← Back to PeoplesOdds

Privacy Policy

Last updated: 17 February 2026

1. Introduction

PeoplesOdds ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our Platform in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

Data Controller: PeoplesOdds
Contact: privacy@peoplesodds.com

2. Data We Collect

2.1 Information You Provide

  • Account Data: Email address, username, display name, password (hashed), and profile picture.
  • Profile Data: Bio, interests, and preferences you choose to share.
  • Content Data: Predictions, comments, league names, and other content you submit.
  • Communication Data: Any messages or correspondence you send to us.

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, predictions made, time spent on the Platform.
  • Device Data: Browser type, operating system, screen resolution, device identifiers.
  • Log Data: IP address, access times, referring URLs, error logs.
  • Cookie Data: See our Cookie Policy below.

2.3 Information from Third Parties

  • OAuth Providers: If you sign in via Google or Apple, we receive your name, email, and profile picture as authorised by you.
  • Referrals: If another user refers you, we may associate your account with the referrer.

3. Legal Basis for Processing

Under the UK GDPR, we process your personal data on the following lawful bases:

  • Contract: To provide and manage your account and the services you request (Art. 6(1)(b)).
  • Legitimate Interests: To improve the Platform, analyse usage, prevent fraud, and ensure security (Art. 6(1)(f)).
  • Consent: For marketing communications and optional cookies — you may withdraw consent at any time (Art. 6(1)(a)).
  • Legal Obligation: To comply with applicable laws and regulations (Art. 6(1)(c)).

4. How We Use Your Data

  • To create and manage your account.
  • To enable you to make predictions, earn points, and compete on leaderboards.
  • To facilitate social features (friends, leagues, notifications).
  • To personalise your experience and present relevant markets.
  • To communicate with you about your account, updates, and (with consent) promotional content.
  • To detect and prevent fraud, abuse, and security incidents.
  • To analyse usage patterns and improve the Platform.
  • To comply with legal obligations and enforce our Terms of Service.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share data with:

  • Service Providers: Supabase (database & authentication), Vercel (hosting), and analytics providers who process data on our behalf under strict contractual obligations.
  • Other Users: Your username, display name, avatar, predictions, and leaderboard rankings are visible to other users. Your email is never publicly displayed.
  • Legal Authorities: When required by law, court order, or to protect our rights, safety, or property.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

6. International Data Transfers

Your data may be processed in countries outside the UK, including the United States (Supabase, Vercel). Where data is transferred outside the UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions by the UK Government, in compliance with UK GDPR requirements.

7. Data Retention

  • Active Accounts: Data is retained for as long as your account is active.
  • Deleted Accounts: Upon account deletion, personal data is removed within 30 days. Anonymised or aggregated data may be retained for analytics.
  • Legal Requirements: Certain data may be retained longer to comply with legal, accounting, or reporting obligations.
  • Logs: Server logs are automatically purged after 90 days.

8. Your Rights (UK GDPR)

Under the UK GDPR, you have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Restriction: Request restriction of processing in certain circumstances.
  • Portability: Request your data in a structured, commonly used, machine-readable format.
  • Objection: Object to processing based on legitimate interests or for direct marketing.
  • Withdraw Consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email privacy@peoplesodds.com. We will respond within one calendar month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

9. Children's Privacy

The Platform is not intended for anyone under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a person under 18, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us immediately.

10. Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS/HTTPS), encrypted database connections, hashed passwords, role-based access controls, and regular security audits. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by posting the updated policy on this page with a revised "Last updated" date. We encourage you to review this page periodically to stay informed about how we protect your data.

12. Contact Us

For privacy-related enquiries:
Email: privacy@peoplesodds.com