Legal

Privacy Policy

Last updated: May 2026

playdrawr ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, why we collect it, and what we do with it. Short version: very little, for good reason, and we never sell it.

1. Who we are

playdrawr is an online sweepstake platform for football tournaments, operating at playdrawr.co.uk. If you have any questions about this policy, contact us at headcoach@playdrawr.co.uk.

2. What data we collect

If you create an account (organiser):

  • Your email address and name, provided at signup
  • Sweepstake data you create (names, entry fees, participant lists)
  • Authentication tokens managed securely by Supabase

If you are added as a participant:

  • Your name and, if provided by the organiser, your email address
  • Your assigned team and points score

Automatically:

  • Standard server logs (IP address, browser type, pages visited) — retained for up to 30 days
  • Advertising cookies set by Google AdSense, used to serve relevant ads (see Section 7)
  • Basic hosting analytics collected by Vercel for infrastructure purposes

3. How we use your data

We use your data to:

  • Run and manage your sweepstakes
  • Send transactional emails — draw results, participant invites, and leaderboard updates after matchdays
  • Respond to support enquiries
  • Improve the service

We do notsend marketing emails, newsletters, or promotional messages. If we ever email you, it's because something happened in your sweepstake that's worth knowing about.

4. Who we share data with

We do not sell, rent, or trade your personal data. We use the following third-party services to operate the platform:

  • Supabase — database and authentication (data stored in EU region)
  • Vercel — hosting and edge infrastructure
  • Resend — transactional email delivery
  • Google AdSense — advertising network; may set cookies to serve ads based on your prior visits to this and other websites

Each of these providers processes data only as needed to deliver the service and under appropriate data processing agreements.

5. Data retention

We retain your account data for as long as your account is active. Sweepstake data is retained for 12 months after the associated tournament ends, then deleted. You can request deletion of your account and all associated data at any time.

6. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict how we process your data
  • Data portability — receive your data in a machine-readable format

To exercise any of these rights, email us at headcoach@playdrawr.co.uk. We will respond within 30 days.

7. Advertising (Google AdSense)

We use Google AdSense to display advertisements on some pages of this site. Google AdSense uses cookies to serve ads based on your prior visits to this website and other sites on the internet.

Google's use of advertising cookies enables it and its partners to serve ads based on your visit to our site and/or other sites on the internet. You may opt out of personalised advertising by visiting Google Ads Settings.

Google's privacy policy is available at policies.google.com/privacy. For more information on how Google uses data when you use our site, see How Google uses information from sites that use our services.

We also use Google Analytics to understand how visitors use the site. This collects anonymised data about pages visited and time spent. You can opt out via the Google Analytics opt-out browser add-on.

8. Cookies

We use a single session cookie to keep you logged in as an organiser. Google AdSense sets advertising cookies as described in section 7. If you are just viewing a participant leaderboard without being logged in, only Google AdSense cookies (if applicable to that page) are set.

You can manage or disable cookies through your browser settings at any time. Note that disabling cookies may affect how the site functions for logged-in organisers.

9. Security

All data is encrypted in transit (HTTPS) and at rest. Authentication is handled by Supabase with industry-standard security practices. We do not store passwords in plain text.

10. Changes to this policy

If we make material changes, we'll update the date at the top of this page. We won't email you every time we fix a typo, but we will notify you if anything significant changes.

11. Contact

Questions about this policy? Use our contact form or email headcoach@playdrawr.co.uk.