Privacy Policy

This Privacy Policy explains what data TipsBattle collects, how we use it, and the rights you have over it. By using TipsBattle, you agree to the practices described here.

We comply with the GDPR (for EU/UK users) and CCPA (for California users). If your jurisdiction has additional protections, those apply on top.

We collect three categories of data:

• Account data — email, username, password hash, plan tier, account creation date
• Usage data — which picks you view, save, or back; chat history (if you use AI Chat); pages visited; session duration
• Billing data — payment processor token (Stripe) or crypto wallet address; invoice records; we do not store your full card number or private keys

We do not collect: location, contacts, microphone/camera data, or anything outside our service.

We use your data to:

• Operate and maintain your account
• Process payments and issue invoices
• Send transactional emails (password resets, billing notices)
• Send marketing emails — only if you opt in
• Improve our predictions and AI models (aggregated/anonymized usage patterns only)
• Detect fraud and prevent abuse

We share data only with the service providers we need to operate, under strict confidentiality contracts:

• Stripe — credit/debit card payment processing
• Coinbase Commerce / BitPay — crypto payment processing
• Resend / Postmark — transactional email delivery
• Cloudflare — CDN, DDoS protection, analytics (anonymized IPs)
• Sentry — crash reporting (no personal data attached)

Note — We never share, sell, or rent your data to bookmakers, advertisers, or any third party for marketing purposes.

We use a small number of cookies — strictly necessary cookies for login/session, and aggregated analytics cookies (anonymized via Cloudflare/Plausible). No third-party advertising trackers, no Facebook pixels, no Google Analytics. You can disable non-essential cookies from the banner shown on first visit.

You have the right to:

• Access — request a full export of everything we hold on you (JSON download)
• Correct — fix any inaccurate data via your account settings
• Delete — permanently delete your account and all associated data
• Restrict — pause specific processing activities (e.g. marketing emails)
• Object — withdraw consent for marketing communications anytime
• Portability — receive your data in a machine-readable format

Most of these can be done with one click from Account → Danger Zone. For more complex requests, email privacy@tipsbattle.co — we respond within 30 days.

We keep account data for as long as your account is active. After deletion, we keep an anonymized backup for 30 days (in case of accidental deletion), then permanently remove it.

Billing records are retained for 7 years to comply with financial regulations. These are stored separately and contain no behavioral data.

We protect your data with industry-standard security:

• TLS 1.3 encryption in transit (HTTPS everywhere)
• AES-256 encryption at rest for sensitive fields
• Bcrypt password hashing with high cost factor
• Optional TOTP-based 2FA on every account
• Quarterly security audits and penetration tests
• Principle of least privilege for staff access

No system is 100% secure. In the unlikely event of a breach affecting your data, we will notify you within 72 hours as required by GDPR.

TipsBattle is not intended for users under 18 years of age (or the legal gambling age in your jurisdiction). We do not knowingly collect data from minors. If we learn we have collected data from a person under 18, we will delete it immediately.

Our servers are located in the EU. If you access TipsBattle from outside the EU, your data may be transferred to and processed in the EU. We use Standard Contractual Clauses (SCCs) for any international transfers involving personal data of EU/UK residents.

We may update this policy occasionally. Material changes will be communicated via email at least 30 days before taking effect. The “Last updated” date at the top of this page always reflects the current version.

Privacy questions: privacy@tipsbattle.co. Our Data Protection Officer (DPO) responds within 5 business days. For urgent legal matters, contact legal@tipsbattle.co.