This site is currently in development mode. No real money will be charged and no prize pools will be paid out.

Privacy Policy

How we collect, use, and protect your personal information.

Last updated: April 2026

1. Information We Collect

We collect the following types of information when you use AFL Survival Pool:

  • Personal Information: Name, email address, date of birth, phone number, and state of residence provided during account registration.
  • Account Data: Username, password (stored securely as a hash), account preferences, and email verification status.
  • Payment Information: Transaction records, payment method details (processed by third-party providers — we do not store full card numbers), and entry fee history.
  • Usage Data: Competition selections, entry history, IP addresses, browser type, device information, pages visited, and timestamps of activity.
  • Communications: Any messages, support requests, or feedback you send to us.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Account Management: To create and maintain your account, verify your identity, and authenticate your access to the Platform.
  • Competition Operations: To process your selections, determine results, manage eliminations, calculate standings, and distribute prizes.
  • Payment Processing: To process entry fees, handle refunds where applicable, and maintain financial records.
  • Communications: To send you round reminders, competition updates, elimination notifications, and important service announcements.
  • Platform Improvement: To analyse usage patterns, diagnose technical issues, and improve the user experience.
  • Legal Compliance: To comply with applicable Australian laws, regulations, and legal processes.
  • Security: To detect and prevent fraud, unauthorised access, and other malicious activity.

3. Information Sharing

We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

  • Payment Processors: We share necessary payment details with Stripe and PayPal to process entry fee transactions securely.
  • Charity Partners: We share aggregated (non-identifying) donation data with our registered charity partners for transparency and reporting purposes. Your personal details are not shared with charities.
  • Competition Participants: Your username and selection history may be visible to other participants within the same competition, subject to the competition's visibility settings.
  • Legal Requirements: We may disclose your information if required by law, court order, or government request, or to protect the rights, safety, or property of AFL Survival Pool, its users, or the public.
  • Service Providers: We may share information with trusted service providers who assist in operating the Platform (e.g., email delivery), subject to confidentiality obligations.

4. Payment Information

We take the security of your payment information seriously:

  • Online payments are processed entirely by Stripe and PayPal. We never receive, store, or have access to your full credit card number, CVV, or bank account details.
  • We store only transaction references, payment status, amounts, and timestamps for record-keeping purposes.
  • Manual payments (bank transfer, cash) are confirmed by an administrator and recorded with a reference note only.
  • All payment-related communications are encrypted in transit using TLS/SSL.
  • Payment history is available in your account for your reference.

5. Cookies & Tracking

AFL Survival Pool uses cookies and similar technologies to enhance your experience:

  • Essential Cookies: Session cookies required for authentication and maintaining your logged-in state. These are strictly necessary for the Platform to function.
  • Security Cookies: CSRF tokens and rate-limiting cookies to protect against cross-site request forgery and abuse.
  • Preference Cookies: Cookies that remember your display preferences and settings.

We do not use third-party advertising or analytics tracking cookies. We do not track your activity across other websites.

You can control cookies through your browser settings. However, disabling essential cookies may prevent you from using the Platform.

6. Data Security

We implement robust security measures to protect your personal information:

  • Passwords are hashed using bcrypt with a cost factor of 12 — we never store plaintext passwords.
  • Sensitive personal data is encrypted at rest using hybrid RSA + AES-256 encryption.
  • All data transmitted between your browser and our servers is encrypted using TLS/SSL.
  • We implement rate limiting, CSRF protection, and input validation to prevent common attack vectors.
  • Database access uses prepared statements exclusively to prevent SQL injection.
  • Access to personal data is restricted to authorised administrators on a need-to-know basis.

While we take every reasonable precaution to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

7. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this policy:

  • Active Accounts: Your data is retained for the duration of your account's existence.
  • Competition Records: Selection history, results, and standings are retained for historical and statistical purposes, even after a competition ends.
  • Payment Records: Transaction records are retained for a minimum of 7 years to comply with Australian tax and financial reporting obligations.
  • Deleted Accounts: Upon account deletion, personal identifying information is removed or anonymised within 30 days. Anonymised competition data may be retained for aggregate statistics.
  • Legal Holds: Data may be retained beyond normal periods if required for legal proceedings or regulatory compliance.

8. Your Rights

Under Australian privacy law, you have the following rights regarding your personal information:

  • Access: You may request access to the personal information we hold about you. Much of this is available directly through your account profile.
  • Correction: You may request correction of any inaccurate or incomplete personal information. You can update most details directly in your profile settings.
  • Deletion: You may request deletion of your account and associated personal data, subject to our legal retention obligations.
  • Complaint: If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us directly. If unsatisfied with our response, you may escalate to the Office of the Australian Information Commissioner (OAIC).
  • Withdrawal of Consent: Where we rely on your consent to process data, you may withdraw that consent at any time. This will not affect the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us using the details in the Contact Us section below.

9. Children's Privacy

AFL Survival Pool is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children or minors.

Age verification is required during registration. If we become aware that we have collected personal information from a person under 18, we will take steps to delete that information and terminate the associated account as soon as practicable.

If you believe a minor has provided us with personal information, please contact us immediately.

11. Changes to This Policy

We reserve the right to update this Privacy Policy at any time. Changes will be effective immediately upon posting the revised policy on the Platform, with the "Last updated" date revised accordingly.

For material changes that significantly affect how we handle your personal information, we will make reasonable efforts to notify registered users via email or Platform notification prior to the changes taking effect.

Your continued use of the Platform after any changes constitutes acceptance of the revised Privacy Policy. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

For privacy-related complaints, please include "Privacy Complaint" in the subject line. We aim to acknowledge all privacy enquiries within 5 business days and provide a substantive response within 30 days.

13. Australian Privacy Act

AFL Survival Pool is committed to complying with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) established under that Act.

In particular, we adhere to the following principles:

  • APP 1 — Open and transparent management: This Privacy Policy outlines how we manage your personal information.
  • APP 3 — Collection of solicited personal information: We only collect personal information that is reasonably necessary for the operation of the Platform.
  • APP 5 — Notification of collection: We notify you at or before the time of collection about what information we collect and why.
  • APP 6 — Use or disclosure: We only use or disclose your personal information for the purposes for which it was collected, or for directly related secondary purposes you would reasonably expect.
  • APP 8 — Cross-border disclosure: Our payment processors (Stripe, PayPal) may process data in overseas jurisdictions. We take reasonable steps to ensure overseas recipients comply with the APPs.
  • APP 11 — Security: We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.
  • APP 12 — Access: You may request access to your personal information at any time.
  • APP 13 — Correction: You may request correction of your personal information if it is inaccurate, out of date, incomplete, or misleading.

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us. If you are not satisfied with our response, you have the right to contact the Office of the Australian Information Commissioner (OAIC).