SignDay Privacy Policy
Effective Date: April 18, 2026 Last Updated: April 18, 2026
1. Introduction
This Privacy Policy describes how Future Think LLC ("SignDay," "we," "us," or "our") collects, uses, shares, and protects personal information when you use the SignDay mobile application (the "App") and related services (collectively, the "Service").
SignDay is a companion application for families navigating the college soccer recruiting process. Because the Service is designed for use by both parents and high school athletes (ages 13 and older), this Policy contains specific provisions relating to minors and parental consent under the Children's Online Privacy Protection Act ("COPPA") and analogous state laws.
By creating an account or using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service.
2. Who We Collect Information From
2.1 Users Under 13
SignDay does not knowingly collect personal information from children under 13. Account creation requires a date of birth, and registrations from users under 13 are blocked automatically. If we learn that we have inadvertently collected personal information from a child under 13, we will delete it promptly. Parents or guardians who believe we may have information about a child under 13 should contact us at privacy@signdayapp.com.
2.2 Minors Aged 13–17
Athletes aged 13–17 may use the Service only after a parent or legal guardian creates the Family Account and invites them. The parent's creation of the Family Account and invitation of the minor constitutes verifiable parental consent for the collection, use, and disclosure of the minor's personal information as described in this Policy.
Parents and legal guardians may, at any time:
- Review the personal information we have collected about their minor athlete
- Request that we correct or delete that information
- Withdraw consent for further collection by deleting the account through in-app settings or emailing privacy@signdayapp.com
2.3 Adult Users (18+)
Parents and legal guardians who are 18 or older provide information about themselves and, where applicable, their minor athlete.
3. Information We Collect
3.1 Information You Provide Directly
Account information:
- Email address
- Password (stored hashed; we never see the plaintext)
- Date of birth
- Role (parent or athlete)
- Family relationship (linked via family invite)
Athlete profile information:
- Full name
- Graduation year
- Athletic position (e.g., Goalkeeper, Defender)
- Academic information: unweighted GPA, SAT score, ACT score
- Home state
- Division preferences (D1, D2, D3, NAIA)
Recruiting activity:
- Schools added to your tracker
- Coach contact information (name, email — entered by you)
- AI-generated outreach emails (content and metadata)
- Notes and decision journaling
- Financial aid offers and visit dates you record
- Milestone completion status
Payment information:
- We do not directly collect or store credit card numbers. All payments are processed by Apple App Store, Google Play, and RevenueCat. We receive only subscription status, trial expiration dates, and a RevenueCat customer identifier.
Communications:
- Messages you send to us (support inquiries, feedback)
3.2 Information Collected Automatically
- Device information: Device model, operating system version, unique device identifiers, language, timezone
- Usage data: Screens viewed, features used, time spent in app, events (e.g., school added, email generated)
- Crash and diagnostic logs: Stack traces, error messages (anonymized where possible)
- Push notification tokens: If you grant permission for push notifications
3.3 Information From Third Parties
- Subscription status from Apple, Google, and RevenueCat
- Email delivery status from Resend (when we send you onboarding emails)
3.4 AI-Generated Content
When you use the Service's AI features, the inputs you provide (athlete profile, school details) are sent to OpenAI's API to generate the output (recruiting snapshot, coach email draft, fit score). The outputs are stored in your account. Inputs are transmitted to OpenAI under their enterprise data processing terms and are not used to train OpenAI models per our API configuration.
4. How We Use Your Information
We use the information we collect to:
- Create and maintain your account and Family Account
- Provide the core Service (school tracking, AI snapshot, coach email generation, recruiting timeline)
- Process subscriptions and free trials via Apple, Google, and RevenueCat
- Send transactional email (onboarding sequence, athlete invites, subscription notices) via Resend
- Send push notifications you have opted into (follow-up reminders, milestone alerts)
- Personalize AI-generated content based on the athlete's profile
- Analyze usage patterns (via PostHog) to improve the Service
- Detect, investigate, and prevent fraud, abuse, and security incidents
- Comply with legal obligations
We do not sell your personal information. We do not use your information to serve advertisements.
5. How We Share Your Information
We share personal information only as described below:
5.1 Service Providers (Processors)
We share information with third-party vendors that help us operate the Service. Each is bound by a data processing agreement and may use information only for the purpose we specify.
| Vendor | Purpose | Data Shared |
|---|---|---|
| Supabase | Database, authentication, file storage | All account and recruiting data |
| OpenAI | AI-generated content (snapshot, emails, fit scores) | Athlete profile, school information |
| RevenueCat | Subscription management | Family identifier, subscription events |
| Apple App Store / Google Play | Payment processing | Payment information (direct to Apple/Google, not us) |
| Resend | Transactional email delivery | Email address, name, email content |
| PostHog | Product analytics and session replay | Device information, events, anonymized user identifier |
| Expo | Build hosting, push notification delivery, over-the-air updates | Push token, device identifiers |
5.2 Family Members
Information in a Family Account is shared between the parent and invited athlete. Both can view and edit the family's schools, outreach log, and milestones.
5.3 Legal Compliance
We may disclose information when required by law, subpoena, or valid government request, or to protect the rights, safety, or property of SignDay, our users, or the public.
5.4 Business Transfers
If SignDay is acquired, merged, or sells substantially all of its assets, user information may be transferred to the acquiring entity. We will notify you and give you the opportunity to delete your data before any transfer.
5.5 No Sale or Advertising Use
We do not sell, rent, or trade personal information. We do not share information with advertising networks or data brokers. We do not disclose information to college coaches, recruiting services, or athletic departments.
6. Data Retention and Deletion
6.1 Active Accounts
We retain your information for as long as your account is active.
6.2 Cancelled or Expired Subscriptions
If you cancel your subscription or it expires, we retain your data for 90 days so you can resume without losing your history. After 90 days of inactivity, we will:
- Send an email warning at day 60 post-cancellation
- Delete your account and associated data at day 90
6.3 Immediate Deletion
You may request immediate deletion at any time through:
- In-app: Settings → Delete my account
- Email: privacy@signdayapp.com
We will delete your information within 30 days of a verified request, except where we are required to retain it by law or for legitimate fraud-prevention purposes.
6.4 Parental Requests
A parent may request review, correction, or deletion of a minor athlete's information by emailing privacy@signdayapp.com from the email address associated with the Family Account, or through in-app account settings.
7. Your Rights and Choices
7.1 General Rights
Depending on where you live, you may have the right to:
- Access the personal information we hold about you
- Correct inaccurate or incomplete information
- Delete your personal information (subject to legal retention obligations)
- Export your data in a portable format
- Restrict or object to certain uses
- Withdraw consent where processing is based on consent
To exercise any of these rights, email privacy@signdayapp.com from the email associated with your account.
7.2 California Residents (CCPA / CPRA)
California residents have additional rights:
- Right to know the categories and specific pieces of personal information collected, used, disclosed, or sold
- Right to delete personal information (with exceptions)
- Right to correct inaccurate personal information
- Right to opt out of the "sale" or "sharing" of personal information (we do neither)
- Right to limit use of sensitive personal information
- Right to non-discrimination for exercising these rights
We do not "sell" or "share" personal information as those terms are defined under the CCPA.
7.3 Other State Laws
If you reside in Virginia, Colorado, Connecticut, Utah, or other states with comprehensive consumer privacy laws, you may have similar rights. Contact privacy@signdayapp.com to exercise them.
7.4 Push Notifications
You can disable push notifications at any time through your device's system settings.
7.5 Analytics Opt-Out
You may opt out of analytics collection by emailing privacy@signdayapp.com. Note that this will not affect essential Service functionality but may limit our ability to improve the Service.
8. Data Security
We implement administrative, technical, and physical safeguards designed to protect your personal information, including:
- Encryption in transit (TLS 1.2+)
- Encryption at rest for databases and backups
- Row-level security policies restricting data access to the family who owns it
- API keys and secrets stored server-side only
- Regular security reviews
No method of transmission or storage is 100% secure. We cannot guarantee absolute security but will notify affected users and applicable regulators of any data breach as required by law.
9. International Users
SignDay is operated from the United States. Information we collect is processed and stored in the United States. The Service is currently intended for use within the United States only. If you access the Service from outside the United States, you consent to the transfer of your information to the United States, which may not provide the same level of data protection as your home country.
We do not currently offer the Service in the European Union, United Kingdom, or other GDPR-regulated jurisdictions.
10. Cookies and Similar Technologies
The mobile app uses local device storage (AsyncStorage) to maintain your session and cache data. It does not use traditional browser cookies. Our website (if any) may use cookies for essential functions and analytics.
11. Third-Party Links
The Service may contain links to external websites (e.g., NCAA Eligibility Center, college athletic websites). We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies.
12. Artificial Intelligence Disclosure
SignDay uses artificial intelligence (specifically, OpenAI's GPT-4o model) to generate recruiting assessments, coach outreach emails, and school fit scores. AI outputs are generated based on the information you provide and are not professional recruiting advice. You are responsible for reviewing all AI outputs before relying on them or communicating with college coaches.
Inputs you provide to AI features are transmitted to OpenAI's API under their enterprise data processing terms. OpenAI does not use our API traffic to train their models.
13. NCAA and Recruiting Rule Compliance
SignDay is an organizational tool. It does not send emails on behalf of athletes or facilitate direct athlete-coach contact in any way. All communications drafted by AI must be sent from the user's personal email account. Users are responsible for complying with applicable NCAA, NAIA, and conference recruiting rules. SignDay is not affiliated with the NCAA, NAIA, or any collegiate athletic program.
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top
- Notify registered users by email and/or in-app notice at least 7 days before the changes take effect
- For COPPA-related changes, obtain renewed parental consent where required
Your continued use of the Service after the effective date constitutes acceptance of the revised Policy.
15. Contact Us
If you have questions, concerns, or want to exercise your rights under this Policy:
Future Think LLC 788 North Oak Drive Bronx, NY 10467 Email: privacy@signdayapp.com
For COPPA-related inquiries, please include "COPPA Request" in the subject line.
This Privacy Policy is a draft pending legal review as of April 18, 2026.