Privacy Policy

This policy explains how Long Shot Merchants (longshotmerchants.co.uk) collects, uses, and protects your personal data. We are committed to safeguarding your privacy and handling your data in accordance with UK data protection law, including the UK General Data Protection Regulation (UK GDPR).

When you create an account, we collect:

• Name — to personalise your account
• Email address — to identify your account and communicate with you
• Password — stored securely as a one-way hash, never in plain text

We also collect anonymous usage data through Google Analytics, including device type, browser, pages visited, and general location. This helps us understand how the site is used and improve the service.

We do not collect:

• Payment or financial information
• Sensitive personal data such as race, ethnicity, political opinions, religious beliefs, health data, or sexual orientation

We use your personal data to:

• Provide and maintain your account
• Give you access to predictions and site features
• Analyse site usage via Google Analytics to improve the service

We will never sell, share, or provide your personal information to any third party. Your data is used solely to operate and improve Long Shot Merchants.

We use the following cookies:

• Session cookie (essential) — keeps you logged in while you use the site
• Google Analytics cookies (performance) — collect anonymous data about how the site is used

You can disable cookies through your browser settings, though this may affect your ability to use certain features of the site.

We take reasonable measures to protect your data. Passwords are hashed using bcrypt and are never stored in plain text. Sessions are managed using encrypted JSON Web Tokens (JWT). While no system is completely secure, we are committed to protecting your information to the best of our ability.

Your personal data is retained for as long as your account is active. If you wish to have your account and data deleted, you may request this at any time by contacting us. We will process deletion requests without undue delay.

Under UK GDPR, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to processing of your data
• Request your data in a portable format

To exercise any of these rights, please contact us using the details below.

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated effective date. Your continued use of the service after changes are posted constitutes your acceptance of the revised policy.

If you have any questions about this privacy policy or your personal data, please contact us at [email protected].