FPL Copilot LogoFPL Copilot

Privacy Policy

Last updated: 9 March 2026

1. Introduction

FPL Copilot ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and services at fplcopilot.com.

2. Information We Collect

Account information

  • Email address (provided at sign-up or via Google OAuth)
  • Name (provided at sign-up or from your Google profile)
  • Profile picture (from Google OAuth, if applicable)
  • FPL Team ID (optionally provided by you)

Usage data

  • Solver runs and settings (to provide optimisation results)
  • Expected-minutes overrides you make on the Expected Points page
  • Copilot Chat conversations (to improve our AI assistant and user experience)
  • Pages visited and features used (basic analytics)

Payment information

Payments are processed by Stripe. We never see or store your full card number. Stripe may collect billing details in accordance with their own privacy policy.

3. How We Use Your Information

  • To provide and improve our services (solver, expected points, chip strategies)
  • To authenticate you and manage your account
  • To process subscription payments via Stripe
  • To send transactional emails (password resets, subscription confirmations)
  • To respond to support requests

We do not sell your personal data to third parties.

4. Cookies

We use the following cookies:

  • fplcopilot_session: httpOnly session cookie for authentication
  • fplcopilot_csrf: CSRF protection token

We do not use advertising or tracking cookies. No data is shared with ad networks.

5. Third-Party Services

We integrate with the following services, each with their own privacy policies:

  • Fantasy Premier League API: to fetch your team and player data (public FPL data)
  • Google OAuth: for sign-in authentication
  • Stripe: for payment processing
  • Anthropic (Claude API): to power the AI chat assistant on the solver page

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Anonymised, aggregated usage data may be retained for analytics purposes.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Export your data in a portable format

8. Security

We use industry-standard security measures including httpOnly cookies, CSRF protection, password hashing (bcrypt), rate limiting on authentication endpoints, and encrypted connections (HTTPS) to protect your data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact

If you have questions about this Privacy Policy or your data, contact us at fplcopilot.service@gmail.com.