Privacy Policy

Last updated: February 26, 2026

1. Introduction

Northcore ("we", "our", or "us") provides an AI-powered recruiting tool for college coaches. This Privacy Policy explains how we collect, use, and protect your information when you use our website, Gmail add-on, Outlook add-in, and related services (collectively, the "Service").

2. Information We Collect

Account information

When you create an account, we collect your name, email address, and school or organization affiliation.

Email data

When you use our Gmail add-on or Outlook add-in to parse a recruiting email, we access the content of the email you choose to scan. We only read emails you explicitly select — we do not access your inbox in bulk or read emails in the background.

Extracted player data

Our AI extracts structured data from selected emails, including player names, positions, graduation years, academic information, athletic stats, contact details, and highlight video links. This data is stored in your account for your use.

Usage data

We collect standard analytics data such as pages visited, features used, and error logs to improve the Service.

3. How We Use Your Information

  • To provide and operate the Service, including AI-powered email parsing
  • To store and organize recruiting data on your behalf
  • To enable school-level collaboration features between coaches at the same institution
  • To improve our AI extraction accuracy
  • To send you service-related communications
  • To comply with legal obligations

4. Data Sharing

We do not sell your personal information. We may share data with:

  • Other coaches at your school: If you are part of a school team on Northcore, player status and recruiting data is shared among authorized staff members at your institution.
  • Service providers: We use third-party services for hosting (Vercel), database (Supabase), and AI processing (OpenAI). These providers process data on our behalf under contractual obligations.
  • Legal requirements: We may disclose information if required by law, regulation, or legal process.

5. Data Security

We use industry-standard security measures including encrypted connections (HTTPS/TLS), secure authentication, and access controls. API keys are hashed before storage. However, no method of transmission or storage is 100% secure.

6. Data Retention

We retain your account and recruiting data for as long as your account is active. You may request deletion of your data at any time by contacting us. We will delete your data within 30 days of a verified request.

7. Google API Disclosure

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only access Gmail data when you explicitly trigger a scan, and we do not use this data for advertising or any purpose unrelated to the Service.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for data processing

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at graythomasjames1@gmail.com.