Legal

Privacy Policy

How we collect, use, and protect your personal information.

Last updated: March 1, 2026

1. Introduction

FanX ("we", "us", "our") operates the FanX platform, a fan engagement solution for sports, entertainment, and live event organizations. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our platform, or interact with campaigns powered by FanX.

By accessing or using our services, you agree to this Privacy Policy. If you do not agree with the terms, please discontinue use of our services.

2. Information We Collect

Anonymous by default, personal only by opt-in. The FanX platform is designed so that, by default, we collect only anonymous usage analytics about campaign activity (for example, that a campaign was seen or played). We do not collect personally identifiable information ("PII") from fans unless they actively opt in by completing a campaign experience that requests it (such as entering an email to claim a prize, redeem a coupon, or join a mailing list).

2.1 Anonymous Data Collected by Default

When a fan encounters or interacts with a FanX-powered campaign, we collect anonymous engagement signals that are not linked to an identifiable individual. This includes:

  • Campaign Engagement Events: Whether a campaign was seen, opened, started, played, completed, or abandoned, and aggregate timing of these events.
  • Aggregate Usage Data: Pages visited, features used, session duration, and interaction patterns, recorded in aggregate form.
  • Technical Data: Browser type, operating system, device category, screen resolution, and truncated/anonymized IP address used for approximate region (country/state) and security purposes only.
  • Cookies & Similar Technologies: See our Cookie Policy for details.

This anonymous data lets our customers measure campaign reach and performance without identifying individual fans.

2.2 Personal Information You Choose to Provide (Opt-In)

PII is only captured when a fan voluntarily provides it as part of completing a campaign experience, or when a customer or website visitor provides it directly to us. We treat the act of submitting this information as an opt-in to the use described at the point of collection. This may include:

  • Fan Profile Data: Name, email, phone, postcode, date of birth, or other details a fan chooses to submit when completing a campaign experience (e.g., entering a prize draw, claiming a reward, or subscribing to updates).
  • Precise Location: Captured only with the fan's explicit consent for check-in or location-based experiences.
  • Account Information: Name, email address, phone number, company name, job title, and password when a customer creates a FanX account.
  • Payment Information: Billing address and payment method details for customer accounts, processed by our third-party payment provider.
  • Communications: Messages, support requests, and feedback you send to us.

Fans can decline to provide PII and still view or play campaigns where the experience permits; only the optional opt-in steps will be unavailable.

2.3 Information from Third Parties

When our customers connect integrations (e.g., HubSpot, Salesforce), we may receive fan data from those platforms to enrich profiles that the fan has already opted in to share with the customer, subject to the customer's authorization and the third-party's terms.

3. How We Use Your Information

We use collected information for the following purposes:

  • Providing, operating, and maintaining the FanX platform.
  • Processing campaign interactions, prize allocations, and coupon distribution.
  • Analyzing engagement metrics and generating analytics dashboards for our customers.
  • Communicating with you about account updates, support, and service changes.
  • Sending marketing communications (only with your consent).
  • Detecting, preventing, and addressing fraud, abuse, and security issues.
  • Complying with legal obligations and enforcing our terms.
  • Improving and developing new features and experiences.

4. Legal Bases for Processing (EEA/UK)

If you are located in the European Economic Area or United Kingdom, we process your data based on:

  • Contractual Necessity: To perform our agreement with you or your organization.
  • Legitimate Interests: For analytics, security, and platform improvement, where your rights do not override these interests.
  • Consent: For marketing communications, cookies, and location-based features.
  • Legal Obligation: To comply with applicable laws and regulations.

5. Data Sharing & Disclosure

We do not sell your personal data. We may share information with:

  • Our Customers: Organizations using FanX receive fan engagement data for campaigns they operate.
  • Service Providers: Hosting, analytics, email delivery, and payment processors that operate under data processing agreements.
  • Integration Partners: When customers connect HubSpot, Salesforce, Mailchimp, Twilio, or Google Analytics, data flows per the customer's configuration.
  • Legal Requirements: When required by law, subpoena, or to protect the rights, safety, or property of FanX, our customers, or the public.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.

6. Data Retention

We retain personal data for as long as necessary to provide our services and fulfill the purposes described in this policy. Our customers can configure data retention periods (6, 12, or 24 months) for fan data within their organization settings. Account data is retained for the duration of the customer relationship plus 30 days after account closure.

7. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3) and at rest (AES-256), role-based access controls, API key hashing, audit logging, and regular security assessments. See our Security page for more details.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal data.
  • Port your data to another service.
  • Restrict or object to certain processing activities.
  • Withdraw consent at any time (without affecting prior processing).
  • Lodge a complaint with your local data protection authority.

To exercise these rights, contact us at contact@fanx.tech. We will respond within 30 days.

9. International Transfers

Your data may be transferred to and processed in countries outside your own. We use Standard Contractual Clauses (SCCs) and other appropriate safeguards to protect data transferred internationally.

10. Children's Privacy

FanX is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our website at least 30 days before changes take effect.

12. Contact Us

If you have questions about this Privacy Policy, contact our Data Protection Officer at:
Email: contact@fanx.tech
Address: FanX, Level 18, 101 Grafton Street, Bondi Junction, 2022, Sydney, NSW