Skip to content
Tifo TIFO
en fr
← Back to home

Privacy Policy

Last updated: May 12, 2026

Tifo (formerly Ballstradamus) — referred to in this policy as "Tifo," "we," "our," or "us" — operates a football prediction game available as a website and as a mobile application for iOS and Android (collectively, the "Platform"). Tifo is operated by Théo Neubeck. This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your data.

1. Information We Collect

We collect and store the following categories of information when you use the Platform:

  • Account information: email address, username, and (optionally) a profile picture.
  • Google sign-in data: if you choose to sign in with Google, we receive your email address and basic profile information (name, profile picture) from Google.
  • Apple sign-in data: if you choose to sign in with Apple, we receive your email address (or Apple's private relay email) and, if you provide it, your name.
  • League information: names, descriptions, and (optionally) cover images for private leagues you create.
  • Gameplay information: your match predictions, your points balance, your achievements, supporter tier, and your prediction history. Your username and points are publicly visible on global and league leaderboards as a core feature of the Platform.
  • Device and push-notification information (mobile app only): when you grant notification permission, we store an Expo push token associated with your account so we can deliver match reminders and league updates. The token is delivered to end-user devices via Apple Push Notification service (APNs) on iOS and Firebase Cloud Messaging (FCM) on Android.
  • Photo library access (mobile app only): if you choose to set or change a profile or league picture, the app requests permission to read images from your device photo library. We only access the single image you select. The Tifo mobile app does not use the camera and does not request the CAMERA permission.
  • Authentication and session data: stored by Supabase (our authentication provider) to keep you signed in across sessions. On mobile, the session token is stored in the device's secure storage (iOS Keychain / Android Keystore via expo-secure-store).
  • Locale and UI preferences: your preferred language and lightweight UI state are stored locally in browser localStorage or device storage.
  • Analytics: we collect anonymized usage data such as screens visited and general device/browser information to understand how the Platform is used and improve it.

We do not collect IP addresses, contacts, location, microphone audio, camera images, or any sensitive personal information beyond what is listed above.

2. How We Use Your Information

  • To create and manage your Tifo account.
  • To enable gameplay, record your predictions, and calculate your points.
  • To display your username and points on public and league leaderboards.
  • To send push notifications for match reminders, league activity, and other gameplay events (only on devices where you have granted notification permission).
  • To display the Platform in your preferred language.
  • To improve the Platform, optimize performance, and diagnose issues.
  • To comply with legal obligations when required.

3. Permissions Used by the Mobile App

  • Photo library (READ_MEDIA_IMAGES on Android, NSPhotoLibraryUsageDescription on iOS): requested only when you tap to set or change a profile or league picture. We do not scan or upload anything other than the image you explicitly select.
  • Notifications (POST_NOTIFICATIONS on Android 13+, user prompt on iOS): requested so we can deliver gameplay-related push notifications. You can revoke this at any time in your device settings.
  • Internet: required to communicate with our backend services.

The Tifo app does not request access to the camera, microphone, contacts, location, calendar, SMS, or call logs.

4. Cookies & Local Storage

  • Local storage / device storage: we store UI preferences (including your preferred language) and your authentication session so you stay signed in.
  • Cookies (web only): we do not use first-party cookies for gameplay. Third-party services used to analyze website traffic may set cookies. You can manage these through your browser settings.

5. Data Sharing

We do not sell your personal information to third parties. Your data is shared only with trusted service providers essential to operating the Platform:

  • Supabase: authentication, database storage, and image storage.
  • Google (Sign-In): when you choose to sign in with Google, authentication is delegated to Google.
  • Apple (Sign in with Apple): when you choose to sign in with Apple, authentication is delegated to Apple. Apple may provide a private relay email address that forwards to your real address.
  • Expo (Expo Push Notification Service): routing of push notifications to user devices.
  • Apple (APNs) and Google (FCM): delivery of push notifications to iOS and Android devices respectively.
  • API-Football: source of match fixtures, scores, and football data displayed in the Platform. We do not transmit your personal information to API-Football.

Additionally, your username, profile picture, and points are publicly visible on the leaderboards as part of the competitive gameplay experience.

6. Data Retention & Security

  • Account data, predictions, and points history are stored in our Supabase database.
  • We retain your data as long as your account is active or as needed to provide our services.
  • We rely on industry-standard security practices, including encrypted transport (HTTPS), Supabase row-level security, and secure on-device storage for authentication tokens.

7. Children's Privacy

Tifo is not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children below that age. If you believe a child has provided us with personal information, please contact us so we can delete it.

8. Your Rights

Under applicable privacy laws (including the GDPR for EU/EEA users and the CCPA for California users), you have the right to:

  • Access the personal data we hold about you.
  • Request corrections to inaccurate data.
  • Request the deletion of your personal data and account.
  • Withdraw consent for push notifications at any time via your device settings.

You can delete your account from your profile settings within the app. Deletion is permanent and removes your profile, prediction history, and points from our systems. You may also email us using the contact below.

9. International Transfers

Your data may be processed in countries other than the one where you reside, including the United States and the European Union, where our service providers operate. We rely on the standard contractual safeguards offered by these providers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be reflected by updating the "Last updated" date at the top of this page. Continued use of the Platform after an update constitutes acceptance of the revised policy.

11. Contact Us

For privacy-related questions or requests, please contact: neubeck.theo@gmail.com.