Privacy Policy

Football Agent Mate

Last Updated: 12 July 2026 (revised)

Introduction

ELite Consulting Agency LLC (“we”, “us”, or “our”), a limited liability company registered in Wyoming, USA, operates the Football Agent Mate mobile application (the “App”) available on iOS and Android. Football Agent Mate is a trademark of ELite Consulting Agency LLC. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our App, and describes the rights available to you under applicable privacy law.

By downloading or using the App, you confirm that you have read and understood this Privacy Policy. If you do not agree with any part of it, please do not use the App.

This policy applies to users worldwide. Where local law grants you specific rights or imposes additional obligations on us, the relevant sections below address those requirements. We have designed this policy to comply with, among others:

  • The EU/UK General Data Protection Regulation (GDPR / UK GDPR)
  • The UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL)
  • Saudi Arabia's Personal Data Protection Law (PDPL KSA)
  • Apple App Store and Google Play privacy disclosure requirements

Who We Are

Football Agent Mate is a mobile application owned and operated by ELite Consulting Agency LLC, a limited liability company registered in Wyoming, USA. For all privacy-related inquiries or data subject requests, please contact us at:

Operator: ELite Consulting Agency LLC

Registered in: Wyoming, USA

Support email: support@footballagentmate.com

Legal enquiries: info@elite-consulting-agency.xyz

Website: https://www.footballagentmate.com/

Who This App Is For

Football Agent Mate is designed exclusively for professional football agents and sports industry professionals. The App is not intended for, and should not be used by, anyone under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has created an account, please contact us immediately and we will delete the account and any associated data.

Data We Collect

We collect data that you provide directly, data generated by your use of the App, and technical data collected automatically by our infrastructure and third-party services.

Note on future data collection: As the App evolves, we may collect additional categories of personal data — for example, additional profile fields (such as business address or professional certifications) or subscription and billing data. This Privacy Policy will be updated before any new category of data is collected, and where required by law you will be notified and asked to consent. We will never collect a new category of data silently.

1. Account and Identity Data

When you register or complete your agent profile, we collect:

  • Full name
  • Email address
  • Country of residence
  • Gender (optional; collected as male or female; stored privately and not displayed on your public profile)
  • Profile photograph (avatar)
  • Agency name (optional)
  • Years of experience (optional)
  • Short biographical text (optional)
  • FIFA licence number (stored privately; never displayed on your public profile)
  • Phone number (stored privately; never displayed on your public profile)
  • Whether you are WhatsApp-reachable on your phone number
  • FIFA registration status (the boolean “FIFA Registered” is displayed publicly as a badge; the licence number itself is not)

Note on gender data: Gender information is collected voluntarily to help personalise your experience. Under the GDPR and UAE PDPL, gender information when combined with other identifying data may be treated as personal data requiring explicit consent. By providing your gender, you explicitly consent to its collection and processing for the purposes described in this policy. You may update or remove this information at any time from your profile settings.

2. Player CRM Data (Your Private Records)

When you add players to your CRM, you provide and we store:

  • Player full name, date of birth, nationality, country of residence
  • Player gender (optional; collected as male or female)
  • Player photograph
  • Football details: position, preferred foot, current club, league country, estimated market value (EUR), Transfermarkt profile URL
  • Representation agreement dates
  • Club contract details and salary (EUR)
  • Player contact information: phone number, email address, WhatsApp number
  • Family and emergency contacts: name, relationship, phone number, email address
  • Player documents (e.g. passport scans, contracts, medical certificates) uploaded to Firebase Storage
  • Free-text notes you attach to a player record

This data is strictly private to your account. It is never shared with other users of the App. It is subject to Firestore security rules that grant read/write access only to the agent who created the record.

As noted in Section 3.3 of our Terms of Service, you act as an independent data controller for all player data you store, including player gender. You are responsible for ensuring you have a lawful basis — such as contractual necessity or explicit consent from the player — to collect and store their gender information.

3. Transfer Market Post Data

When you publish a market post, you choose which information to include. This may include:

  • Post type (Player Available or Need a Player)
  • Player position, nationality, age, league country, market value (EUR) or budget (EUR)
  • A description text you write
  • External links you choose to add (highlight reels, match footage)
  • Your own public agent profile (name, country, FIFA badge)

If you select “anonymous posting”, the player's photo, Transfermarkt link, external links, and the link to your CRM player record are automatically stripped before the post is saved. Only the data you explicitly choose to share is visible to other agents.

4. Messages

When you send or receive messages within the App, we store:

  • Message text content
  • Sender identity (your user ID)
  • Timestamp
  • A reference to the market post that originated the conversation (where applicable)

Messages are immutable — they cannot be edited or deleted after sending.

5. Authentication Data

We use Firebase Authentication to manage sign-in. Depending on the sign-in method you choose, we process:

  • Email address and hashed password (email/password sign-in)
  • Google account token and associated email (Google Sign-In)
  • Apple account token and associated email or anonymous relay email (Sign in with Apple)
  • Phone number (phone/SMS sign-in, if enabled)

6. Push Notification Token

We store your device's Firebase Cloud Messaging (FCM) token in a private, access-controlled subcollection of your user account. This token is never visible to other users and is used solely to deliver push notifications for new messages to your device. If the token becomes stale (device changed or notifications revoked), we delete it automatically.

7. Subscription and Billing Data (Future — Not Currently Collected)

The App is currently free. When paid subscription features are introduced, we will collect or receive through a third-party payment processor:

  • Subscription tier and status (e.g. free, monthly, annual)
  • Transaction identifiers and timestamps
  • Billing country and currency
  • Last four digits of payment card and card type (if applicable — received from the payment processor, never the full card number)
  • Payment processor customer or subscription ID

We will never store full payment card numbers, CVV codes, or bank account details. All payment processing will be handled by a PCI-DSS compliant third-party payment processor. We will receive only the tokenised billing references and summary data needed to manage your subscription.

8. Device and Usage Data (Collected Automatically)

The following data is collected automatically by the Firebase SDKs integrated into the App:

Firebase ServiceData CollectedPurpose
Firebase AnalyticsApp instance ID, device model and OS version, screen views, session duration, general geographic region (derived from masked IP)Understanding how agents use the App; improving features
Firebase CrashlyticsCrash stack traces, device and OS information, Crashlytics Installation UUIDDiagnosing and fixing bugs
Firebase Performance MonitoringApp startup time, HTTP request latency and response codes (excluding body content), device model, OS versionMonitoring and improving App performance
Firebase Remote ConfigApp version, platformDelivering feature flags and configuration
Firebase App CheckDevice attestation tokensPreventing abuse and unauthorised API access
Firebase AuthenticationAuth-related identifiers as described aboveIdentity management
Cloud FirestoreUser IDs included with authenticated requestsEnforcing access control rules

Firebase Performance Monitoring is disabled in debug builds and active only in production releases. Analytics and Crashlytics collection can be disabled at the application layer for GDPR opt-out purposes.

How We Use Your Data

We use your data for the following purposes and on the following legal bases:

PurposeLegal Basis (GDPR)PDPL Basis
Creating and managing your accountPerformance of contractContractual necessity
Collecting and storing agent gender informationExplicit consentExplicit consent
Collecting and storing player gender information (CRM)Explicit consent (yours, as data controller for your players)Explicit consent
Providing the Player CRMPerformance of contractContractual necessity
Publishing and displaying market posts you createPerformance of contractContractual necessity
Delivering real-time messages between agentsPerformance of contractContractual necessity
Sending push notifications for new messagesPerformance of contract / Legitimate interestsContractual necessity
Diagnosing crashes and fixing bugs (Crashlytics)Legitimate interestsLegitimate interests
Monitoring App performance (Firebase Performance)Legitimate interestsLegitimate interests
Analysing aggregate usage to improve the App (Analytics)Legitimate interestsLegitimate interests
Enforcing our Terms of Service and preventing abuseLegitimate interests / Legal obligationLegal obligation
Complying with applicable laws and responding to legal requestsLegal obligationLegal obligation
Displaying your public agent profile to other authenticated agentsPerformance of contractContractual necessity
Enforcing remote configuration (e.g. app version gating)Legitimate interestsLegitimate interests
Managing your subscription and processing payments (future)Performance of contractContractual necessity

We do not use your personal data for advertising, behavioural profiling, or sale to third parties.

Data Sharing and Disclosure

We do not sell your personal data. We share data only as described below.

With Other App Users

The following information is visible to other authenticated football agents within the App:

  • Your public agent profile: full name, profile photograph, country, agency name, bio, years of experience, and FIFA Registered status (badge only)
  • Market posts you publish (including the information you chose to include, subject to your anonymity settings)
  • Messages you send within a conversation (visible only to the two participants in that conversation)

Your phone number, email address, and FIFA licence number are never shared with other users.

With Our Service Providers

We use the following third-party services to operate the App. Each acts as a data processor under an agreement with the applicable provider:

ProviderServiceData SharedLocation
Google LLC (Firebase)Authentication, database (Firestore), file storage, push notifications (FCM), analytics, crash reporting, performance monitoring, app check, remote configSee Firebase section aboveData stored in EU (eur3 — Belgium)
Apple Inc.Sign in with Apple (iOS)Authentication tokens, emailUnited States
Google LLCGoogle Sign-InAuthentication tokens, emailUnited States

Our Firestore database is located in the eur3 (European multi-region, Belgium) region. All data at rest is stored within the European Union.

For Legal Reasons

We may disclose your data if required to do so by law, court order, or governmental authority, or where we believe in good faith that disclosure is necessary to protect the rights, property, or safety of ELite Consulting Agency LLC, our users, or the public.

In Connection With a Business Transfer

If ELite Consulting Agency LLC undergoes a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

International Data Transfers

The App is operated from the UAE, and our primary data infrastructure (Firebase) is hosted in the EU (eur3). When data is transferred between regions — for example, when you use Google Sign-In (processed in the United States) — we rely on Google's standard contractual clauses and its status as a provider with approved safeguards under applicable data protection law.

If you are located in the EU or UK, transfers to the United States are covered by Google's data processing agreements incorporating EU Standard Contractual Clauses.

If you are located in the UAE, we comply with Article 26 of the UAE PDPL regarding cross-border transfers by ensuring receiving parties offer an adequate level of protection equivalent to UAE standards.

Data Retention

We retain your data for as long as your account is active or as long as necessary to provide the services you have requested.

Data TypeRetention Period
Account and profile dataUntil account deletion
Player CRM recordsUntil manually deleted by you, or until account deletion
Market postsUntil closed or expired and then deleted at account deletion
MessagesUntil account deletion (conversations persist between participants; upon deletion of your account, your messages remain but are disassociated from your profile)
Firebase Crashlytics data90 days (Google's default retention)
Firebase Analytics data14 months (Google's default retention; configurable)
Firebase Performance data90 days (Google's default retention)
FCM push notification tokensUntil the token becomes stale (auto-deleted) or until account deletion
Subscription and billing records (future)For the duration of your subscription plus 7 years, as required by applicable financial record-keeping law

When you delete your account, we perform a sequential deletion of: (1) your Firebase Storage files (profile photo, player photos, documents), (2) your Firestore user document and all subcollections, and (3) your Firebase Authentication record. Storage and Firestore deletion failures are logged as non-fatal errors but do not prevent account deletion from completing.

Your Rights

Depending on your location and applicable law, you may have the following rights in relation to your personal data:

RightDescription
AccessRequest a copy of the personal data we hold about you
RectificationRequest correction of inaccurate or incomplete data
ErasureRequest deletion of your personal data (you can also delete your account directly from the App's Settings screen)
RestrictionRequest that we restrict processing of your data in certain circumstances
PortabilityReceive your data in a structured, commonly used, machine-readable format
ObjectionObject to processing based on legitimate interests
Withdraw ConsentWhere processing is based on consent, withdraw that consent at any time without affecting the lawfulness of prior processing

UAE PDPL Rights: If you are a UAE data subject, you have the rights listed above under Federal Decree-Law No. 45 of 2021, including the right to access your data, correct inaccuracies, object to processing, and request deletion. We will respond to verified requests within 30 days.

GDPR / UK GDPR Rights: If you are located in the EU or UK, you have the rights listed above and the right to lodge a complaint with your local supervisory authority (for EU users: your national data protection authority; for UK users: the Information Commissioner's Office at ico.org.uk).

To exercise any of these rights, contact us at support@footballagentmate.com. We may ask you to verify your identity before processing your request. We will respond within 30 days (or such shorter period as required by applicable law).

Most rights can be exercised directly within the App:

  • Edit profile data: Profile screen → Edit Profile
  • Delete player records: Player detail screen → Delete
  • Delete market posts: Post detail screen → Close / Delete
  • Delete your account: Settings screen → Delete Account

Device Permissions

The App requests the following device permissions:

PermissionPlatformPurpose
Photo LibraryiOSSelecting player photos, market post images, and profile pictures
Face ID / Touch IDiOSOptional app-lock re-authentication
Biometric (Fingerprint / Face Unlock)AndroidOptional app-lock re-authentication
Push NotificationsiOS & AndroidReceiving new message alerts

The App uses the system Photo Picker on Android (no READ_MEDIA_IMAGES permission required) and accesses the photo library on iOS for gallery image selection only. There is no in-app camera capture — the camera permission is not requested on either platform.

Security

We implement the following measures to protect your data:

  • All data in transit is encrypted using TLS/HTTPS
  • Data at rest in Firebase is encrypted by Google using AES-256
  • Firebase Authentication manages credential storage — passwords are hashed and never stored in plaintext
  • Sensitive credentials (auth tokens) within the App are stored in the device's secure enclave (flutter_secure_storage), not in unprotected local storage
  • Your private CRM data (players, documents, notes, family contacts) is protected by Firestore security rules that enforce owner-only access at the database level
  • Conversation messages are protected by participant-only Firestore security rules; messages cannot be updated or deleted by any party
  • FCM tokens are stored in a private subcollection isolated from your public user document
  • Firebase App Check prevents unauthorised API access from non-genuine App installations

No method of transmission or storage is 100% secure. If you become aware of a security vulnerability or a breach affecting your data, please contact us immediately at support@footballagentmate.com.

Third-Party SDKs and Services

The App integrates the following third-party SDKs that may collect device or usage data:

SDKProvider
Firebase Auth, Firestore, Storage, Analytics, Crashlytics, FCM, Performance, Remote Config, App CheckGoogle LLC
Google Sign-InGoogle LLC
Sign in with AppleApple Inc.

We do not integrate any advertising SDKs, ad networks, or data broker services. We do not use Apple's Advertising Identifier (IDFA) or Google's Advertising ID (GAID).

Analytics and Opt-Out

Firebase Analytics collects anonymised, aggregated usage data to help us understand how the App is used and improve it. This data is not linked to personally identifiable information beyond a random app instance ID.

To opt out of analytics collection:

  • On iOS: Go to your device Settings → Privacy & Security → Tracking and disable tracking for Football Agent Mate.
  • On Android: Go to your device Settings → Google → Ads and opt out of personalisation.
  • By deleting your account, all account-linked analytics data is disassociated.

Firebase Analytics GDPR opt-out support is wired into the App. If you are an EU/UK user and wish to disable analytics collection, contact us at support@footballagentmate.com and we will configure the opt-out for your account.

Children's Privacy

Football Agent Mate is not directed at children and is intended for use only by adults aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected personal data from a minor, we will take immediate steps to delete it. If you believe a child has used the App, please contact us at support@footballagentmate.com.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the “Last Updated” date at the top of this document
  • Notify you through the App or by email before the changes take effect (where required by law)

Your continued use of the App after the updated policy takes effect constitutes your acceptance of the revised terms. If you do not agree with the changes, you may delete your account at any time.

Contact Us

For any privacy-related questions, data subject requests, or concerns, please contact us at:

ELite Consulting Agency LLC

Support email: support@footballagentmate.com

Legal enquiries: info@elite-consulting-agency.xyz

Website: https://www.footballagentmate.com//contact

We aim to respond to all privacy enquiries within 5 business days and to fulfil data subject rights requests within 30 days (or such other period as required by applicable law).