Last updated: 4 June 2026 | Effective date: 4 June 2026
This Privacy Policy explains how MySentiMap (ABN 98 716 278 583) ("we", "us") collects, uses, discloses, stores, and protects your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By using the Platform, you consent to the practices described in this Policy.
MySentiMap (ABN 98 716 278 583) is a community-driven gamified prediction platform for entertainment purposes. We are committed to handling your personal information responsibly and in compliance with Australian privacy law.
This Policy applies to information collected through the MySentiMap website, web application, and any associated services. It does not apply to third-party websites linked from our Platform. Where MySentiMap employees or contractors also hold user accounts for testing or personal use, their account data is covered by this Policy in the same way as any other user; separate employment-related privacy notices apply to HR and payroll data held about staff.
For any privacy enquiries, contact us at hello@mysentimap.com.
We collect personal information only where reasonably necessary to operate the Platform. This includes:
| Category | Examples | Collected How |
|---|---|---|
| Account Information | Username, email address, hashed password | Provided by you on registration |
| Profile Information | Bio, avatar, location (optional), social links | Provided by you voluntarily |
| Platform Activity | Predictions submitted, ratings, comments, watchlist | Generated through your use of the Platform |
| Technical & Device Data | IP address, browser type, operating system, session identifiers | Collected automatically via server logs and analytics |
| Subscription & Billing | Plan type, billing history (payment card details are NOT stored by us — handled by our payment processor) | Collected through our payment provider |
| Communications | Emails and messages sent to our support team | Provided by you directly |
We do not collect sensitive information as defined by the Privacy Act, including government identifiers, health information, financial account details, or biometric data.
We use your personal information to:
We will not use your personal information for any purpose materially different from those described above without first notifying you and, where required, obtaining your consent.
We do not sell, rent, or trade your personal information. We may share it only in the following circumstances:
MySentiMap uses third-party service providers that store and process data outside Australia, including in the United States. Specifically:
We take reasonable steps to ensure that overseas recipients handle your personal information in accordance with the Australian Privacy Principles. Some of these providers self-certify under the EU-US Data Privacy Framework or maintain equivalent safeguards. By using the Platform, you consent to your information being transferred to these countries.
We cannot guarantee that foreign laws will provide the same level of protection as Australian law. If you do not consent to this transfer, you should not use the Platform.
We use the following third-party services which may collect information about your use of the Platform:
www.clarity.ms domain in your browser settings or using a content-blocking browser extension. You may also manage your Microsoft advertising preferences via the Microsoft Privacy Dashboard.
These services operate under their own privacy policies. We encourage you to review them. Where data is transferred outside Australia, we rely on the recipient's compliance with equivalent privacy protections.
Managing analytics consent: Google Analytics and Microsoft Clarity are loaded only with your explicit consent via our cookie banner. To withdraw consent at any time: go to Settings → Privacy → Usage Analytics and toggle the switch off. Changes take effect on the next page load; no further analytics data will be collected. You may also re-enable analytics at any time from the same toggle.
ASX market data, company announcements, and stock prices displayed on the Platform are sourced from the ASX and authorised third-party data providers (including Financial Modeling Prep and Yahoo Finance). This information is subject to the intellectual property and terms of those providers and is displayed for informational purposes only.
Community-generated predictions, ratings, and sentiment scores are expressions of personal opinion by individual users. They are not verified or endorsed by MySentiMap and do not constitute financial advice or securities research.
We retain your personal information for as long as necessary to provide the Platform and comply with our legal obligations:
| Data Type | Retention Period |
|---|---|
| Account and profile data | For the life of your account, plus 2 years after deletion (for fraud prevention and legal compliance) |
| Transaction and billing records | 7 years (Australian tax law requirement) |
| Server logs and technical data | Up to 12 months |
| Support communications | 3 years from last interaction |
| Anonymised analytics data | Indefinitely (cannot identify individuals) |
When you request account deletion, we will remove or anonymise your personal data within 30 days, subject to the retention periods above and any legal holds.
We implement industry-standard security measures to protect your personal information including:
No transmission over the internet is 100% secure. While we take all reasonable precautions, we cannot guarantee the absolute security of your information. Please notify us immediately at hello@mysentimap.com if you believe your account has been compromised.
We use browser local storage and session storage (and, for analytics only, cookies) to operate the Platform. No third-party cookies are set without your explicit consent. The specific items stored are listed below.
Essential — authentication & session (cannot be disabled without breaking login)
| Key | Purpose | Duration |
|---|---|---|
token / asx_auth_token | Your JWT access token — keeps you logged in | Session (cleared on browser close) |
refresh_token | Allows silent re-authentication without re-entering your password | 30 days |
user / asx_user_data | Non-sensitive profile data (username, ID, subscription tier) for fast display | Persistent |
msm_ref_code | Referral code from invite link — links your registration to the referrer | 30 minutes |
Preferences (persist your settings across sessions)
| Key | Purpose | Duration |
|---|---|---|
theme | UI colour theme (dark/light) | Persistent |
accentColor | Accent colour preference | Persistent |
msm_display_currency | Preferred display currency (AUD, USD, EUR etc.) | Persistent |
msm_timezone | Preferred timezone for market times | Persistent |
reduceMotion / highContrast / largeText | Accessibility display preferences | Persistent |
msm_notif_mute_* | Per-category notification mute settings | Persistent |
asx_remember_me | "Remember me" state on the login page | Persistent |
Functional — game state & cache
| Key | Purpose | Duration |
|---|---|---|
msm_xp_[userId] | XP, level, and progression data (fast local cache — authoritative copy is in our database) | Persistent |
msm_notif_feed_[userId] | Notification feed cache (up to 50 items) | Persistent |
msm_fx_rates_v4 | Exchange rate cache from Frankfurter API — refreshed every 30 minutes | 30 minutes |
tower_mode / tower_slot* | Forecast Tower game preferences and unlocked slots | Persistent |
msm_analytics_consent | Your analytics consent preference (accepted / declined) | 12 months |
Analytics cookies (set only with your explicit consent)
| Cookie | Source | Purpose | Duration |
|---|---|---|---|
_ga, _ga_[ID], _gid | Google Analytics 4 | Unique visitor and session identification for anonymised usage statistics | Up to 2 years |
clarity_* | Microsoft Clarity | Session recording and heatmaps to understand how users interact with the Platform | Up to 1 year |
Analytics are loaded only after you accept our cookie banner. You can withdraw consent at any time in Settings → Privacy → Usage Analytics. Declining or withdrawing consent has no effect on your ability to use the Platform.
You can also clear all locally stored data at any time via your browser's developer tools (Application → Local Storage → mysentimap.com → Clear all).
Some browsers transmit a "Do Not Track" (DNT) signal. MySentiMap does not currently respond to DNT signals as there is no industry-wide standard for how they should be interpreted. We encourage you to use the opt-out mechanisms provided by our analytics partners (Section 6) if you do not wish to be tracked.
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the right to:
To exercise any of these rights, contact us at hello@mysentimap.com. We will acknowledge your request within 5 business days and respond substantively within 30 days.
MySentiMap is intended for users aged 18 and over. We do not knowingly collect personal information from individuals under 18. If we become aware that we have inadvertently collected information from a person under 18, we will take steps to delete that information promptly. If you believe a minor has provided personal information, please contact us at hello@mysentimap.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. When we make material changes, we will notify you via email and/or a prominent notice on the Platform prior to the change taking effect. The "Last updated" date at the top of this page indicates the most recent revision.
Continued use of the Platform after the effective date of any changes constitutes your acceptance of the updated Policy.
Notifiable Data Breaches (Australia). Under the Privacy Act 1988 (Cth), if MySentiMap becomes aware of an "eligible data breach" — meaning unauthorised access to or disclosure of personal information that is likely to result in serious harm to any individual — we are required to:
Security Incident Response. If you become aware of or suspect a data breach involving your account or MySentiMap's systems, contact us immediately at hello@mysentimap.com. We will investigate all reports and respond within 72 hours.
EU/UK GDPR Breach Notification. For EEA/UK users, in the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant Data Protection Authority within 72 hours of becoming aware of the breach (as required by GDPR Art. 33), and will notify affected individuals without undue delay where the breach is likely to result in a high risk (GDPR Art. 34).
If you are located in the EEA, UK, or Switzerland, EU/UK GDPR applies to our processing of your personal data. The lawful bases we rely on are:
International Transfers from the EEA/UK. Your data is transferred to and stored in Australia and the United States. Such transfers are protected by Standard Contractual Clauses (SCCs) issued by the European Commission, or equivalent mechanisms. Our key processors and their safeguards:
Additional GDPR Rights. In addition to the rights in Section 12, EEA/UK users also have the right to: data portability (receive your data in a machine-readable format, Art. 20 GDPR); object to processing based on legitimate interests (Art. 21); restrict processing in certain circumstances (Art. 18); and lodge a complaint with your national Data Protection Authority (DPA). Contact hello@mysentimap.com to exercise any of these rights; we will respond within 30 days.
California Residents (CCPA/CPRA). You have the right to: (a) know what personal information is collected; (b) know whether it is sold or disclosed; (c) opt out of sale; (d) request deletion; (e) not be discriminated against for exercising these rights. We do not sell personal information. Aggregated anonymised sentiment data shared with API Partners is not a "sale" under the CCPA. Contact hello@mysentimap.com to exercise any of these rights.
CAN-SPAM Act. All marketing emails sent to US users comply with the CAN-SPAM Act: emails identify MySentiMap as the sender, include an accurate subject line, provide a functional unsubscribe link, and include our business contact information.
COPPA. MySentiMap is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn we have inadvertently done so, we will delete it immediately. Parents or guardians may contact us at hello@mysentimap.com.
If you are located in New Zealand, the New Zealand Privacy Act 2020 applies to our collection and handling of your personal information. You have the right to access and request correction of your personal information. Contact hello@mysentimap.com for any Privacy Act 2020 requests or complaints.
Residents of other jurisdictions retain any additional data protection rights granted by their local laws. These rights are not limited by this Policy. Contact hello@mysentimap.com for jurisdiction-specific requests.
For all privacy enquiries, rights requests, and security concerns, contact us at hello@mysentimap.com. We aim to respond within 5 business days.
If you are not satisfied with our response to a privacy complaint: