Privacy Policy

Version 1.0

Last updated: January 26, 2026

Matchweek Rivals ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Premier League prediction platform.

This policy is designed to comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller Identity

The data controller responsible for your personal data is Matchweek Rivals.

For any questions about this Privacy Policy or your personal data, you can contact us at:

2. Data We Collect

2.1 Account Information

  • Email address
  • Username
  • Password (stored encrypted)
  • Account creation date

2.2 Prediction Data

  • Match predictions (home score, away score)
  • Prediction timestamps
  • Prediction history and scoring results
  • Matchweek participation records

2.3 Rivalry Data

  • Weekly rivalry challenges (opponents, scores)
  • Season-long rivalry records
  • Head-to-head competition history

2.4 Technical Data

  • IP address
  • Browser type and version
  • Device information (operating system, device type)
  • Session timestamps and duration
  • Cookie preferences and consent records

2.5 Audit and Security Data

  • Login attempts (successful and failed)
  • Authentication events
  • Security-related activities
  • System access logs

3. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contractual Necessity: Processing your account data, predictions, and rivalry participation to provide our service to you.
  • Consent: Processing analytics and marketing cookies based on your explicit consent.
  • Legitimate Interests: Processing security and audit logs to protect our platform and users from fraud and abuse.
  • Legal Obligation: Retaining certain data to comply with legal and regulatory requirements.

4. How We Use Your Data

We use your personal data for the following purposes:

  • To create and manage your account
  • To record and score your match predictions
  • To facilitate weekly and seasonal rivalries with other users
  • To calculate leaderboards and competition standings
  • To send you important service notifications (match deadlines, rivalry results)
  • To prevent fraud, abuse, and unauthorized access
  • To improve our service through analytics (with your consent)
  • To comply with legal obligations and respond to legal requests

5. Data Sharing & Third Parties

We do not sell your personal data. We may share your data with:

5.1 Service Providers

  • Hosting and infrastructure providers (Vercel, Supabase)
  • Authentication services
  • Analytics providers (only with your consent)

5.2 Legal Requirements

We may disclose your data if required by law, court order, or to protect our legal rights.

5.3 Other Users

Your username and prediction scores are visible to users you compete against in rivalries. We do not share your email address or other personal information with other users.

6. Data Retention

We retain your personal data for the following periods:

  • Account Data: Until you delete your account, plus 30 days for account recovery.
  • Prediction and Rivalry History: Retained while your account is active for historical records and statistics.
  • Audit Logs: 365 days for security and compliance purposes.
  • Failed Login Records: 90 days for security monitoring.
  • Cookie Consent Records: 1 year or until you update your preferences.

After these periods, data is permanently deleted from our systems.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements).
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Withdraw Consent: Withdraw consent for analytics or marketing cookies at any time.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Restriction: Request restriction of processing under certain circumstances.

To exercise these rights, contact us at privacy@matchweekrivals.com. We will respond within 30 days.

8. Contact & Complaints

If you have questions or concerns about this Privacy Policy or our data practices, contact:

  • Email: privacy@matchweekrivals.com
  • Data Protection Officer: dpo@matchweekrivals.com

You also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO). In the EU, contact your local data protection authority.

9. Cookies and Tracking

We use cookies to provide and improve our service. You can manage your cookie preferences at any time through our cookie consent banner.

9.1 Cookie Categories

  • Necessary Cookies: Required for authentication, security, and basic functionality. These cannot be disabled.
  • Analytics Cookies: Help us understand how you use the site (requires your consent).
  • Marketing Cookies: Used to show relevant advertisements (requires your consent).

9.2 Managing Preferences

You can update your cookie preferences at any time by clicking .

10. Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • Passwords are hashed and encrypted using industry-standard algorithms
  • Data transmitted over HTTPS with TLS encryption
  • Regular security audits and monitoring
  • Access controls and authentication for all services
  • Audit logging of security-relevant events

While we take security seriously, no system is completely secure. Please use a strong password and keep your credentials confidential.

11. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you via email or a prominent notice on our website.

The "Last updated" date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically.

← Back to Home