FlaimFlaim

Privacy Policy

Last updated: February 20, 2026

How It Handles Your Data

Credentials Stay Here

ESPN/Yahoo credentials and Sleeper connection data are stored securely and never sent to the AI.

Your AI, Your Account

You use your own Claude, ChatGPT, or Gemini subscription. Flaim provides read-only league analysis context.

Solo Project

Built and maintained by one person. No investors, no growth pressure.

Overview

Flaim is a read-only fantasy sports analysis service for ESPN, Yahoo, and Sleeper leagues. This privacy policy explains how we collect, use, and protect your information when you use Flaim, the Flaim Chrome Extension, and the Flaim Fantasy service.

Information We Collect

Account Information

When you sign up for Flaim, we collect basic account information through our authentication provider (Clerk), including your email address and display name.

ESPN Credentials (Chrome Extension)

If you use the Flaim Chrome Extension, we collect your ESPN session credentials (SWID and espn_s2) when you explicitly click "Sync to Flaim" in the extension. These are session identifiers that allow us to fetch your fantasy league data from ESPN on your behalf.

  • SWID: A unique identifier for your ESPN account
  • espn_s2: A session token for accessing ESPN's fantasy APIs

We do not collect your ESPN username or password. The extension only reads session credentials that ESPN has already set in your browser.

Yahoo Credentials (OAuth)

If you connect a Yahoo account, we store OAuth refresh tokens issued by Yahoo through a standard authorization flow. These tokens allow us to fetch your Yahoo fantasy league data on your behalf. We do not collect your Yahoo username or password.

Sleeper Connection Data

If you connect Sleeper, we store your Sleeper username so we can look up your public league data through Sleeper's public API. We do not store a Sleeper password or token.

How We Use Your Information

We use your platform connection data (ESPN session credentials, Yahoo OAuth tokens, and Sleeper username) solely to:

  • Fetch your fantasy league rosters, scores, and standings
  • Provide analysis and recommendations for your fantasy teams
  • Display your league information within the Flaim application

We do not use your connection data for any other purpose.

Data Transmission and Storage

Transmission

All data is transmitted over HTTPS (TLS 1.2+), ensuring encryption in transit. The Chrome extension communicates exclusively with flaim.app over secure connections.

Storage

Your platform connection data is stored in our database (Supabase) with the following security measures:

  • Encryption at rest: AES-256 encryption for all stored data
  • Row-level security: Each user can only access their own data
  • Access controls: Database access is restricted to authenticated API calls

Data Retention

We retain your platform connection data only as long as needed to provide the service:

  • ESPN credentials: Retained until you disconnect, or automatically invalidated when ESPN expires them (typically ~30 days).
  • Yahoo tokens: Retained until you disconnect your Yahoo account. Tokens auto-refresh; revoking access in Yahoo immediately invalidates them.
  • Sleeper username: Retained until you disconnect Sleeper from your account.
  • Account data: Retained until you request deletion. Upon deletion, all stored credentials and league data are permanently removed within 30 days.
  • Remove credentials: Visit flaim.app/leagues to manage or remove your platform credentials.
  • Delete account: Contact us at privacy@flaim.app to request complete account deletion.

Third-Party Sharing

We do not sell, rent, or share your personal information or platform credentials with any third parties. Your data is used exclusively to provide Flaim's services to you. Our service providers (Clerk for authentication, Supabase for data storage) process data only as necessary to operate the service.

Your Rights

You have the right to:

  • Disconnect the extension at any time and remove stored credentials via flaim.app/leagues
  • Request a copy of your stored data
  • Request deletion of your account and all associated data

Platform Affiliation Disclaimer

Flaim is not affiliated with, endorsed by, or sponsored by ESPN, The Walt Disney Company, Yahoo, Sleeper, or any of their subsidiaries. ESPN is a trademark of ESPN, Inc. Yahoo is a trademark of Yahoo Inc. We access fantasy data with your explicit consent using the credentials you provide.

Children's Privacy

Flaim is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at privacy@flaim.app and we will promptly delete it.

Legal Compliance

If you are a resident of the European Economic Area (EEA), United Kingdom, or Switzerland, we process your data on the legal basis of your consent (provided when you connect your fantasy platform accounts) and our legitimate interest in operating the service. You have the right to access, correct, or delete your personal data, and to withdraw consent at any time by disconnecting your accounts.

If you are a California resident, you have the right under the California Consumer Privacy Act (CCPA) to request disclosure of the categories of personal information we collect, the purposes for collection, and to request deletion of your data. We do not sell personal information. To exercise these rights, contact us at privacy@flaim.app.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this privacy policy or your data, please contact us at: privacy@flaim.app