Back to home

Privacy Policy

Oddsy legal information.

Privacy Policy

Last Updated: March 16, 2026

Effective Date: March 16, 2026

1. Introduction

Welcome to Oddsy ("we", "us", "our"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

We collect several types of information from and about users of our Service.

2.1 Information You Provide Directly

Account Information:

  • Email address
  • Display name or username
  • Password (encrypted)
  • Profile picture (optional)
  • Date of birth (optional, only if you choose to provide it)

Payment Information:

  • Payment information is processed by third-party payment processors (Stripe, Apple, Google)
  • We do NOT store your full credit card numbers or payment details
  • We receive confirmation of payment and subscription status only

Communications:

  • Messages you send us (support requests, feedback)
  • Survey responses
  • Contest or promotion entries

Betting Activity (Optional):

  • Bets you track in our Performance Tracker tool
  • Stake sizes you calculate using our Stake Sizer
  • Accumulators you create in Smart Picks
  • This data is stored locally on your device and optionally synced to our servers if you enable cloud backup

2.2 Information Collected Automatically

Usage Data:

  • Pages or screens you visit
  • Time and date of visits
  • Time spent on pages
  • Features you use
  • Predictions you view
  • Tools you access
  • Search queries
  • Clicks and interactions

Device Information:

  • Device type and model
  • Operating system and version
  • Unique device identifiers (IDFA on iOS, Advertising ID on Android)
  • Mobile network information
  • IP address
  • Browser type and version
  • Time zone and language settings

Location Data:

  • Approximate location based on IP address
  • Precise location (only if you grant permission) for localized content
  • We do NOT track your location continuously

Analytics and Cookies:

  • We use cookies, web beacons, and similar tracking technologies
  • Analytics services (Google Analytics, Firebase Analytics)
  • Performance monitoring (Sentry)
  • Advertising identifiers (for ad targeting in Free tier)

2.3 Information from Third Parties

Social Media:

  • If you sign in with Google, Apple, or Facebook, we receive:
    • Name
    • Email address
    • Profile picture
    • User ID from that platform

Sports Data Providers:

  • We receive sports statistics, odds, and match data from API-Football and other providers
  • This data is not personal to you

Payment Processors:

  • Subscription status and payment confirmation from Stripe, Apple, Google
  • We do NOT receive your full payment details

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Provide and Improve the Service

  • Create and manage your account
  • Process subscriptions and payments
  • Deliver predictions, analysis, and tools
  • Personalize your experience
  • Improve our algorithms and models
  • Develop new features
  • Troubleshoot technical issues
  • Provide customer support

3.2 Communications

  • Send service announcements and updates
  • Respond to your inquiries
  • Send marketing communications (with your consent)
  • Notify you of changes to Terms or Privacy Policy
  • Send push notifications (with your permission)

3.3 Analytics and Research

  • Understand how users interact with the Service
  • Analyze usage patterns and trends
  • Measure effectiveness of features
  • Conduct research to improve prediction accuracy
  • Generate aggregated, anonymized statistics

3.4 Advertising (Free Tier Only)

  • Display relevant advertisements
  • Measure ad performance
  • Frequency capping (limit how often you see the same ad)
  • Paid tiers (Predict and Pro) are ad-free

3.5 Security and Fraud Prevention

  • Detect and prevent fraud, abuse, and illegal activity
  • Protect against security threats
  • Enforce our Terms of Service
  • Comply with legal obligations

3.6 Legal Compliance

  • Comply with applicable laws and regulations
  • Respond to legal requests (subpoenas, court orders)
  • Protect our rights and property
  • Resolve disputes

7. Data Security

7.1 Security Measures

We implement appropriate technical and organizational measures to protect your data:

Technical Measures:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Secure password hashing (bcrypt)
  • Regular security audits and penetration testing
  • Firewall and intrusion detection systems
  • Secure API authentication (JWT tokens)

Organizational Measures:

  • Access controls (least privilege principle)
  • Employee training on data protection
  • Confidentiality agreements with staff and contractors
  • Incident response procedures
  • Regular backups

7.2 Limitations

No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for:

  • Keeping your password secure
  • Not sharing your account
  • Using a secure internet connection
  • Reporting suspicious activity

7.3 Data Breaches

In the event of a data breach that affects your personal data, we will:

  • Notify you within 72 hours (as required by GDPR)
  • Inform relevant authorities
  • Take steps to mitigate harm
  • Provide guidance on protective measures

8. International Data Transfers

8.1 Where Your Data is Stored

Our servers are located in:

  • European Union (primary)
  • United States (backup and analytics)
  • United Kingdom

Your data may be transferred to, stored, and processed in countries other than your own.

8.2 Transfer Safeguards

When we transfer data internationally, we use appropriate safeguards:

  • EU-US Data Privacy Framework (for US transfers)
  • Standard Contractual Clauses (EU Commission approved)
  • Adequacy decisions (for countries with adequate protection)
  • Encryption during transfer and at rest

8.3 Your Rights

If you are in the EU/EEA or UK, you have rights regarding international transfers. Contact us at teamoddsy@gmail.com for more information.

9. Children's Privacy

9.1 Not directed to children

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13.

9.2 Parent / guardian notice

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at teamoddsy@gmail.com. We will delete such information promptly.

9.3 Deletion on request

If we learn we have collected personal information from a child under 13, we will take steps to delete it.

10. Cookies and Tracking Technologies

10.1 What Are Cookies

Cookies are small text files stored on your device. We use cookies and similar technologies (web beacons, pixels, local storage) to:

  • Remember your preferences
  • Keep you logged in
  • Analyze usage patterns
  • Deliver personalized content
  • Measure ad performance

10.2 Types of Cookies We Use

Essential Cookies (cannot be disabled):

  • Authentication and session management
  • Security and fraud prevention
  • Load balancing

Functional Cookies (can be disabled):

  • Remember your preferences (theme, language)
  • Personalize your experience

Analytics Cookies (can be disabled):

  • Google Analytics (usage statistics)
  • Firebase Analytics (app performance)
  • Sentry (error tracking)

Advertising Cookies (Free tier only, can be disabled):

  • Google AdMob (ad delivery)
  • Ad measurement and attribution

10.3 Managing Cookies

Browser Settings:

  • Most browsers allow you to refuse or delete cookies
  • Disabling cookies may affect functionality

Mobile App:

  • iOS: Settings > Privacy > Tracking
  • Android: Settings > Google > Ads > Opt out of Ads Personalization

Opt-Out Tools:

  • Google Analytics Opt-out: tools.google.com/dlpage/gaoptout
  • Network Advertising Initiative: optout.networkadvertising.org
  • Digital Advertising Alliance: optout.aboutads.info

10.4 Do Not Track

Some browsers have "Do Not Track" (DNT) features. We do not currently respond to DNT signals, but you can use the opt-out methods above.

11. Third-Party Links and Services

11.1 External Links

The Service may contain links to third-party websites, apps, or services (e.g., bookmakers, news sites). We are not responsible for their privacy practices. We encourage you to read their privacy policies.

11.2 Social Media

If you interact with social media features (share buttons, login with Google/Facebook), those platforms may collect information about you. Their privacy policies apply.

11.3 Third-Party SDKs

Our mobile app uses third-party SDKs that may collect data:

  • Firebase (Google): Analytics, authentication, cloud messaging
  • Sentry: Error tracking
  • Stripe: Payment processing
  • RevenueCat: Subscription management (if applicable)

Each SDK has its own privacy policy.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

12.1 Right to Know

You have the right to request:

  • Categories of personal information we collect
  • Sources of that information
  • Purposes for collecting or selling it
  • Categories of third parties we share it with
  • Specific pieces of personal information we hold about you

12.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

12.3 Right to Opt-Out of Sale

We do NOT sell your personal information. If this changes, we will provide an opt-out mechanism.

12.4 Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights.

12.5 How to Exercise Your Rights

  • Email: teamoddsy@gmail.com
  • Subject: "CCPA Request"
  • Include: Your name, email, and specific request
  • Verification: We may ask for verification to protect your privacy
  • Response time: 45 days (may extend to 90 days for complex requests)

12.6 Authorized Agent

You may designate an authorized agent to make requests on your behalf. We may require proof of authorization.

13. European Privacy Rights (GDPR)

If you are in the European Union, European Economic Area, or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

13.1 Legal Basis for Processing

We process your data based on:

  • Contract: To provide the Service you subscribed to
  • Consent: For marketing communications, cookies, location data
  • Legitimate interests: To improve the Service, prevent fraud, ensure security
  • Legal obligation: To comply with laws (e.g., tax, anti-money laundering)

13.2 Your GDPR Rights

  • Right of access: Obtain a copy of your data
  • Right to rectification: Correct inaccurate data
  • Right to erasure: Delete your data ("right to be forgotten")
  • Right to restrict processing: Limit how we use your data
  • Right to data portability: Receive your data in a portable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time
  • Right to lodge a complaint: File a complaint with your supervisory authority

13.3 Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer:

Email: teamoddsy@gmail.com Subject: "GDPR Inquiry"

13.4 Supervisory Authority

UK: Information Commissioner's Office (ICO) - ico.org.uk EU: Your local data protection authority

14. Changes to This Privacy Policy

14.1 Updates

We may update this Privacy Policy from time to time. When we make changes:

  • We will update the "Last Updated" date at the top
  • We will notify you via email or in-app notification
  • For material changes, we may require renewed consent

14.2 Review

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes constitutes acceptance of the updated policy.

14.3 Material Changes

For material changes that significantly affect your privacy rights, we will:

  • Provide at least 30 days' notice
  • Clearly explain the changes
  • Offer an opt-out or account deletion option

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Privacy Inquiries: Email: teamoddsy@gmail.com

Data Protection Officer (GDPR): Email: teamoddsy@gmail.com Subject: "GDPR Inquiry"

Support: Email: teamoddsy@gmail.com

Website: Contact Form

Company: Oddsy United Kingdom

Response Time: We aim to respond to all inquiries within 7 business days.

For urgent privacy matters, please use subject line: "URGENT PRIVACY REQUEST"

16. Specific Disclosures

16.1 Information We Collect (Summary)

Category Examples Purpose
Identifiers Name, email, device ID Account management, authentication
Commercial Subscription tier, payment status Billing, service delivery
Usage Data Pages viewed, features used Analytics, improvement
Device Data OS, browser, IP address Technical support, security
Location IP-based location Localized content
Betting Activity Tracked bets (optional) Performance tracking tool

16.2 How We Share Information (Summary)

Recipient Purpose Data Shared
Service Providers Hosting, analytics, payments As needed for service
Advertising Partners Ad delivery (Free tier) Device ID, usage data
Legal Authorities Compliance with law As required by law
Business Successors Merger or acquisition All data

16.3 Data Retention (Summary)

Data Type Retention Period
Account data Until deletion + 30 days
Usage data 24 months
Payment records 7 years
Support communications 3 years
Analytics (aggregated) Indefinitely

17. Glossary

Personal Data: Information that identifies you or can be used to identify you.

Processing: Any operation performed on personal data (collection, storage, use, disclosure, deletion).

Controller: The entity that determines the purposes and means of processing (Oddsy).

Processor: An entity that processes data on behalf of the controller (our service providers).

Consent: Freely given, specific, informed agreement to processing.

Legitimate Interest: A lawful basis for processing when it's necessary for our business and doesn't override your rights.

Data Subject: An individual whose personal data is processed (you).

Supervisory Authority: A government body that enforces data protection laws (e.g., ICO in the UK).

18. Acknowledgment

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT:

  1. You have read and understood this Privacy Policy
  2. You consent to the collection, use, and disclosure of your information as described
  3. You understand your rights and how to exercise them
  4. You understand the Service is not directed to children under 13
  5. You understand that we may update this policy from time to time

Last Updated: March 16, 2026

Version: 1.0

Thank you for trusting Oddsy with your data. We are committed to protecting your privacy.

4. How We Share Your Information

We do NOT sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

Infrastructure and Hosting:

  • Railway (backend hosting)
  • Amazon Web Services (AWS) or similar cloud providers
  • Content delivery networks (CDNs)

Analytics:

  • Google Analytics (usage analytics)
  • Firebase Analytics (app analytics)
  • Sentry (error tracking)

Payment Processing:

  • Stripe (web subscriptions)
  • Apple (iOS subscriptions)
  • Google (Android subscriptions)

Communications:

  • Email service providers (SendGrid, Mailgun, or similar)
  • Push notification services (Firebase Cloud Messaging, Apple Push Notification Service)

Advertising (Free Tier):

  • Google AdMob or similar ad networks
  • Ad measurement and attribution partners

Sports Data:

  • API-Football (sports statistics and odds)

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Business Transfers

If Oddsy is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the new owner. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders or subpoenas
  • Legal processes or government requests
  • Requests from law enforcement
  • Protection of our rights, property, or safety
  • Protection of users or the public

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

4.5 Aggregated Data

We may share aggregated, anonymized data that cannot identify you:

  • "70% of users view Over/Under markets"
  • "Average user views 15 predictions per week"
  • Industry research and reports

5. Data Retention

5.1 How Long We Keep Your Data

  • Account data: Until you delete your account, plus 30 days for backup retention
  • Usage data: 24 months
  • Payment records: 7 years (for tax and legal compliance)
  • Support communications: 3 years
  • Analytics data: 24 months (aggregated data may be kept indefinitely)

5.2 Account Deletion

You can delete your account at any time through account settings. Upon deletion:

  • Your personal data will be deleted within 30 days
  • Some data may be retained for legal or security purposes
  • Aggregated, anonymized data may be retained
  • Backup copies may persist for up to 90 days

6. Your Rights and Choices

Depending on your location, you may have the following rights:

6.1 Access and Portability

  • Right to access: Request a copy of your personal data
  • Right to portability: Receive your data in a machine-readable format
  • How: Contact us at teamoddsy@gmail.com

6.2 Correction and Deletion

  • Right to correct: Update inaccurate or incomplete data
  • Right to delete: Request deletion of your data ("right to be forgotten")
  • How: Through account settings or by contacting teamoddsy@gmail.com

6.3 Opt-Out and Restrictions

  • Marketing emails: Unsubscribe link in emails or account settings
  • Push notifications: Device settings or app settings
  • Cookies: Browser settings (may affect functionality)
  • Personalized ads: Device settings (iOS: Limit Ad Tracking; Android: Opt out of Ads Personalization)
  • Right to restrict processing: Limit how we use your data

6.4 Object and Withdraw Consent

  • Right to object: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw consent for data processing (may limit Service functionality)

6.5 Complaints

  • Right to complain: File a complaint with your data protection authority
  • UK: Information Commissioner's Office (ICO) - ico.org.uk
  • EU: Your local data protection authority