Privacy Policy

Last updated: April 2026

1. Who We Are

Last Pick Wins is an unofficial fan prediction game operated for recreational purposes. This privacy policy explains how we collect, use, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR).

2. Information We Collect

We collect minimal information necessary to operate the service:

For Group Administrators:
  • Email address - used for account identification and login
  • Group names - names you choose for your groups
For Players:
  • Display name - an optional name you choose to show to other players
  • Assigned name - the name your group administrator assigns to you
  • Picks - the teams you select each round
Technical Information:
  • Access timestamps - when you access the service
  • Theme preference - stored locally in your browser (not on our servers)

3. Lawful Basis for Processing

We process your personal data on the following legal bases:

  • Legitimate interests - to operate the prediction game service
  • Consent - where you voluntarily provide information (e.g., display name)

4. How We Use Your Information

Your information is used solely to:

  • Enable you to participate in the prediction game
  • Display leaderboards and results within your group
  • Allow group administrators to manage their groups

We do not:

  • Sell your data to third parties
  • Use your data for marketing purposes
  • Share your data outside your group
  • Use your data for profiling or automated decision-making

5. Data Sharing

Your picks and display name are visible to other members of your group. Group administrators can see all players in their groups.

We do not share your personal information with third parties except where required by law.

6. Data Retention

We retain your data for the duration of the football season plus a reasonable period afterwards for record-keeping. Data may be deleted upon request (see Your Rights below).

7. Data Security

We implement appropriate technical measures to protect your personal data, including:

  • Secure authentication via unique access links
  • Password protection for administrative access
  • Regular security reviews

8. Cookies and Local Storage

We use minimal browser storage:

  • Authentication cookies - essential for keeping you logged in
  • Theme preference - stored in localStorage to remember your light/dark mode choice

We do not use analytics cookies, advertising cookies, or third-party tracking.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access - request a copy of your personal data
  • Rectification - ask us to correct inaccurate data
  • Erasure - ask us to delete your data ("right to be forgotten")
  • Restriction - ask us to limit how we use your data
  • Portability - receive your data in a portable format
  • Object - object to processing based on legitimate interests

To exercise any of these rights, contact your group administrator or the site administrator.

10. Children

This service is intended for users aged 18 and over. We do not knowingly collect personal data from anyone under 18 years of age.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify users of significant changes where possible.

12. Contact

For privacy-related enquiries or to exercise your data rights, please contact the site administrator.

13. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.