HyperStake Logo
HyperStake

Privacy Policy

Last updated: February 2026

1. Who we are

HyperStake is a betting analytics platform operated from Adelaide, South Australia. When this policy says "we", "us", or "our", it means HyperStake and the team behind hyperstake.bet.

By using HyperStake you agree to this policy. If you don't agree, please don't use the platform.

2. What we collect

Account info

When you sign up we collect:

  • Email address
  • Username (visible on leaderboards if your profile is public)
  • Password (hashed with bcrypt, never stored in plain text)
  • Discord details, if you link your account via Whop

Betting data

Everything you enter into HyperTrack (stakes, odds, bookmakers, sports, outcomes, notes) is stored so we can show you analytics. This data is yours. We don't share it.

Usage data

We automatically collect standard analytics via Google Analytics (GA4):

  • Pages visited and features used
  • Browser, device, and operating system
  • Approximate location (country/region level)
  • Referral source

We also log IP addresses in server-side audit logs for security purposes.

3. How we use it

  • Run and improve the platform (analytics, bug fixes, new features)
  • Process your account and verify your Whop subscription
  • Send transactional emails: welcome email, password resets
  • Respond to support requests
  • Detect abuse and prevent fraud

We do not sell your data. We don't run ads. We don't share your personal information with anyone for marketing purposes.

4. Third-party services

HyperStake relies on these services to function. Each has its own privacy policy:

  • Convex - database and backend (stores your account, bets, sessions)
  • Whop - handles subscriptions, payments, and membership verification
  • Postmark - sends transactional emails on our behalf
  • Google Analytics - anonymised site usage tracking
  • Netlify - hosts the website
  • The Odds API - provides odds data used in HyperOdds

We only share data with these services to the extent needed for them to do their job. For example, Postmark receives your email address to send you a password reset, but nothing else.

5. Security

We take reasonable steps to keep your data safe:

  • Passwords are hashed with bcrypt
  • All traffic is encrypted over HTTPS
  • Sessions expire automatically after 7 days of inactivity
  • Whop webhook signatures are verified before processing
  • Security headers (HSTS, X-Frame-Options, CSP) are set on all pages

No system is perfectly secure. If you discover a vulnerability, please email us.

6. Cookies and local storage

  • Session - stored in localStorage to keep you logged in
  • Preferences - odds format, last-used bookmaker, selected mode
  • Google Analytics - sets cookies to track anonymised usage

You can clear localStorage and cookies through your browser settings. This will log you out.

7. Data retention

We keep your data for as long as your account is active. If you delete your account (via Settings), we remove your bets, profile, and preferences from Convex. Some data may be retained in audit logs for up to 90 days after deletion for security and fraud prevention.

8. Your rights

You can:

  • Access your data (it's all visible in-app: bets, profile, settings)
  • Correct your data (edit your profile and settings anytime)
  • Delete your account and data (Settings page)
  • Request a data export by contacting us

If you're in the EU or have other jurisdiction-specific rights, email stakehyper@gmail.com and we'll help.

9. Age requirement

You must be 18 or older to use HyperStake. We don't knowingly collect data from anyone under 18. If you believe a minor has signed up, let us know and we'll delete the account.

10. Changes

If we make meaningful changes to this policy, we'll update the "Last updated" date at the top. For major changes, we may also send an email. Continuing to use HyperStake after a change means you accept the updated policy.

11. Contact

Questions about your data or this policy?