the fieldhouse
Start free

Legal

Privacy Policy

Effective April 22, 2026 · Policy version 2026.04.22

Draft for legal review.This page reflects how The Fieldhouse actually handles data today, but it has not yet been reviewed by counsel. Have an attorney review and tailor it before public launch.

The Fieldhouse helps school and community sports teams run their season — schedules, RSVPs, and sponsor spotlights. We try to collect as little personal information as possible, and we do not collect any school records of any kind.

What we collect

From the adult who signs up

  • Email address and a name you provide.
  • A password, stored as a salted bcrypt hash. We never see the plaintext.
  • Date of birth, used only to confirm you’re 18 or older.
  • Standard server logs (IP, user-agent, request paths) for security and debugging.

From parents about their children

  • Each child’s name and date of birth, supplied by the parent.
  • The teams the child joins, plus the parent’s RSVPs on each event.
  • A consent record per child, capturing the parent account, the policy version shown at consent time, and the IP and user-agent of the consent action. See our COPPA & consent page for more.

From organizations (clubs, schools)

  • Organization name, type, and the team(s) created under it.
  • Branding the team uploads (logo, colors, font choice).
  • Locations the team adds (name, address, optional notes).
  • For paid plans: a license key issued by our parent site Metahuman Network (metahuman.network). We never see card numbers — billing is handled by Metahuman Network, whose payment processor (Stripe) stores card data on their systems, not ours.

What we do not collect

  • Grades, GPA, transcripts, or any educational records.
  • Class rosters or anything sourced from a school information system.
  • Health records or medical information.
  • Social-security numbers, government IDs, or financial account numbers.
  • Children’s contact information beyond what a parent provides about their own child.

How we use what we collect

  • To run the calendar, RSVPs, rosters, and team pages you signed up for.
  • To activate and heartbeat a license key issued by Metahuman Network for paid plans (no card data passes through Fieldhouse).
  • To send transactional email (sign-up confirmations, password resets, event reminders if you opt in).
  • To detect and respond to abuse, fraud, and security incidents.
  • To comply with legal obligations.

We do not sell personal information. We do not run advertising on The Fieldhouse and we do not allow third-party advertising trackers.

Who we share data with

We use a small set of vendors to operate the service. Each is bound by their own data-protection terms.

  • Self-hosted server — application hosting (US data center, Ubuntu 24.04).
  • Postgres — primary database (running on the same server).
  • Metahuman Network (metahuman.network, our parent company) — issues and validates license keys for paid plans and sponsor placements. Metahuman Network uses Stripe as its payment processor; Fieldhouse never receives or stores card data.
  • Resend — transactional email delivery.

We may disclose information when required by law, to enforce our Terms, or to protect the rights, property, or safety of users.

Where data is stored

Application data is stored in the United States. Logos are stored publicly readable so they can appear on team calendar pages.

Retention & deletion

  • You can delete your account, your children’s profiles, your team, or your organization at any time from the app.
  • When you delete a child, we delete their RSVPs and roster links. We retain the consent record (with name and email captured at consent time) for legal audit, separate from the live profile.
  • Deleted-account backups are purged on our standard rolling backup schedule (within 30 days).

Your rights

Depending on where you live, you may have rights to access, correct, port, or delete your personal information. Email privacy@thefieldhouse.app and we’ll respond within 30 days. You can do most of this directly from the app today.

Security

Passwords are stored as bcrypt hashes. Sessions use Auth.js JWTs signed with a secret kept out of the codebase. Database connections use TLS. We restrict access to production data to a small number of engineers and review access regularly.

Children

Children under 13 do not create their own accounts on The Fieldhouse. Parents and legal guardians manage their children’s profiles and RSVPs. See our COPPA & consent page for the full picture.

Changes

When we make material changes to this policy we’ll bump the policy version (shown at the top of this page) and notify account owners by email. Previous consent records remain tied to the policy version that was active when they were captured.

Contact

The Fieldhouse is operated by Metahuman Network LLC, based in Oregon, USA. For privacy questions or data requests, email privacy@thefieldhouse.app.

Built and run in Oregon by Metahuman Network. Questions? Email privacy@thefieldhouse.app.

See also: Privacy · Terms · COPPA & consent