Privacy Policy

1. Introduction

AussieOdds Pty Ltd ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website and services (collectively, the "Service").

We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and, where applicable, the General Data Protection Regulation (GDPR) for users in the European Economic Area.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when using our Service:

• Account Information: Name, email address, password (encrypted)
• Profile Information: Timezone preferences, odds format preferences
• Betting Preferences: Selected sports, bookmakers, bankroll amount, Kelly multiplier
• Bet Tracking Data: Bets you choose to track, including stakes, odds, and outcomes
• Payment Information: Billing details processed securely through Stripe
• Communications: Messages you send to our support team

2.2 Information Collected Automatically

When you access our Service, we automatically collect:

• Device Information: Browser type, operating system, device type
• Usage Data: Pages visited, features used, time spent on pages
• Log Data: IP address, access times, referring URLs
• Cookies: Session cookies for authentication and preferences

2.3 Information from Third Parties

We may receive information from:

• Authentication Providers: If you sign in via Google or other OAuth providers
• Payment Processors: Transaction status from Stripe (not full card details)
• Analytics Services: Aggregated usage data from Vercel Analytics and PostHog

3. How We Use Your Information

We use your personal information for the following purposes:

• Provide the Service: Display odds, calculate opportunities, track bets
• Personalization: Customize content based on your preferences
• Communication: Send alerts, notifications, and important updates
• Billing: Process payments and manage subscriptions
• Improvement: Analyze usage to improve features and user experience
• Security: Detect and prevent fraud, abuse, and security threats
• Legal Compliance: Comply with legal obligations and enforce our Terms

4. Legal Basis for Processing (GDPR)

For users in the EEA, we process personal data based on:

• Contract Performance: To provide the Service you've subscribed to
• Legitimate Interests: To improve our Service and prevent fraud
• Consent: For marketing communications (you can opt out anytime)
• Legal Obligation: To comply with applicable laws

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information with:

5.1 Service Providers

• Supabase: Database and authentication services (Australia/US)
• Stripe: Payment processing (PCI-DSS compliant)
• Vercel: Website hosting and analytics
• Resend: Email delivery services
• Sentry: Error monitoring and debugging
• PostHog: Product analytics

5.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Data Retention

We retain your personal information for as long as necessary to:

• Provide the Service and maintain your account
• Comply with legal obligations (e.g., tax records for 7 years)
• Resolve disputes and enforce agreements

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

7. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption: All data transmitted via HTTPS/TLS encryption
• Password Security: Passwords are hashed using industry-standard algorithms
• Access Controls: Limited employee access on a need-to-know basis
• Infrastructure: Hosted on secure, SOC 2 compliant platforms
• Monitoring: Continuous security monitoring and incident response

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the following rights:

8.1 All Users

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Opt-out: Unsubscribe from marketing communications

8.2 EEA/UK Users (GDPR)

• Data Portability: Receive your data in a machine-readable format
• Restriction: Request restriction of processing
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time
• Lodge Complaint: File a complaint with your local data protection authority

8.3 Australian Users

Under the Privacy Act 1988, you have the right to access and correct your personal information. You may also complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.

9. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication and security
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Understand how you use our Service

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

10. International Data Transfers

Your information may be transferred to and processed in countries other than Australia, including the United States. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with all service providers
• Selection of providers with strong privacy and security practices

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Third-Party Links

Our Service may contain links to third-party websites, including bookmaker sites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on this page
• Updating the "Last updated" date
• Sending an email notification for significant changes

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us:

We will respond to your request within 30 days (or sooner if required by applicable law).

15. Australian Privacy Complaints

If you are not satisfied with our response to a privacy complaint, you may contact: