Legal

Privacy Policy

This Privacy Policy explains how Maidan Play Private Limited handles personal data across the Maidan Play app, platform, academies, venues, tournaments, and related services.

1. Introduction and Scope

This Privacy Policy describes how Maidan Play Private Limited collects, uses, stores, processes, and discloses personal data of users in connection with:

  • the Company’s mobile application made available on app distribution platforms, including but not limited to the Google Play Store and Apple App Store;
  • the Company’s platform for management and operation of sports turfs, academies, matches, tournaments, and related activities; and
  • any offline interactions, registrations, or engagements with the Company through affiliated academies, turf partners, or events.

This Policy applies to all Users, including players, parents and/or legal guardians, coaches, and other individuals interacting with the Company’s services in accordance with this Policy and applicable laws, including the Digital Personal Data Protection Act, 2023.

Where the User is a minor, meaning below the age of eighteen years, the Company processes such minor’s personal data strictly on the basis of verifiable consent provided by the minor’s parent or legal guardian through a one-time password based authentication mechanism.

By accessing or using the App or services, or by providing personal data, You, and where applicable Your Guardian, agree to the collection and processing of personal data in accordance with this Policy. If You do not agree with this Policy, please do not access or use the services.

2. Definitions

For the purposes of this Policy, the following terms shall have the meanings ascribed below:

2.1. Applicable Law

Applicable Law means all applicable laws, rules, and regulations in force in India, including the Digital Personal Data Protection Act, 2023 and rules made thereunder.

2.2. App

App means the mobile application operated by the Company and made available on app distribution platforms, including but not limited to the Google Play Store and Apple App Store.

2.3. Personal Data

Personal Data means any data about an individual who is identifiable by or in relation to such data, including but not limited to name, date of birth, contact details, address, and any other information provided to the Company.

2.4. Sensitive Personal Data

Sensitive Personal Data means Personal Data which is of a sensitive nature, including but not limited to health-related information such as blood group, medical conditions, allergies, or any other information that may impact a User’s physical well-being.

2.5. Minor

Minor means a natural person who has not completed eighteen years of age.

2.6. Guardian

Guardian means the parent or lawful guardian of a Minor who provides verifiable consent on behalf of such Minor for the processing of Personal Data.

2.7. Guardian Consent

Guardian Consent means consent provided by a Guardian through an OTP-based verification mechanism or such other verifiable means as may be implemented by the Company.

2.8. User

User means any individual who accesses, registers on, or interacts with the App or services, including Players, Guardians, coaches, and other participants.

2.9. Player

Player means a Minor or individual registered on the App or through the Company’s services for participation in sports activities, academies, or tournaments.

2.10. Public Content

Public Content means any content, including but not limited to photographs, videos, match recordings, reels, performance statistics, leaderboards, and related information, that may be made publicly accessible through the App, social media platforms, or other public channels.

2.11. Processing

Processing means any operation or set of operations performed on Personal Data, including collection, storage, use, sharing, disclosure, or deletion.

3. Categories of Personal Data Collected

The Company collects the following categories of Personal Data in connection with the use of its App and services.

3.1. Player Information

The Company collects the following Personal Data relating to Players:

  • Full Name
  • Date of Birth
  • Age
  • Gender
  • School Name
  • Residential Address
  • Pincode
  • Mobile Number

This information is used to create and manage Player profiles, enable participation in sports activities, and facilitate communication and coordination.

3.2. Guardian Information

In the case of Players who are Minors, the Company collects the following Personal Data relating to the Guardian:

  • Full Name
  • Relationship with the Player
  • Contact Number
  • Email Address

This information is used for obtaining verifiable Guardian Consent, communication, and ensuring the safety and well-being of the Player.

3.3. Health and Safety Information

The Company collects the following health-related information:

  • Blood Group
  • Information relating to allergies or medical conditions

Such information is collected for safety purposes, including emergency response and appropriate care during sports activities. Access to such Sensitive Personal Data is strictly restricted to authorised personnel, including coaches and designated support staff, on a need-to-know basis.

3.4. Performance and Activity Data

The Company may collect and generate data relating to a Player’s participation in activities, including:

  • Match participation details
  • Performance statistics
  • Scores, rankings, and leaderboard positions
  • Training and activity records
  • participation in tournaments, leagues, and competitive events conducted or facilitated by the Company, including match statistics and team performance data.
  • in the case of Players enrolled in academy programmes, periodic written or digital progress reports.

Progress Reports may include attendance records, skill assessments, coach observations, physical development milestones, and recommended areas for improvement.

Progress Reports are generated only for Players enrolled in academy programmes; are shared exclusively with the Player’s Guardian; are accessible only to the Player’s assigned coach(es), authorised Company personnel, and the Guardian; constitute Personal Data and are subject to the same protections, retention policies, and access controls as set out in this Policy; and shall not be shared across partner academies or with third parties without explicit consent of the Guardian, except where required for participation in inter-academy programmes operated by the Company.

The User and/or Guardian acknowledges and agrees that data relating to match participation details, performance statistics, scores, rankings, leaderboards, tournament participation, and team performance may be displayed within the App, website, social media, and similar channels, and may be publicly visible to other Users as part of the Platform’s features, subject to applicable consent.

Training and activity records, including Progress Reports, shall be treated as restricted information and shall not be publicly accessible, except where expressly consented to by the User and/or Guardian.

3.5. Media and Content Data

The Company may collect, create, or process:

  • Photographs
  • Videos of matches, training sessions, and events
  • Reels and edited media content
  • Team photographs and tournament-related content

Such data may be used for internal purposes as well as shared as Public Content, including social media platforms such as Instagram, Facebook, and other digital channels, subject to separate consent obtained from the User and/or Guardian. Such data shall be processed in accordance with the consent obtained under Clause 4.3.

3.6. Technical and Usage Data

The Company may automatically collect certain technical information when the App is used, including:

  • Device type
  • Operating system
  • App usage data and interaction logs

Such data is used to improve functionality, performance, and user experience of the App.

3.7. Mandatory Nature of Data Collection

The Personal Data specified under Clauses 3.1, 3.2, and 3.3 is mandatory for the provision of services. Failure to provide such information may result in inability to access or use certain features of the App or participate in activities.

3.8. Data Minimisation

The Company collects only such Personal Data as is necessary, relevant, and proportionate for the purposes set out in this Policy and does not knowingly collect excessive or unrelated Personal Data.

3.9. Booking and Participation Data

The Company may collect and maintain data relating to bookings and usage of facilities, including:

  • turf or facility bookings;
  • session participation records;
  • time, location, and duration of usage; and
  • associated user and guardian details.

Such data is used for scheduling, coordination, service delivery, and operational management of the Platform.

4. Legal Basis and Consent

4.1. Basis of Processing

The Company processes Personal Data on the basis of consent obtained from Users and, where applicable, their Guardians, in accordance with Applicable Law.

By registering on the App or otherwise providing Personal Data, You consent to the collection, use, storage, and processing of such Personal Data for the purposes set out in this Policy.

4.2. Guardian Consent for Minors

In the case of a Minor, the Company processes Personal Data only upon obtaining verifiable consent from the Minor’s Guardian.

Such consent is obtained through a one-time password based verification mechanism on the Guardian’s registered contact details.

The Guardian represents and warrants that they are the lawful parent or guardian of the Minor; they have the authority to provide consent on behalf of the Minor; and all information provided is accurate and complete.

The Company shall not be responsible for verifying the authenticity of the Guardian beyond the OTP-based verification mechanism.

4.3. Separate Consent for Media and Public Content

The creation, use, and dissemination of Media and Public Content shall be subject to separate, explicit, and granular consent obtained from the User and/or Guardian through clearly identifiable opt-in mechanisms.

Users and/or Guardians shall have the option to grant or withhold consent, and such consent shall not be pre-selected by default.

4.4. Separate Consent for Promotional and Advertising Use

The Company may separately seek consent from the User and/or Guardian for the use of photographs, videos, reels, match footage, or related media content featuring Players for promotional, advertising, marketing, or sponsored campaigns on social media platforms and digital channels.

Such consent shall be separate from consent for internal or organic publication of content; optional in nature; and capable of being withdrawn prospectively at any time.

The Company shall take reasonable steps to ensure that promotional content involving Minors is age-appropriate and compliant with applicable platform policies and Applicable Law. Where feasible, the Company may avoid the use of directly identifiable information of Minors in promotional campaigns.

4.5. Withdrawal of Consent

Users and/or Guardians may withdraw their consent at any time by contacting the Company or through such mechanisms as may be made available within the App.

Withdrawal of consent shall not affect the lawfulness of processing carried out prior to such withdrawal. However, withdrawal may result in restriction or inability to access certain features or services, and where Personal Data has already been shared as Public Content, the Company may not be able to control or prevent further dissemination by third parties.

4.6. Deemed Acceptance of Policy

By accessing or using the App, Users, and where applicable their Guardians, acknowledge that they have read, understood, and agreed to this Policy.

4.7. Minor Data Handling

The Company does not knowingly collect or process Personal Data of Minors without obtaining verifiable Guardian Consent.

Minors are permitted to access and use the Platform only under the supervision of, and with the consent of, their parent or legal guardian.

If the Company becomes aware that Personal Data of a Minor has been collected without verifiable Guardian Consent, it shall take reasonable steps to delete such data or obtain appropriate consent in accordance with Applicable Law.

4.8. Minor Accounts and Guardian-Linked Access

The Company may provide a mechanism for the creation of a separate account or login credentials for a Minor, which shall be linked to and controlled by the Minor’s Guardian.

Creation and activation of a Minor Account shall be subject to prior verifiable Guardian Consent, which may be obtained through an OTP-based authentication mechanism or such other verification process as may be implemented by the Company.

The Minor may be permitted to access and use the Minor Account for limited purposes, including viewing participation details, performance data, and other features made available by the Company, subject to the permissions and controls set by the Guardian.

5. Purpose of Processing of Personal Data

5.1. Purpose-wise Processing

Category of Personal Data
Purpose of Processing
Player Information (Name, Date of Birth, Age, Gender, School, Address, Pincode, Mobile Number)
To create and manage Player profiles, enable participation in sports activities, facilitate scheduling, communication, and coordination with Players and Guardians.
Guardian Information
To obtain verifiable Guardian Consent, communicate important information, and ensure safety and accountability for Minor Players.
Health and Safety Information (Blood Group, Allergies, Medical Conditions)
To ensure Player safety, enable emergency response, and provide appropriate care during training, matches, and events.
Media and Content Data (Photos, Videos, Reels, Tournament Content)
To create, publish, and promote sports activities, events, and Player participation, subject to separate consent.
Technical and Usage Data
To maintain, improve, and optimise the performance, functionality, and security of the App.
Performance and Activity Data (including Progress Reports for academy-enrolled players)
To track player performance, generate statistics, provide structured feedback to Guardians, and improve training outcomes.
Tournament and Booking Data
To manage participation in tournaments, schedule activities, facilitate bookings, and ensure efficient operation of sports facilities.

5.2. Use of Public Content

Where separate consent has been obtained, the Company may use Media and Performance Data as Public Content for:

  • showcasing Player participation and achievements;
  • publishing match highlights, reels, and tournament content;
  • displaying rankings, leaderboards, and statistics; and
  • promoting the Company’s services, academies, and sporting ecosystem.

This includes content generated from tournaments and competitive events conducted or facilitated by the Company.

5.3. Internal Operations and Improvements

The Company may use Personal Data to improve services, features, and user experience; ensure safety, security, and integrity of the platform; monitor usage patterns and engagement; and maintain internal records and compliance.

5.4. Anonymised and Aggregated Data

The Company may process Personal Data in an anonymised and aggregated manner for analytical, statistical, and business purposes, provided that such data does not identify any individual.

6. Data Sharing and Disclosure

6.1. Internal Access Controls

The Company restricts access to Personal Data on a need-to-know basis and in accordance with role-based access controls.

  • Administrators and Super Administrators shall have access to Personal Data as necessary for managing operations, user accounts, and platform functionality.
  • Developers and Technical Personnel shall have access only to such data as is required for maintenance, troubleshooting, and improvement of the App. Wherever feasible, Personal Data shall be masked or anonymised.
  • Leadership and Management Personnel may access data in anonymised or aggregated form for review, analytics, and decision-making purposes.
  • Marketing Personnel shall only have access to anonymised and aggregated data and shall not have access to personally identifiable information of Users.

6.2. Sharing with Service Providers

The Company may share Personal Data with third-party service providers engaged for the purpose of hosting and infrastructure services, including cloud storage providers; maintenance and support of the App; and security, monitoring, and system administration.

Such service providers shall be bound by appropriate contractual obligations to process Personal Data only in accordance with the Company’s instructions and implement reasonable security safeguards.

6.3. Legal and Regulatory Disclosures

The Company may disclose Personal Data where required to do so under Applicable Law or in response to valid requests by law enforcement agencies, courts or judicial authorities, government bodies, or regulatory bodies.

6.4. Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, Personal Data may be transferred to the relevant third party, subject to such party providing an adequate level of data protection in accordance with Applicable Law.

6.5. No Sale of Personal Data

The Company does not sell, rent, or trade Personal Data of Users to third parties.

6.6. Restricted Disclosure of Sensitive Personal Data

Sensitive Personal Data, including health-related information, shall be accessible only to authorised personnel such as coaches and designated support staff, and shall not be disclosed to any third party except where necessary for emergency situations or as required under Applicable Law.

7. Data Storage, Security and Transfers

7.1. Data Storage

Personal Data collected by the Company is stored on secure servers and infrastructure managed by the Company and its authorised service providers.

Such infrastructure may include cloud-based storage solutions, and the Company implements appropriate safeguards to ensure the security and integrity of Personal Data.

7.2. Security Measures

The Company adopts reasonable technical and organisational measures to protect Personal Data against unauthorised access, disclosure, alteration, or destruction, including role-based access controls; data masking and anonymisation, where applicable; secure authentication mechanisms; and monitoring and security practices designed to prevent data breaches.

However, while the Company strives to protect Personal Data, no method of transmission over the internet or method of storage is completely secure, and the Company does not guarantee absolute security.

7.3. Access Restrictions

Access to Personal Data is limited to authorised personnel strictly on a need-to-know basis, in accordance with internal policies and procedures.

Sensitive Personal Data, including health-related information, is subject to additional access restrictions and is made available only to designated personnel such as coaches and support staff for safety purposes.

7.4. Cross-Border Data Transfers

Personal Data may be stored and processed on servers located outside India, including through cloud service providers.

In such cases, the Company shall ensure that such transfers are carried out in accordance with Applicable Law and that appropriate safeguards are implemented to protect Personal Data.

7.5. Data Retention

The Company retains Personal Data only for as long as necessary to fulfil the purposes outlined in this Policy, unless a longer retention period is required or permitted under Applicable Law.

Upon expiry of the retention period, the Company shall take reasonable steps to delete or anonymise such Personal Data. The Company may retain certain Personal Data for a reasonable period thereafter for compliance, dispute resolution, and enforcement of legal rights.

8. Rights of Users

8.1. Right to Access and Correction

Users, and in the case of Minors their Guardians, have the right to request access to Personal Data held by the Company and request correction or updating of inaccurate or incomplete Personal Data.

8.2. Right to Withdrawal of Consent

Users and/or Guardians have the right to withdraw their consent to the processing of Personal Data at any time.

Withdrawal of consent shall not affect the lawfulness of processing carried out prior to such withdrawal. The User acknowledges that withdrawal of consent may result in the inability to access or use certain features or services.

8.3. Right to Erasure

Users and/or Guardians may request deletion of Personal Data held by the Company.

The Company shall take reasonable steps to delete such Personal Data, subject to compliance with Applicable Law, legitimate business requirements, and retention requirements for legal, regulatory, or dispute resolution purposes.

8.4. Right to Grievance Redressal

Users and/or Guardians have the right to seek redressal of any grievance relating to the processing of Personal Data. The Company shall address such grievances in a reasonable timeframe in accordance with Applicable Law.

8.5. Right to Nominate

In accordance with Applicable Law, Users have the right to nominate another individual who shall exercise their rights under this Policy in the event of death or incapacity.

8.6. Exercising Your Rights

Users and/or Guardians may exercise their rights by contacting the Company at the contact details provided in Clause 12 of this Policy. The Company may take reasonable steps to verify the identity of the person making the request before processing such request.

9. Data Deletion and Account Closure

9.1. Account Deletion Request

Users and/or Guardians may request deletion of their account and associated Personal Data by using the account deletion functionality within the App, where available, or submitting a request to the Company through the contact details provided in Clause 12.

9.2. Processing of Deletion Requests

Upon receipt of a valid deletion request, the Company shall take reasonable steps to delete Personal Data associated with the User or anonymise such data so that it no longer identifies the User, subject to Clause 9.4 below.

9.3. Effect of Account Deletion

Upon deletion of an account, the User shall no longer be able to access the App or services; certain data may be retained in anonymised form for analytical and operational purposes; and residual data may remain in backups for a limited period, after which it shall be securely deleted or overwritten.

9.4. Exceptions to Deletion

The Company may retain certain Personal Data, notwithstanding a deletion request, where such retention is necessary for compliance with Applicable Law; legal, regulatory, or audit requirements; resolution of disputes or enforcement of legal rights; or prevention of fraud or misuse of the platform.

9.5. Public Content and Deletion Limitations

Users and/or Guardians acknowledge that any Media or Public Content that has been published based on prior consent may continue to remain accessible on public platforms; and while the Company shall make reasonable efforts to remove such content upon withdrawal of consent, it may not be possible to control or prevent further access, sharing, or dissemination by third parties.

9.6. Verification of Requests

The Company may require verification of the identity of the User or Guardian before processing any deletion request, to prevent unauthorised requests.

10. Cookies and Technical Tracking

10.1. Collection of Technical Data

The Company may automatically collect certain technical and usage-related information when Users access or use the App, including device type, operating system, and usage data, interaction logs, and application performance data.

Such information is used to ensure the proper functioning, security, and improvement of the App.

10.2. No Use of Tracking Cookies

The Company does not use cookies or similar tracking technologies for behavioural advertising or cross-platform tracking within the App.

10.3. Limited Use of Similar Technologies

The Company may use limited technical tools or similar technologies strictly for enabling core App functionality; maintaining security and preventing misuse; and improving performance and user experience. Such use does not involve tracking Users across third-party applications or services.

10.4. Future Use of Tracking Technologies

In the event the Company introduces the use of cookies or third-party tracking technologies in the future, the Company shall update this Policy and, where required under Applicable Law, obtain appropriate consent from Users and/or Guardians.

11. Third-Party Links and Services

The App and services may contain links to third-party websites, platforms, or services, including social media platforms. The Company does not control and is not responsible for the privacy practices, policies, or content of such third-party services. Users are advised to review the privacy policies of such third parties before sharing any Personal Data with them.

12. Contact Details and Grievance Redressal

For any queries, concerns, or requests relating to this Policy or the processing of Personal Data, Users and/or Guardians may contact the Company at:

  • Email: contact@maidanplay.com

The Company has appointed a Grievance Officer in accordance with Applicable Law. Details of the Grievance Officer are as follows:

  • Name: Amit Mishra
  • Email: complaints@maidanplay.com

The Grievance Officer shall address and resolve complaints within such timelines as may be prescribed under Applicable Law.

13. Changes to This Policy

The Company may update or modify this Policy from time to time to reflect changes in its practices, services, or Applicable Law.

Any material changes to this Policy shall be communicated to Users through appropriate means, including through the App or other communication channels.

Continued use of the App or services after such updates shall constitute acceptance of the revised Policy.