Privacy Policy

Last updated: November 20, 2025

1. Introduction

WagerKit ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our Event-Odds Integrity & Provenance Platform.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Authentication credentials (magic link tokens)
  • API keys you generate

2.2 Usage Data

We automatically collect:

  • API request logs (endpoints, timestamps, response codes)
  • IP addresses and user agents
  • Performance metrics and error logs
  • Feature usage analytics

2.3 Odds Data You Integrate

We process odds data from your connected sources but do not claim ownership. You retain all rights to your source data.

3. How We Use Your Information

We use collected data to:

  • Provide and maintain our services
  • Authenticate and authorize access
  • Monitor API usage and enforce rate limits
  • Generate integrity scores and divergence alerts
  • Improve platform performance and features
  • Communicate service updates and security notices
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal data. We may share information:

  • With your consent: When you explicitly authorize disclosure
  • Service providers: Cloud hosting (AWS/Azure), monitoring tools, payment processors
  • Legal compliance: When required by law, regulation, or court order
  • Business transfers: In the event of a merger, acquisition, or asset sale

5. Data Security

We implement industry-standard security measures:

  • TLS encryption for data in transit
  • Encryption at rest for sensitive data
  • API key authentication and rate limiting
  • Regular security audits and penetration testing
  • Access controls and audit logs

6. Data Retention

We retain data as follows:

  • Account data: Until account deletion + 30 days
  • API logs: 90 days for Pro, custom for Enterprise
  • Odds data: Based on your subscription tier (7-90 days or unlimited)
  • Billing records: 7 years for tax compliance

7. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request account and data deletion
  • Export: Download your data in machine-readable formats
  • Opt-out: Unsubscribe from marketing communications
  • Object: Object to certain data processing activities

Contact us at privacy@wagerkit.xyz to exercise these rights.

8. Cookies and Tracking

We use cookies for:

  • Session management and authentication
  • Analytics (anonymized usage data)
  • Performance monitoring

You can disable cookies in your browser settings, but some features may not function properly.

9. Third-Party Services

We integrate with:

  • Supabase: Authentication and user management
  • Stripe: Payment processing
  • AWS/Azure: Cloud infrastructure

These services have their own privacy policies governing data handling.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers.

11. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this privacy policy periodically. We will notify you of material changes via email or platform notice. Continued use after changes constitutes acceptance.

13. Contact Us

For privacy-related questions or requests:

  • Email: privacy@wagerkit.xyz
  • Data Protection Officer: dpo@wagerkit.xyz
  • Address: WagerKit, Inc. (address on file)

14. Jurisdiction-Specific Rights

14.1 GDPR (European Union)

If you are in the EU, you have additional rights under GDPR including data portability, the right to lodge complaints with supervisory authorities, and withdrawal of consent.

14.2 CCPA (California)

California residents have the right to know what personal information is collected, opt-out of sale (we don't sell), and request deletion without discrimination.

14.3 Other Jurisdictions

We comply with applicable data protection laws in all jurisdictions where we operate.