Data Processing Agreement

This Data Processing Agreement (“DPA”) forms part of the agreement between PeoplesOdds and the user regarding the processing of personal data in connection with the PeoplesOdds platform. This DPA applies to the extent that PeoplesOdds processes personal data on behalf of the user or as required by applicable data protection legislation.

In this DPA, “Personal Data”, “Data Subject”, “Processing”, “Controller”, “Processor”, and “Supervisory Authority” have the meanings given to them in the UK GDPR and the Data Protection Act 2018.

PeoplesOdds processes personal data for the purposes of providing the prediction platform service, including account management, prediction tracking, accuracy scoring, leaderboard ranking, email communications, and payment processing.

PeoplesOdds uses the following sub-processors: Supabase (database and authentication hosting), Vercel (application hosting), Resend (email delivery), and Revolut (payment processing). A complete and current list of sub-processors is maintained on this page. We will notify users of any changes to sub-processors at least 30 days in advance.

PeoplesOdds implements appropriate technical and organisational measures including encryption of data in transit (TLS 1.2+) and at rest, access controls and authentication requirements for all personnel, regular security testing and vulnerability assessments, incident detection and response procedures, and employee training on data protection obligations.

PeoplesOdds will assist the user in responding to data subject access requests, rectification requests, erasure requests, and other rights under applicable data protection law. Requests should be submitted to privacy@peoplesodds.com.

In the event of a personal data breach, PeoplesOdds will notify affected users without undue delay and in any event within 72 hours of becoming aware of the breach, where feasible.

Where personal data is transferred outside the UK or EEA, PeoplesOdds ensures that appropriate safeguards are in place, including Standard Contractual Clauses as approved by the UK ICO or the European Commission.