard confidentiality protections
  • With Your Consent: For any other purpose with your explicit prior consent

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this Policy, maintain your account, comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule.

8. International Data Transfers

Our Services are operated from the United States. If you are located outside the US, your information may be transferred to and processed in the US. For EEA and UK users, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection for international transfers.

9. Cookies and Tracking Technologies

9.1 Essential Cookies

Required for the platform to function. They enable core features like authentication and session management. These cannot be disabled.

9.2 Analytics Cookies

Help us understand how users interact with our Services to improve performance and usability. We use privacy-focused analytics and only activate these with your consent.

9.3 Functional Cookies

Remember your preferences and settings (such as language and login state). Set only with your consent.

9.4 Marketing and Targeting Cookies

May be used to deliver relevant communications. Only activated with your explicit prior consent.

9.5 Cookie Consent and Control

When you first visit our website, you will be presented with a cookie consent banner. You may change your preferences at any time by clicking "Cookie Settings" in the footer.

9.6 Cookie Retention

  • Session cookies: Deleted when you close your browser
  • Persistent cookies: Retained for a period specified at the time of consent, typically between 30 days and 2 years

10. Your Privacy Rights

10.1 Rights Under GDPR (EEA & UK Users)

  • Right of Access (Art. 15): Request a copy of the personal data we hold about you
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction (Art. 18): Request that we limit how we process your data
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
  • Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing
  • Rights Related to Automated Decision-Making (Art. 22): Not be subject to solely automated decisions with significant effects

10.2 Rights Under Texas Law (TDPSA)

  • The right to confirm whether we process your personal data
  • The right to access and obtain a copy of your personal data
  • The right to correct inaccuracies in your personal data
  • The right to delete personal data provided by or obtained about you
  • The right to opt out of the processing of personal data for targeted advertising or profiling

10.3 How to Exercise Your Rights

To exercise any of the above rights, please submit a request to info@firstwinsports.com or in writing to P.O. Box 262084, Plano, Texas 75026. We will respond within 30 days (or 45 days for TDPSA requests).

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

  • SSL/TLS encryption for all data in transit
  • Encryption of sensitive data at rest
  • Access controls limiting data access to authorized personnel only
  • Regular review of data collection, storage, and processing practices
  • Security assessments and vulnerability monitoring

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by applicable law (within 72 hours under GDPR).

12. Children's Privacy and COPPA

Our Services are not directed to children under the age of 13. We do not knowingly collect personal data directly from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at info@firstwinsports.com and we will take steps to delete that information.

Organizations using our platform to evaluate youth participants are solely responsible for obtaining all required parental or guardian consents and complying with COPPA and all applicable state laws.

13. Third-Party Links and Integrations

Our Services may contain links to third-party websites or integrate with third-party tools and platforms. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by email or by posting a prominent notice on our website at least 14 days before the changes take effect.

Your continued use of our Services after any changes constitutes your acceptance of the updated Policy.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or have a concern about how we handle your data: