Privacy Policy

Last updated: June 12, 2026

At FantasyPilot LLC ("we," "us," or "our"), accessible from fantasypilot.ai, protecting your privacy and securing your personal and session data is our top priority.

This Privacy Policy outlines how FantasyPilot—including our web application and the official FantasyPilot Chrome Extension (the "Product")—collects, uses, stores, and safeguards your data, as well as your rights regarding this information.

🔒 Our Core Privacy Commitment:
We never sell, rent, trade, or distribute your data to any third-party advertisers, data brokers, or marketing networks. All information collected is used solely to authenticate your sessions and synchronize your private fantasy sports data with your personal, protected workspace.

1. Data Collected by the FantasyPilot Chrome Extension

The FantasyPilot Chrome Extension is an automated bridge built specifically to eliminate manual credential input and repetitive exports. To perform this role, the extension interacts with the following categories of data in your browser:

Authentication Information: The extension securely extracts your active Sleeper session token (`localStorage.getItem("token")`) when you are logged into Sleeper.com, and holds your securely pushed Clerk token (`clerkToken`) from FantasyPilot.ai.
Financial and Payment Information: When running a financial ledger sync, the extension securely reads transaction summaries, league manager names, and payment ledgers directly from your active, logged-in LeagueSafe.com dashboard.
Website Content: The extension reads the raw DOM content of active Sleeper.com and LeagueSafe.com tabs to extract league settings, roster alignments, trade history, draft selections, and entry-fee status.
User Activity: The extension tracks local user clicks on the popup menu (such as clicking the "Sync All Leagues Now" button) to register, execute, and verify manual background sync operations.

2. How We Use Your Data

All data collected or extracted by our Product is processed exclusively to deliver your analytics dashboard. Specifically, we use the information to:

Provide, maintain, and update your personal FantasyPilot Co-Commish metrics and ledger sheets.
Automatically synchronize league rosters, draft picks, and league standings in the background without forcing you to re-authenticate or manually import JSON arrays.
Generate consolidated financial books showing payment status, unpaid entry fees, and prize allocations based on LeagueSafe dashboards.
Report diagnostic extension performance metrics (via Clerk client events) to troubleshoot synchronization issues and prevent software crashes.

Automated Decision-Making & Profiling (GDPR Article 22 Compliance)

FantasyPilot processes league rosters and transactions to generate automated analytical trade recommendations, projections, and strategy advice. These models do not make legally binding decisions about you or affect your legal status. They serve as entertainment and administrative recommendations. Where autopilot automation features are enabled by a user, the execution remains subject to user-defined settings, and users retain the absolute right to toggle off background automations at any time.

3. Who We Share Your Data With

We value your trust. We do not sell or monetize your data. Your data is shared only with services necessary to operate our infrastructure:

FantasyPilot Backend: Data extracted from your tabs is securely transmitted to our backend hosted on Amazon Web Services (AWS).
Clerk Authentication: PII, session, and authentication layers are handled securely by Clerk, our official enterprise identity provider.
AI Subprocessors (Google Gemini API): We utilize Google Gemini AI APIs (`@google/generative-ai`) to power our trade evaluation, roster valuations, constitution processing, and strategy recommendation engine. We strictly do not transmit user-identifiable contact details (such as your email address, billing information, or real names) to the Google Gemini API. Only anonymized public fantasy sports data (rosters, league settings, draft picks, and custom notes) is sent. Google is contractually bound to not use data sent via our API to train, fine-tune, or prompt its public foundational models. Your data is never used to train or fine-tune FantasyPilot's proprietary models without your explicit, separate opt-in.

4. EU AI Act Transparency Disclosures

Under the European Union Artificial Intelligence Act (EU AI Act):

Risk Classification: FantasyPilot operates as an AI-powered entertainment, analytical, and administrative tool, classifying it in the Minimal or Limited Risk tier.
Active Transparency Obligation: When interacting with the AI Co-Commish or viewing trade analysis, you are actively interacting with an artificial intelligence system utilizing large language models (LLMs). By using these features, you acknowledge and consent to this interaction.

5. Algorithmic Fairness, Bias, & Variance Disclaimer

AI-generated trade advice, valuations, and rankings are derived from statistical projections, external calibration anchors (such as KeepTradeCut and FantasyCalc), and historical player data. Due to the statistical nature of machine learning:

We disclaim all liability for algorithmic bias, pricing variance, or analytical errors.
AI evaluations are subjective statistical estimations and do not constitute absolute financial, professional, or athletic predictions.
We disclaim any liability for decisions made or actions taken in your leagues based on AI recommendations.

6. Data Retention, Storage, and Security

We implement robust security standards to keep your session and roster details safe:

Encryption: All data is encrypted in transit using industry-standard Transport Layer Security (TLS/HTTPS) and encrypted at rest on AWS Aurora cluster databases (AES-256). Administrative access to databases is limited strictly via IAM-authenticated Systems Manager (SSM) secure port forwarding.
Local Browser Storage: Extracted Sleeper and Clerk authentication tokens are kept strictly inside secure, isolated local extension storage (`chrome.storage.local`), which cannot be accessed by other websites or extensions.
Purging and Account Deletion: You remain in control. You can request complete account deletion inside your settings at any time or by emailing us at support@fantasypilot.ai. Deleting your account instantly and permanently purges all associated tokens, transaction ledgers, and database records from our active servers.

7. Compliance with Chrome Web Store Policies & Limited Use Disclosures

Our data collection and processing practices for the official FantasyPilot Chrome Extension strictly comply with the Chrome Web Store Developer Program Policies, including the Limited Use Requirements:

Limited Use Compliance: The use and transfer of information received from Google APIs by the FantasyPilot Chrome Extension will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
We do not transfer, lease, rent, trade, or sell user session credentials, tokens, or fantasy sports league data to third-party advertising networks, data brokers, retargeting agencies, or informational clearinghouses.
We do not use user data to evaluate creditworthiness, eligibility for loans, or for any profiling purposes.
Permissions are kept as narrow as possible. For example, we do not request or utilize broad "Web History" permissions, and only interact with Sleeper and LeagueSafe domains required for the extension's single purpose.
No AI Training on Collected Credentials: We do not feed raw session credentials, authentication keys, or financial ledgers into large language models (LLMs) for foundational training or fine-tuning.

8. Contact and Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us directly:

📧 Email: support@fantasypilot.ai
🌐 Website: fantasypilot.ai