Privacy policy

Kabaddiadda ("we", "us", "our") operates the website at kabaddiadda.in and the related platform that lets organisers run kabaddi tournaments and lets fans follow them. We are the data fiduciary (controller) responsible for your personal data when you use this service.

Questions about this policy or about your personal data should be sent to support@kabaddiadda.in.

We collect the following categories of personal data:

• Account data. Email address, password (hashed — we never see the plaintext), full name, role (fan / organiser / superadmin), and the league you belong to.
• Profile data. Optional fields you add — phone, avatar, preferences.
• Content you create. Tournament names, team names, player rosters, match events, and any other data you enter as an organiser.
• Payment data. When you subscribe to a paid plan, our payment partner Razorpay processes your card / UPI / bank details. We never see or store your card number; we only retain the transaction ID, amount, and status.
• Usage data. Pages you visit, actions you take, approximate geographic location derived from your IP address, browser and device type. Collected via PostHog (our product analytics tool) and Vercel Web Analytics (anonymous aggregate metrics).
• Communications. Messages you send us via the feedback widget, support email, or any contact form.
• Technical data. IP address, user agent, and basic request metadata when you visit the site.

We use your data to:

• Run the service — let you log in, save your tournaments, score matches, etc.
• Process payments and issue invoices (only for organisers on paid plans).
• Send service emails — password resets, billing receipts, important product changes. We do not send marketing emails without your consent.
• Improve the product — analyse which features are used, fix bugs, plan roadmap.
• Respond to support requests and abuse reports.
• Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal data. We share specific data with the third parties listed below, only to the extent needed to provide the service:

• Supabase. Our database and authentication provider — stores your account and all platform data. Hosted in their Mumbai (ap-south-1) region.
• Vercel. Our hosting provider — runs the web application and stores anonymous traffic metrics (Vercel Web Analytics).
• PostHog. Our product analytics tool — receives your page-view events with IP address and approximate location to help us understand product usage. Hosted in the US.
• Razorpay. Our payment processor — receives card / UPI details when you subscribe. We never see those details ourselves.
• Google Fonts. Loaded directly from Google to render custom fonts. Your IP is visible to Google when this happens.

We may disclose your data to law enforcement or regulators if compelled by a valid legal process under Indian law.

We use cookies and localStorage for: keeping you logged in (Supabase auth session), remembering your theme preference, and analytics (PostHog session cookies). We do not use third-party advertising or cross-site tracking cookies.

You can clear cookies from your browser settings at any time. Doing so will log you out and reset preferences.

We keep your personal data as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we are required to retain certain records by law (for example, GST-related invoices are kept for 7 years).

Anonymous analytics data may be retained for longer in aggregate form for product improvement.

Under India's Digital Personal Data Protection Act 2023, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate or incomplete data.
• Request deletion of your personal data (subject to legal retention requirements).
• Withdraw consent for processing that relies on consent.
• Nominate someone to exercise these rights on your behalf if you are unable to.
• File a complaint with the Data Protection Board of India.

To exercise any of these rights, email support@kabaddiadda.in from your registered address. We respond within 30 days.

The service is not directed at children under 18. We do not knowingly collect personal data from minors. If you believe a child has provided us data, please contact us and we will delete it.

The service is operated from India. If you access it from outside India, your data is transferred to and stored in India and other locations where our service providers operate (notably the US for PostHog). By using the service, you consent to this transfer.

We use industry-standard security: TLS for all traffic, hashed passwords, row-level security in the database, and minimum-privilege access for our team. No system is perfect — if you discover a vulnerability, please report it to support@kabaddiadda.in and we will respond responsibly.

We may update this policy as the product or laws evolve. Material changes will be announced via a notice on the site and an email to registered users. The "Last updated" date at the top of this page reflects the most recent change.