PUNDITPILOT← Back to site
Legal · Privacy

Privacy Policy

Last updated: 10 June 2026

Who we are

PunditPilot (“PunditPilot”, “we”, “us”) provides broadcast-grade match-graphics software for football content creators, available at punditpilot.com. For the purposes of UK data protection law, the data controller is [LEGAL ENTITY NAME], [REGISTERED ADDRESS]. You can reach us about any privacy matter at hello@punditpilot.com.

What data we collect

We collect only what we need to run the service and respond to you:

  • Enquiry details — when you use the “Join the founding cohort” contact form, we collect the name, email address and any message you submit, so we can reply to you.
  • Account details — if you become a customer, we hold the email address you sign in with and basic channel/branding settings you configure (channel name, team colours, logo, sponsor details).
  • YouTube / Google account data — if you connect your YouTube channel, we receive read-only access to your own YouTube data through YouTube API Services. We store your channel’s basic profile (channel ID, name and avatar) to confirm your linked channel, and, where you enable live broadcast features, we process live-chat messages from your own broadcasts so they can be shown on your overlay. See the YouTube API Services section below for detail.
  • Billing details — Cohort-1 onboarding is handled by concierge invoicing. Payment card data is processed by our payment provider; we do not store full card numbers.
  • Technical data — standard server and hosting logs (IP address, browser type, timestamps) generated when you visit the site, used for security and to keep the service running.

We do not knowingly collect data from anyone under 18, and the service is intended for business use by content creators.

How we use your data

  • To respond to your enquiry and discuss founding-cohort onboarding.
  • To provide, operate and support the PunditPilot service.
  • To power the broadcast features you enable, including reading your linked YouTube channel details and your live-broadcast chat to display them on your match-graphics overlay.
  • To take payment and keep billing records.
  • To secure the service and diagnose technical problems.
  • To send service-related messages (for example, about your account or important changes). We will not send marketing email without your consent.

Our lawful bases under UK GDPR are: your consent (when you contact us and when you connect your YouTube channel), performance of a contract (to provide the service you pay for), and our legitimate interests (to secure and improve the service).

Who we share it with

We do not sell your data. We share it only with the service providers we use to run PunditPilot, each acting as our processor under contract:

  • Supabase — database and authentication.
  • Vercel — application hosting.
  • Resend — delivery of the contact-form email to us.
  • Stripe — payment processing.
  • API-Football — live football data shown on the canvas (this is match data, not your personal data).

Some providers may process data outside the UK/EEA. Where they do, appropriate safeguards (such as standard contractual clauses) apply.

YouTube API Services

Some PunditPilot features connect to your YouTube channel using YouTube API Services. When you link your Google account, you grant PunditPilot read-only access (the youtube.readonly scope) to your own YouTube data. We use this access to:

  • confirm and display your linked channel — we read your channel’s basic profile (channel ID, name and avatar) so your dashboard and broadcast show the correct channel; and
  • power live broadcast features — where you enable them, we read messages from the live chat of your own YouTube broadcasts so they can be displayed on your match-graphics overlay (for example, a live chat ticker and viewer-engagement graphics).

We request the narrowest scope that supports these features, and we do not request write access to your YouTube account. We use YouTube-derived data only to provide the features described above: we do not use it for advertising, we do not sell it, and we do not share it with anyone other than the processors listed above that host the service on our behalf.

By using PunditPilot’s YouTube-connected features, you are also agreeing to the YouTube Terms of Service. Google’s handling of your data is governed by the Google Privacy Policy.

You can revoke PunditPilot’s access to your YouTube data at any time from the Google security settings page at https://security.google.com/settings/security/permissions. You can also ask us to delete any YouTube-derived data we hold (see “Your rights” below). When access is revoked, we stop accessing your YouTube data and delete the channel details and any stored chat data associated with your account.

How long we keep it

We keep enquiry data for as long as needed to deal with your enquiry and a reasonable period afterwards. We keep account and billing data for as long as you are a customer and for any period we are legally required to retain financial records. YouTube channel details are kept while your channel is linked and removed when you unlink or revoke access. You can ask us to delete your data at any time (see your rights below).

Your rights

Under UK GDPR you have the right to:

  • access the personal data we hold about you;
  • have inaccurate data corrected;
  • have your data erased;
  • restrict or object to how we use it;
  • receive a copy of your data in a portable format;
  • withdraw consent at any time.

To exercise any of these, email hello@punditpilot.com. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk.

Cookies

We keep cookies to a minimum. We use only those strictly necessary to run the site and keep you signed in. We do not use third-party advertising cookies. If we add analytics in future, we will update this policy and seek consent where required.

Changes to this policy

We may update this policy as the product develops. We will change the “last updated” date above when we do, and for material changes we will tell customers directly.