← Back to Home

Privacy Policy

Last updated: March 2026. Please check back for updates.

Information We Collect

When you use SponsorPilotHQ, we collect information that you provide directly to us, including:

  • Account information (email address, name, password)
  • Club details (club name, sport, location, contact information, club profile data)
  • Sponsorship and prospect data you enter into the platform
  • Communications between you and sponsors through the platform
  • Payment information processed securely through Stripe (we do not store card details)

When you connect third-party social media accounts, we also collect:

  • Social media Page/account identifiers and names
  • Access tokens required to post on your behalf (stored encrypted using AES-256-GCM)
  • Post identifiers and permalink URLs for content published through our platform

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Send you service-related communications
  • Generate AI-powered pitch content, meeting preparation materials, and sponsor communications
  • Publish approved content to your connected social media accounts on your behalf
  • Help you track and manage sponsor relationships
  • Process subscription payments
  • Respond to your comments, questions, and support requests

Social Media Integration

SponsorPilotHQ allows clubs to connect their social media accounts (currently Facebook Pages, with Instagram and other platforms planned) to publish approved sponsor content directly from the platform.

When you connect a social media account, we:

  • Request only the minimum permissions required to publish content and verify successful posting
  • Store access tokens in encrypted form (AES-256-GCM encryption) — we cannot read your token in plain text
  • Use your Page access token solely to publish content you have explicitly approved and to retrieve the published post URL as proof of delivery
  • Do not access your personal Facebook profile, private messages, friend lists, or any data beyond Page management
  • Do not sell, share, or transfer your social media access tokens or Page data to any third party

Facebook permissions we request:

  • pages_show_list — to display your Pages so you can select which one to connect
  • pages_manage_posts — to publish approved content to your connected Page
  • pages_read_engagement — to retrieve the published post URL after posting

You can disconnect your social media account at any time through Settings > Social Channels in the platform. Disconnecting immediately revokes our access and deletes the stored access token.

Data Storage

Your data is stored securely using Supabase, with servers located in Australia where possible. We implement industry-standard security measures including:

  • Row Level Security (RLS) on all database tables
  • Encrypted storage of sensitive credentials (social media tokens, API keys)
  • HTTPS encryption for all data in transit
  • Secure authentication via Google OAuth or email/password

Third-Party Services

We use the following third-party services to operate our platform:

  • Google — For secure authentication (OAuth) and local business discovery (Places API)
  • Supabase — For database, authentication, and file storage services
  • Anthropic (Claude AI) — For generating pitch content, meeting preparation materials, social media content, and sponsor communications
  • Resend — For sending transactional emails (pitch emails, notifications, invitations)
  • Stripe — For processing subscription payments securely
  • Meta (Facebook/Instagram) — For publishing approved content to connected club Pages
  • Firecrawl — For researching prospect business websites during sponsor discovery

Each of these services has their own privacy policy governing their use of your data. We only share the minimum data required for each service to function.

Data Deletion

Deleting your account:
You may request complete deletion of your account and all associated data by contacting us at hello@sponsorpilothq.com. We will process deletion requests within 30 days.

Deleting social media data (Facebook/Instagram):
You can remove your connected social media account at any time through Settings > Social Channels. This immediately:

  • Revokes our access to your Page
  • Deletes the stored access token from our database
  • Stops all scheduled and future posts to that account

If you remove SponsorPilotHQ from your Facebook account settings (facebook.com > Settings > Business Integrations), or if you contact us at hello@sponsorpilothq.com requesting deletion of your Facebook-related data, we will delete all stored Facebook data including Page tokens, Page identifiers, and posting history within 7 business days.

Deleting club data:
Club administrators can request deletion of all club data by contacting us at hello@sponsorpilothq.com.

Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (see Data Deletion section above)
  • Export your data in a portable format
  • Withdraw consent for data processing where applicable
  • Disconnect third-party social media accounts at any time

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised “Last updated” date.

Contact Us

If you have any questions about this Privacy Policy, our data practices, or to make a data deletion request, please contact us at hello@sponsorpilothq.com

© 2026 SponsorPilotHQ. All rights reserved.

SponsorPilotHQ is a product of Bora Trading Pty Ltd