Privacy policy

“Onside” (“we”, “us”) operates the Onside website and app. For the purposes of the UK GDPR and the EU GDPR, we are the data controller for the personal data described here. You can reach our privacy team at privacy@onsidemarket.com.

We keep data collection deliberately minimal. We collect:

• ●Account information. When you create an account, your email address and a securely hashed password (or the identifier from a sign-in provider you choose). We never store your password in plain text.
• ●Watchlist & preferences. The players, clubs, and competitions you follow, your alert settings, and product preferences such as theme — the data that makes Onside yours.
• ●Anonymous analytics. Aggregated, privacy- respecting usage data — pages viewed, broad device and browser type, approximate region — to understand what's working and fix what isn't. This is not used to build advertising profiles of you.
• ●Communications. If you email us or contact support, we keep that correspondence so we can help you and keep a record of the request.

We do not knowingly collect data from children under 16, and Onside is not directed at them. We do not sell your personal data — to anyone, ever.

• ●To create and secure your account and keep you signed in.
• ●To deliver core features — your watchlist, value alerts, and personalised views.
• ●To understand and improve the product through aggregated analytics.
• ●To respond to your questions and provide support.
• ●To keep Onside safe — preventing abuse, fraud, and security incidents.

Under the GDPR we rely on the following legal bases:

• ●Contract. Processing your account, watchlist, and preferences is necessary to provide the service you've signed up for.
• ●Consent. Non-essential cookies and analytics run only where you've consented (see Cookies below). You can withdraw consent at any time.
• ●Legitimate interests. Keeping the service secure and improving it, balanced against your rights and freedoms.
• ●Legal obligation. Where we must retain or disclose data to comply with the law.

We use a small number of cookies and similar technologies. Essential cookies keep you signed in and the service functioning — these are required and can't be switched off. Analytics cookies help us measure usage in aggregate and run only with your consent.

When you first visit, we ask for your choice via a cookie banner, and we remember it. You can change your mind at any time by clearing the consent stored in your browser, and your browser's settings let you block or delete cookies entirely.

Wherever the GDPR applies, you have strong rights over your personal data, and we will honour them:

• ●Access. Ask for a copy of the personal data we hold about you.
• ●Rectification. Have inaccurate or incomplete data corrected.
• ●Erasure.Ask us to delete your account and personal data (“the right to be forgotten”).
• ●Portability. Receive your data in a portable, machine-readable format, or have us export it.
• ●Restriction & objection. Restrict or object to certain processing, including withdrawing consent for analytics.

To exercise any of these, email privacy@onsidemarket.com. We'll respond within one month. You also have the right to lodge a complaint with your local data protection authority.

We keep personal data only as long as we need it. Account data is retained while your account is active; if you delete your account, we erase or anonymise your personal data within 30 days, except where we're legally required to keep certain records for longer. Anonymous analytics, which can't be tied back to you, may be retained in aggregate.

We don't sell your data. We share it only with trusted service providers who process it on our behalf — for hosting, infrastructure, analytics, and email — under contracts that require them to protect it and use it only for the purposes we specify. Where data is transferred outside your region, we rely on appropriate safeguards such as Standard Contractual Clauses.

We protect your data with industry-standard measures: encryption in transit, hashed credentials, access controls, and ongoing monitoring. No system is perfectly secure, but we take this seriously and will notify you and the relevant authority if a breach ever affects your rights.

We may update this policy as Onside evolves. When we make material changes, we'll update the date at the top and, where appropriate, let you know in the app. Continuing to use Onside after an update means you accept the revised policy.

Questions about your privacy, or want to exercise a right? Email privacy@onsidemarket.com and we'll help.