Privacy & Security Policy

This Privacy & Security Policy explains what data TipsAudit ("we", "us") collects when you use this website, how we use and protect it, and the rights you have. We are committed to collecting as little personal data as possible.

1. What we collect

• Server logs. Like any website, our server records technical information for each request: IP address, date and time, the page requested, referrer, and browser/user-agent. This is used for security, debugging and abuse prevention.
• Analytics. We use a self-hosted, privacy-respecting analytics system (Matomo, running on our own infrastructure). It measures aggregate usage — pages viewed, approximate region, device type. We do not sell this data and we do not share it with advertising networks.
• Information you give us. If you contact us or, in future, create an account, we store what you provide (such as an email address). We do not ask for more than we need.

We do not collect special-category personal data, and we do not knowingly process data about payments or bets placed elsewhere.

2. Cookies

We use only the cookies needed to operate the site and to run our own analytics. We do not use third-party advertising or tracking cookies. You can block or delete cookies in your browser; the site will still work.

3. How we use your data

We use the data above only to: operate, secure and improve the site; understand aggregate usage; respond to your messages; and comply with the law. We do not sell your personal data to anyone.

4. Legal basis

Where the GDPR or a similar law applies, we process data on the basis of our legitimate interest in running a secure, functional website, your consent (for analytics where required), and our legal obligations.

5. Sharing and processors

We do not sell or rent your data. We may use a small number of trusted service providers (for example our hosting provider) who process data on our behalf under appropriate safeguards. We may disclose data if required by law.

6. Data retention

We keep server logs and analytics for only as long as needed for security and operation, then delete or anonymise them. Account and contact data is kept only while needed for the purpose it was given.

7. Security

We take reasonable technical and organisational measures to protect data, including: encrypted connections (HTTPS/TLS) across the whole site, restricted server access, hashed and salted passwords for any accounts, regular updates, and the principle of collecting as little data as possible. No system is perfectly secure, but we work to keep risk low. If you believe you have found a security vulnerability, please contact us responsibly via our contact page before disclosing it publicly.

8. Your rights

Depending on where you live, you may have the right to access, correct, delete, restrict or object to the processing of your personal data, and to data portability. To exercise any of these, contact us using the details on our contact page and we will respond within the time required by law.

9. International transfers

Our servers and providers may be located in the European Union or other countries. Where data is transferred internationally, we rely on appropriate safeguards as required by law.

10. Children

This site is not intended for anyone under 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us and we will delete it.

11. Changes and contact

We may update this policy from time to time; the current version is always on this page with its last-updated date. For any privacy or security question, or to exercise your rights, contact us via our contact page.

This document is provided in good faith and is not legal advice.