Privacy Policy
Last updated: 9 May 2026 · Version 2.1
This Privacy Policy explains how GetInsyt ("we," "us," or "our") collects, uses, stores, and protects your personal information when you use our platform — including browsing the site, creating an account, purchasing content, and subscribing to our newsletter. We comply with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the CAN-SPAM Act.
1. Who We Are
GetInsyt is an online marketplace that connects sports analysts, scouts, and coaches ("Insyters") with clubs, agencies, and enthusiasts. Insyters publish premium scouting reports and sports intelligence content ("Insyts") as digital downloads, which buyers can purchase through the platform.
The platform is operated by LL Endeavors LLC, United States. For any privacy-related questions, contact us at info@getinsyt.com.
EU Representative (Article 27 GDPR)
As LL Endeavors LLC is established outside the European Economic Area, we have designated an EU representative for data protection matters. EU residents may contact our representative directly at info@getinsyt.com for any GDPR-related enquiries.
2. Data We Collect
2.1 Account Registration
| Data | Purpose |
|---|---|
| Email address | Account creation, authentication, transactional emails |
| Display name | Public profile shown to other users |
| Authentication tokens | Maintaining your login session securely |
| Account type | Determining buyer or creator access level |
2.2 Purchases
| Data | Purpose |
|---|---|
| Email address | Purchase confirmation, content delivery, purchase history |
| Payment details | Processed exclusively by our payment processor — we do not store card data |
| Transaction amount & content purchased | Order records, VAT compliance, dispute resolution |
| Account information embedded in purchased content | Purchased content may be personalised with your account information for security and anti-piracy purposes |
2.3 Creator Accounts
| Data | Purpose |
|---|---|
| Profile information | Public creator profile (name, bio) |
| Uploaded content | Scouting reports and associated files stored securely on our platform |
| Pricing and product data | Listing your content for sale |
| Terms acceptance records | Records of agreement to Creator T&Cs including timestamp and IP address |
2.4 Newsletter (Optional)
If you opt in during registration or via our newsletter form, we collect your email address to send platform updates and news. This is entirely optional and separate from your account or any purchases.
2.5 Technical Data
When you visit our website, standard technical data is collected by our hosting and infrastructure providers — including IP address, browser type, and pages visited. This data is processed for security and performance purposes.
2.6 Analytics (Consent-Based)
If — and only if — you accept analytics in our cookie banner, we use PostHog to understand how users interact with the platform. PostHog records anonymous events (pages viewed, buttons clicked, feature usage), browser and device metadata, and a randomly generated visitor ID. If you are signed in, your account ID and email may be associated with these events. No analytics data is collected before you grant consent. You can withdraw consent at any time via the cookie banner or by clearing your browser's local storage.
3. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Providing and operating the platform | Account data, session data | Contract performance |
| Processing purchases and delivering content | Email, payment data, transaction records | Contract performance |
| Sending transactional emails (login codes, purchase confirmations) | Email address | Contract performance |
| Creator content management | Creator profile, uploaded content, sales data | Contract performance |
| VAT and tax compliance | Transaction data, country of buyer | Legal obligation |
| Anti-piracy and content security | Account information embedded in purchased files | Legitimate interest |
| Sending our newsletter | Email address | Consent |
| Platform security and fraud prevention | Technical data, IP address | Legitimate interest |
| Understanding how users interact with the platform (product analytics via PostHog) | Pages viewed, content clicked, anonymous visitor ID, account ID and email if signed in | Consent |
We will never sell, rent, or trade your personal data to any third party for their own marketing purposes.
4. Legal Bases for Processing (GDPR)
If you are located in the EEA, United Kingdom, or Switzerland, we rely on the following legal bases under GDPR Article 6:
Contract Performance (Art. 6(1)(b))
Processing necessary to deliver the service — including account management, purchases, content delivery, and transactional emails such as login codes and purchase confirmations. You cannot opt out of this processing while using the platform.
Legal Obligation (Art. 6(1)(c))
Processing required to comply with applicable law — including VAT collection and reporting obligations under EU OSS (One-Stop Shop) rules.
Legitimate Interest (Art. 6(1)(f))
Processing for platform security, fraud prevention, and anti-piracy measures including embedding account information in purchased content. We have assessed that our legitimate interests are not overridden by your rights in these cases.
Consent (Art. 6(1)(a))
Processing for our optional newsletter and product analytics (PostHog). No analytics data is collected before you accept the cookie banner. You may withdraw consent at any time by unsubscribing or by changing your choice in the cookie banner. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
5. Service Providers & Sub-Processors
We use trusted third-party providers to operate the platform. All providers are bound by data processing agreements and are required to handle your data securely and in compliance with applicable law.
| Category | Purpose | Data Shared | Location |
|---|---|---|---|
| Authentication & database provider | User accounts, session management, data storage | Account data, purchase records, content metadata | EU / US |
| File storage provider | Secure storage of uploaded content and purchased files | Uploaded files, access logs | EU / US |
| Payment processor | Processing purchases and VAT collection | Email, transaction amount, country | US (SCCs in place) |
| Email delivery provider | Transactional emails and newsletter | Email address, subscription status | EU |
| Website hosting provider | Hosting and serving the platform | IP address, browser data | US (SCCs in place) |
| Workflow automation provider | Automated processing of orders and content delivery | Email, order data (transient) | EU |
| Tax compliance provider | EU VAT calculation and OSS reporting | Transaction amount, buyer country | US / EU |
| Product analytics provider (PostHog) | Understanding platform usage — only after explicit user consent | Anonymous events, page paths, browser metadata, account ID and email if signed in | United States (SCCs in place — see PostHog's Privacy Policy and DPA) |
6. International Data Transfers
As a US-based company serving EU users, some personal data is transferred outside the European Economic Area. Where this occurs, we ensure appropriate safeguards are in place including EU Standard Contractual Clauses (SCCs), the EU-US Data Privacy Framework where our providers are certified, and adequacy decisions where applicable.
You may request details of the specific safeguards in place by contacting us at info@getinsyt.com.
7. Newsletter
We offer an optional newsletter with platform updates, new content announcements, and news. Newsletter subscription is entirely separate from your account — you can have an account without subscribing, and you can subscribe without an account.
During account registration, you will see an optional, unchecked checkbox to subscribe to our newsletter. Consent is freely given, specific, and separate from any other agreement. Every newsletter email includes a one-click unsubscribe link. You may also email info@getinsyt.com to unsubscribe. Your email will be removed from our active mailing list within 30 days.
Note on transactional emails: Unsubscribing from the newsletter does not affect transactional emails required to deliver the service — such as login verification codes, purchase confirmations, and content delivery notifications. These are sent on the basis of contract performance, not consent.
8. Data Retention
| Data Category | Retention Period | Reason |
|---|---|---|
| Account data | Duration of account + 30 days after deletion request | Service provision |
| Purchase records | 7 years | Legal / tax obligation (VAT records) |
| Creator content | Duration of creator's account | Service provision |
| Creator T&C acceptance records | 7 years | Legal obligation / contractual records |
| Newsletter subscribers | Until unsubscription + 30 days | Consent-based — removed on withdrawal |
| Technical / server logs | Up to 90 days | Security and fraud prevention |
We retain purchase records for 7 years to comply with our EU VAT OSS reporting obligations and general accounting requirements.
9. Your Rights
If you are in the EEA, UK, or Switzerland (GDPR)
- Access — Request a copy of the personal data we hold about you
- Rectification — Request correction of inaccurate or incomplete data
- Erasure — Request deletion of your data, subject to legal retention obligations
- Restriction — Request that we limit how we process your data in certain circumstances
- Portability — Receive your data in a structured, machine-readable format
- Object — Object to processing based on legitimate interest
- Withdraw Consent — Unsubscribe from the newsletter or withdraw any consent-based processing at any time
- Lodge a Complaint — Contact your local data protection supervisory authority
If you are a California resident (CCPA)
- Right to know — Request what personal data we collect and how it is used
- Right to delete — Request deletion of your personal data
- Right to opt-out — We do not sell personal data
- Non-discrimination — We will not treat you differently for exercising your rights
To exercise any right, email info@getinsyt.com. We will respond within 30 days. We may need to verify your identity before processing your request.
10. Cookies, Local Storage & Analytics
Strictly Necessary
Our platform uses browser local storage (not traditional cookies) to maintain your login session. This is technically necessary to keep you logged in while using the platform and does not require your consent under ePrivacy rules.
Analytics (PostHog) — Opt-In
We use PostHog as our product analytics provider to understand how users interact with the platform. Analytics is off by default. The first time you visit, you will see a cookie banner with two options — Accept or Decline. No analytics data leaves your browser until you click Accept. Your choice is remembered in your browser's local storage.
Where we send your data: PostHog's servers in the United States. International transfer is covered by EU Standard Contractual Clauses signed with PostHog. See PostHog's Privacy Policy and PostHog's DPA for details.
What is collected (only after you accept): pages viewed, buttons clicked, feature usage, browser and device metadata, an anonymous visitor ID, and — if you are signed in — your GetInsyt account ID and email. Session recording is disabled.
To withdraw consent at any time, change your choice in the cookie banner, clear your browser's local storage for this site, or contact us at info@getinsyt.com.
We do not use advertising cookies and do not share analytics data with third parties for their own marketing purposes.
11. Data Security
We take appropriate technical and organisational measures to protect your personal data, including encryption of all data in transit via HTTPS/TLS, private access-controlled storage for purchased content, time-limited one-time authentication codes with no passwords stored, and restricted access to personal data on a need-to-know basis.
If you become aware of a security concern, please contact us immediately at info@getinsyt.com.
12. Children's Privacy
GetInsyt is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child under 16, please contact us immediately and we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy as our platform and data practices evolve. When we make material changes, we will update the "Last updated" date at the top of this page and notify registered users via email.
14. Contact & Complaints
LL Endeavors LLC (GetInsyt)
Email: info@getinsyt.com
Website: www.getinsyt.com
EU Representative (Art. 27 GDPR)
Germany:
Kleine Löbingsgasse 6,
69121 Heidelberg
Email: info@getinsyt.com
If you are located in the EU and are unsatisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority. In Ireland, this is the Data Protection Commission (DPC).