Privacy Policy
Last updated: 30 May 2026 · Version 2026-05-30
We collect the minimum we need to run your account and the Service. We never sell your personal information, we don’t use third-party advertising trackers, and you can ask us to access, correct or delete your data at any time.
About this policy & who we are
This policy explains how Railbird collects, uses, discloses and protects your personal information, and how you can exercise your privacy rights.
Railbird is operated by [Your legal entity name] [ABN ___ ___ ___ ___] (“Railbird”, “we”, “us”, “our”). We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy applies to the Railbird website, applications and related services.
Definitions
- Personal information
- Information or an opinion about an identified individual, or an individual who is reasonably identifiable, as defined in the Privacy Act — for example, your email address.
- Sensitive information
- A special category of personal information (such as health, racial or political information) that has extra protection under the Privacy Act. We do not seek sensitive information.
- APPs
- The Australian Privacy Principles set out in the Privacy Act.
- OAIC
- The Office of the Australian Information Commissioner, the privacy regulator.
Information we collect
We collect personal information in three ways:
a. Information you give us
- Account data: your email address and a securely hashed password (we never store your password in plain text).
- Consent record: the date, time and version of the Terms and Privacy Policy you agreed to at sign-up.
- User content: the readings, chats, virtual bets, tracker entries, competition activity and community posts you create.
- Support & correspondence: anything you send us when you contact us.
b. Information we collect automatically
- Technical data: basic logs such as IP address, browser type, device and timestamps.
- Session cookie: a single secure cookie that keeps you signed in, plus your language choice stored in your browser.
c. Information from third parties
- Payment status (Pro): from Stripe, we receive a customer/subscription reference and status — not your full card number.
We do not ask for or want sensitive information. Please don’t send us more than we need.
How & why we use your information
We use your personal information to:
| Purpose | Examples |
|---|---|
| Provide the Service | Create and run your account, keep you signed in, generate your readings and analysis, run the tracker and competition. |
| Process payments | Set up and manage your Pro subscription via Stripe. |
| Safety & integrity | Keep Railbird secure, prevent fraud, abuse and multiple accounts, and enforce our Terms. |
| Communicate with you | Respond to support requests and send service/account messages. |
| Improve Railbird | Understand how features are used and make the Service better. |
| Legal compliance | Meet our obligations and respond to lawful requests. |
We do not sell your personal information.
Disclosure of your information
We share the minimum needed with trusted service providers who help us run Railbird:
| Recipient | Purpose | Information involved |
|---|---|---|
| Database / hosting [Neon / host] | Stores your account & app data | Account & usage data |
| Stripe | Subscription payments | Email, payment & subscription details |
| Anthropic (Claude) | Generates AI readings/chat from your prompts | The text you submit for a reading |
| Odds & form data providers | Fixtures, prices, recent results | No personal data — match queries only |
We may also disclose personal information where required or authorised by law, to enforce our Terms, to protect people from harm, or as part of a business sale or restructure (subject to this policy). We do not otherwise disclose your personal information to third parties for their own marketing.
Direct marketing & your choices
- We may send you service messages (for example, security, account or billing notices). These are not marketing and are part of providing the Service.
- If we send promotional messages about Railbird, we will do so consistently with the Spam Act 2003 (Cth) and the APPs, and every message will include an easy way to opt out (unsubscribe).
- You can opt out of marketing at any time using the unsubscribe link or by contacting us (clause 17). We’ll action it promptly.
Cookies & similar technologies
- Essential session cookie. We use one secure, essential cookie to keep you signed in. Without it, the Service can’t recognise your session.
- Local storage. We store your language choice in your browser to remember your preference.
- No ad trackers. We do not use third-party advertising or cross-site tracking cookies in the app. You can control cookies through your browser settings, but disabling the essential cookie will stop you from signing in.
Overseas disclosure
Some of our service providers store or process information outside Australia — for example, in the United States (such as our AI and payment providers). Consistent with APP 8, we take reasonable steps to use reputable providers with appropriate safeguards. By using Railbird, you acknowledge that your information may be disclosed to, and stored or processed in, those overseas locations.
Data security & data breaches
- Safeguards. We take reasonable steps to protect your information using measures such as hashed passwords, encrypted connections (HTTPS), and access controls. No method of storage or transmission is perfectly secure.
- Notifiable Data Breaches. If a data breach occurs that is likely to result in serious harm, we will respond in line with the Notifiable Data Breaches scheme under the Privacy Act, including notifying affected individuals and the OAIC where required.
How long we keep your information
We keep your personal information while your account is active and for as long as needed to provide the Service. After that, we keep it only as long as necessary for legal, accounting, security and dispute-resolution purposes, and then delete or de-identify it.
Accessing & correcting your information
Under APP 12 and APP 13, you can ask us to access the personal information we hold about you, and to correct it if it is inaccurate, out of date or incomplete. Contact us using clause 17. We’ll respond within a reasonable time and will let you know if we can’t meet a request and why (for example, where the law requires us to keep certain records).
Deleting your account
You can ask us to delete your account and associated personal information at any time by emailing [your-contact-email]. We’ll action it within a reasonable time, subject to information we must keep by law (for example, payment and tax records). Some information may remain in routine backups for a limited period before being overwritten.
Anonymity & pseudonymity
Under APP 2, you may deal with us anonymously or using a pseudonym where it is lawful and practicable. In most cases we need a valid email address to create and secure your account, verify you are 18+, and provide the Service, so anonymity is not practicable for a registered account.
Children
Railbird is strictly for adults aged 18 and over. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information or used Railbird, contact us and we will remove the account and information.
Third-party links
The Service may link to third-party websites, such as bookmakers or help services. We are not responsible for their privacy practices. We encourage you to read the privacy policy of any site you visit.
Changes to this policy
We may update this policy from time to time. If we make material changes, we will take reasonable steps to notify you (for example, in-app or by email) and update the “Last updated” date and version above. The current version is always available at this page.
Complaints & how to contact us
- Contact us first. If you have a privacy question or complaint, contact our privacy contact at [your-contact-email], [Your legal entity name] [ABN], [business address]. We’ll acknowledge your complaint and aim to resolve it within a reasonable time.
- Escalate to the OAIC. If you’re not satisfied with our response, you can contact the Office of the Australian Information Commissioner at oaic.gov.au or 1300 363 992.