World Cup PredictorPredictions, global & private leagues, prize fund and donate to an important cause
Legal

Privacy policy

This notice explains what personal data we collect, why we use it, how payment data is handled, and the rights available to you under UK GDPR.

Data collected and why

We may collect and use the following categories of personal data:

  • Account data: name or username, email address, and password hash so we can create and secure your account.
  • Prediction data: your match predictions, timestamps, scoring outcomes, leaderboard position, and related gameplay records so we can operate the competition fairly.
  • Payment data: payment status, Stripe payment identifiers, refund status, and records needed for accounting, fraud prevention, and customer support.
  • Usage data: if analytics or similar tools are added, technical information such as device and browser details, IP address or approximate location, pages viewed, and operational activity logs.

Legal basis

We process personal data under the following UK GDPR legal bases:

  • Account data is processed because it is necessary for the performance of our contract with you.
  • Prediction data is processed because it is necessary for the performance of our contract with you and because we have a legitimate interest in operating the competition fairly, generating leaderboards, and preventing abuse.
  • Payment-related data is processed because it is necessary for the performance of our contract with you and, where relevant, to comply with legal obligations relating to accounting, tax, fraud prevention, and record-keeping.
  • If we send marketing emails, we do so on the basis of consent unless another lawful basis clearly applies.

Stripe and payment handling

Payments are processed using Stripe. We do not store your full card details on our own systems.

Stripe is PCI DSS certified and handles card information through its own secure payment systems. Stripe acts as our payment processor so payments, refunds, and related payment events can be completed.

We may also share data with hosting, email, infrastructure, and support providers where needed to operate the platform, and we may disclose data if required by law or to establish, exercise, or defend legal claims.

Retention periods

We keep personal data only for as long as reasonably necessary.

  • Account data: while your account is active and for 2 years after a deletion request.
  • Payment records: for 7 years to meet UK financial and record-keeping requirements.
  • Prediction data: for the duration of the tournament plus 1 year.
  • Marketing consent records: for as long as needed to demonstrate consent and manage opt-out requests.

We may keep data for longer where required by law, to resolve disputes, or to prevent fraud.

User rights

You may have the right to:

  • access your personal data;
  • ask us to correct inaccurate or incomplete data;
  • ask us to erase your data;
  • ask us to restrict how we use your data;
  • object to certain processing;
  • ask for data portability; and
  • withdraw consent where we rely on consent.

These rights are not absolute, and sometimes legal exceptions apply. We may need to verify your identity before responding.

Contact details

World Cup Predictor League is operated from the United Kingdom by Stuart Paterson, who is the data controller for the personal data described in this policy.

For data requests, questions, or concerns, use our contact form.

You also have the right to complain to the UK Information Commissioner's Office (ICO).

Last updated

Last updated: 1 June 2026