Skip to content
Legal

Privacy Policy

Last updated: 2026-05-24

Plain English, on purpose. Here’s what we collect, why, who sees it, and the choices you have.

The short version

  • • We collect what’s needed to run your organization’s sports programs, and no more.
  • • We don’t sell your data, and we don’t share it for advertising.
  • • Card numbers never touch our servers. Our payment processor handles them.
  • • Children’s information is collected through parents and organizations, and parents can review or delete it.
  • • Texts are opt-in; reply STOP to stop. You can export or delete your data on request.

1. Who we are

Midfield is a household-native sports management platform operated by Midfield HQ, Inc. (“Midfield,” “we,” “us”). We provide registration, payments, rosters, communications, forms, and reporting tools to clubs, leagues, teams, tournaments, and state associations (each, an “organization”) and to the families they serve.

This policy explains what personal information we handle, why, and the choices you have. Questions? Email privacy@midfieldhq.com.

2. Who controls your data

For information an organization puts into Midfield about its members (households, players, registrations, payments, forms), the organization decides how that data is used, and Midfield processes it on the organization’s behalf (we act as its “processor” or “service provider”). Our handling of that data is governed by our Data Processing Addendum at /legal/dpa.

For information we collect directly (your account, our own communications with you, website usage, and marketing), Midfield is the controller, and this Privacy Policy applies.

3. What we collect

Depending on how you use Midfield, we may collect:

  • Account info: name, email, phone number, password, role, and the organization(s) you belong to.
  • Household & player info: guardians and the children in a household, dates of birth / age group, jersey or roster details, and emergency contacts.
  • Payment info: handled by our payment processor. Midfield stores a tokenized reference and transaction records, not full card numbers.
  • Forms & sensitive fields: waivers, consents, and optional medical or accommodation fields. Sensitive fields are opt-in per record and shared only with the people a household chooses.
  • Safety records: SafeSport status and background-check status for staff and coaches who work with children.
  • Communications: the content of messages, emails, and notifications you send or receive through Midfield, and your communication preferences.
  • Usage & device data: log data, device and browser type, IP address, and basic analytics about how the product is used.
  • Cookies & similar technologies: used to keep you signed in, remember preferences, and understand usage (see Section 11).

4. How we use it

We use personal information to:

  • Provide and operate the platform: create accounts, process registrations and payments, build rosters and schedules, and deliver communications.
  • Support safety: track SafeSport and background-check status and surface expirations to the right administrators.
  • Communicate with you: service messages, receipts, reminders, and (with your consent) product or marketing messages (see Section 6).
  • Provide support, and improve and secure the product: troubleshoot, prevent fraud and abuse, and understand and improve how Midfield works.
  • Meet legal obligations: tax, accounting, audit, and responding to lawful requests.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

5. Communications: email, push, and text messages

Midfield reaches you through several channels. You control most of them.

Email. We send service emails (sign-in links, receipts, schedule and roster updates, account notices) and, if you opt in, product and marketing emails. Every marketing email has an unsubscribe link. Service emails tied to your account or a transaction will continue even if you unsubscribe from marketing.

In-app & push notifications. If you use the Midfield app, we may send push notifications (for example, a new message or a payment reminder). You can turn these off in your device settings.

Text messages (SMS/MMS). With your consent, Midfield and the organizations you belong to may text you. Two kinds: (1) transactional/service texts, such as sign-in codes, payment receipts, and schedule, roster, or payment alerts; and (2) promotional/marketing texts about Midfield, which we send only with your express prior consent.

  • Consent: by giving us your mobile number and opting in, you agree to receive the texts described above at that number, including messages sent by automated systems. Consent to marketing texts is not a condition of using Midfield or registering for any program.
  • Opt out anytime: reply STOP to any text to stop further messages; reply HELP for help. Opting out of marketing texts does not stop essential service texts tied to your account or a transaction unless you opt out of those separately or close your account.
  • Frequency varies by your activity and the organizations you belong to. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages.
  • We do not share your mobile number with third parties for their own marketing.

6. How we share information

We share personal information only as needed to run the service:

  • With your organization: the club, league, team, or association you belong to (and its authorized administrators), according to their role-based access.
  • With service providers (sub-processors): vendors that help us operate, described by category: payment processing, email delivery, text-message delivery, cloud hosting and database, object storage and content delivery, push notifications, and product analytics. They may use your data only to provide services to us. A current list of named sub-processors is available on request at privacy@midfieldhq.com, and is also addressed in our DPA at /legal/dpa.
  • For legal and safety reasons: to comply with law, enforce our terms, or protect the rights, safety, and property of users, the public, or Midfield.
  • In a business transfer: if Midfield is involved in a merger, acquisition, financing, or sale of assets, personal information may transfer as part of that transaction; we will require the recipient to honor this policy or notify you of any material change.
  • With your direction or consent: anything else you ask us to share.

7. Children’s privacy

Midfield is used by organizations and parents to manage children’s participation in sports, so we handle children’s information by design, carefully.

  • Accounts for adults. Midfield accounts are created and managed by adults: a parent or guardian, or an organization’s staff. We do not knowingly allow children under 13 to create their own accounts or to provide us information directly without a parent, guardian, or authorizing organization.
  • Why we collect it. We collect a child’s information (such as name, age group, and emergency or medical details a household chooses to provide) to deliver the service the parent or organization has asked for: registering and rostering that child for a program.
  • Parental rights. A parent or guardian can review their child’s information, ask us to correct or delete it, and refuse further collection by contacting privacy@midfieldhq.com or their organization’s administrator. Deleting a child’s record may end that child’s ability to participate through Midfield.
  • Consent (COPPA). Where required, organizations and parents are responsible for providing the consent needed to collect and use a child’s information through Midfield. We support organizations in meeting these obligations.
  • School-affiliated programs. If your program is run by or for a school, additional rules (such as FERPA) may apply; in that case the school or organization directs how student data is used.

8. How long we keep it

We keep personal information for as long as your account or your organization’s account is active, and afterward only as needed to meet legal, tax, accounting, audit-integrity, and dispute obligations. Some records (for example, an append-only audit trail of sensitive actions) are retained to preserve their integrity. You can request export or deletion as described below.

9. Your rights and choices

Everyone can ask us to access, correct, export, or delete personal information we hold about you, and can opt out of marketing messages. To make a request, email privacy@midfieldhq.com. We honor data export and deletion requests within 30 days where we are able, subject to legal limits. If your data sits inside an organization’s account, we may direct your request to that organization or act on its instructions.

California (CCPA/CPRA): California residents have the right to know, access, correct, and delete personal information, and to opt out of “sale” or “sharing” of personal information. We do not sell personal information and do not share it for cross-context behavioral advertising. We will not discriminate against you for exercising your rights.

EEA / UK (GDPR): if you are in the European Economic Area or the United Kingdom, you have rights to access, rectify, erase, restrict, and port your data, and to object to certain processing. Our legal bases are performance of a contract, your consent (for example, marketing), our legitimate interests in operating and securing the service, and compliance with law. You may lodge a complaint with your local data protection authority.

To exercise any of these rights, contact privacy@midfieldhq.com. We may need to verify your identity first.

10. How we protect it

We encrypt data in transit, isolate each organization’s data from every other organization, and keep card data with our payment processor so card numbers never touch our servers. Sensitive actions are written to an audit trail we cannot quietly edit. More detail is on our Trust & Security page at /security. No system is perfectly secure, but we work to protect your information and to notify the right people promptly if something goes wrong.

11. Cookies, analytics, and international data

We use cookies and similar technologies to keep you signed in, remember preferences, and understand product usage. You can control cookies through your browser; some features may not work without the essential ones.

Midfield is operated from the United States, and personal information is processed there. If you access Midfield from outside the U.S., you understand your information is transferred to and processed in the U.S.; where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for international transfers.

12. Changes to this policy

We may update this policy as the product and the law evolve. We will post the new version here with a new “last updated” date, and for material changes we will give notice (for example, by email or an in-app notice) before they take effect.

13. Contact us

Privacy questions or requests: privacy@midfieldhq.com.

Midfield HQ, Inc.
390 NE 191st St STE 71692, Miami, FL 33179

See also our Terms of Service, Data Processing Addendum, and Trust & Security page.