Privacy Policy

Last updated: 14 May 2025

1. About This Policy

Sports Admin Pro ("we", "us", "our") is committed to protecting the privacy of the schools and individuals who use our platform. This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using Sports Admin Pro, you agree to the collection and use of information as described in this policy.

2. Who We Are

Sports Admin Pro is operated by an Australian individual developer providing a software-as-a-service platform for school sports administration. For privacy enquiries, contact us at jessemckinnon20@gmail.com.

3. What Information We Collect

Account and Organisation Information

  • School or organisation name and address
  • Administrator name, email address, and password (stored as a bcrypt hash — we never store your plain-text password)
  • Account creation date and activity timestamps

Sports Administration Data

The following data is entered by your school administrators and relates to your school's sports programme:

  • Bus Scheduler: fixture venue names, travel distances, bus departure and return times
  • Tournament Generator: team names, fixture draw, match results
  • CourtRank: player (staff) names, ELO ratings, match outcomes
  • StatTracker: team and player names, game statistics
  • Rotation Roster: player names, availability, court rotation plans
  • Referee Roster: referee names, fixture assignments
  • Venue Booking: venue names, booking dates, hirer names and contact details
  • Day Carnival Manager: student names, house names, age groups, event entries, times, and results
  • First Aid Roster: first aid company names, staff assignments, venue details
  • Best Players Voting: team and player names, vote submissions (no voter identity is stored beyond a temporary IP rate-limit record)

Usage and Technical Data

  • IP addresses (used for security rate limiting and audit logging only — not shared)
  • Tool usage logs (which tools are accessed, for platform analytics)
  • Uploaded fixture files (CSV/XLSX format, stored in your organisation's file library)

4. How We Use Your Information

We use the information we collect to:

  • Provide and operate the Sports Admin Pro platform for school sports administration purposes only
  • Authenticate users and maintain account security
  • Send transactional emails (email verification, password resets) — we do not send marketing emails
  • Protect against fraud, abuse, and unauthorised access through rate limiting and audit logging
  • Improve the platform through aggregate, anonymised usage analytics

We do not sell, rent, or share your personal information with third parties for marketing purposes. Your school's data is never used to train AI models or shared with any party outside of providing the service to you.

5. Data Storage and Security

Where Data Is Stored

Your data is stored on servers located in Australia. We are committed to keeping all school and student data within Australian borders.

School Data Isolation

Sports Admin Pro is a multi-tenant platform. Each school's data is completely isolated by a unique organisation identifier:

  • No school can access, view, or modify another school's data under any circumstances
  • All database queries are filtered by your organisation's ID at every layer
  • Aggregate platform analytics contain no school-identifying information

How We Protect Your Data

  • All connections are encrypted using HTTPS/TLS
  • Passwords are hashed using bcrypt — we cannot recover your password
  • Security tokens (password resets, email verification) are single-use cryptographic tokens
  • Failed login attempts are rate-limited to protect against brute-force attacks
  • HTTP security headers (CSP, HSTS, X-Frame-Options) are applied on all responses

Data Retention

Your data is retained for as long as your account is active. When you close your account or request deletion, all organisation data is permanently removed within 30 days.

6. Your Rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access the personal information we hold about you or your school
  • Correct inaccurate, out-of-date, or incomplete information
  • Delete your account and all associated data
  • Export your school's data before closing your account
  • Complain if you believe your privacy rights have been breached

To exercise any of these rights, contact us at jessemckinnon20@gmail.com. We will respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

7. Third-Party Services

We use the following third-party services to operate Sports Admin Pro:

  • Resend — transactional email delivery (email verification and password reset emails only)
  • Google Maps API — travel time calculations for the Bus Scheduler tool (only venue addresses are passed to Google; no personal data is included)

We do not use advertising networks, social media trackers, or analytics platforms that collect personal data.

8. Cookies and Session Data

Sports Admin Pro uses a single, secure session cookie to maintain your login state. This cookie:

  • Contains only your session identifier and organisation context — no tracking data
  • Is marked HttpOnly (not accessible to JavaScript) and SameSite=Lax
  • Is marked Secure in production (transmitted over HTTPS only)
  • Expires after 30 days of inactivity

We do not use third-party cookies or advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified by email to account administrators. The "last updated" date at the top of this page will always reflect the most recent version.

10. Contact Us

For privacy enquiries, requests, or complaints: