Privacy Policy

This Privacy Policy is provided pursuant to Regulation (EU) 2016/679 (GDPR) and Italian Legislative Decree no. 196/2003 as amended. The data controller is:

Given the nature and scale of our processing activities, a Data Protection Officer is not required under GDPR Article 37. For privacy inquiries, contact us at the email above.

Account Information: Name, email, company/organization, professional role.

Technical Data: IP address, browser type, device type, operating system, access times.

Usage Data: Session activity, dashboard interactions, alert preferences, audit logs.

If you enable push notifications, we also collect browser subscription endpoints and cryptographic keys for secure message delivery.

Providing account data (name, email, company) is a contractual requirement necessary to access the Service. Without it, we cannot create your account or provide access. Technical and usage data is collected automatically during your use of the platform.

Legitimate Interests (GDPR Art. 6(1)(f)): We process personal data based on our legitimate interests in:

• Providing the monitoring service to our B2B clients and their authorized personnel
• Platform security (preventing unauthorized access, IP-based session authentication)
• Maintaining audit trails for compliance and regulatory requirements
• Improving service performance and reliability

These legitimate interests do not override your fundamental rights given the B2B nature of our Service, the professional context of data processing, and the limited categories of data involved.

Contract Performance (GDPR Art. 6(1)(b)): Where you or your organization have directly contracted with us, processing is also necessary to perform that agreement.

Consent (GDPR Art. 6(1)(a)): Push notifications are sent only with your explicit consent. You may withdraw consent at any time by disabling push notifications in your browser or dashboard settings, without affecting the lawfulness of processing carried out before withdrawal.

Automated Decision-Making: The platform uses algorithmic analysis to generate alerts on odds movements. These algorithms process market data (odds, lines, bookmaker status) — not your personal data. No automated decisions are made about you based on profiling of your personal data.

Hosting: Our platform is hosted on Hetzner Online GmbH in Germany (EU). Hetzner processes data as a data processor under a GDPR-compliant Data Processing Agreement.

No Third-Party Analytics: We do not use third-party analytics services, advertising networks, or tracking pixels. We do not sell or share your data for marketing purposes.

No EEA Transfers: Your personal data is processed and stored exclusively within the European Economic Area.

Legal Disclosure: We may disclose data if required by law, regulation, or legal process, or to protect our rights, property, or safety.

Categories of Recipients: Beyond our hosting provider, your data may be shared with: push notification delivery services (if enabled), email service providers for account communications, and your organization’s administrators. We do not share personal data with any other third parties.

We retain data for up to the following periods:

Account data retention is measured from the date of account deletion or contract termination. We may delete data before these maximum periods expire in accordance with our internal data management policies. Data may be retained longer where required by applicable law.

Under the GDPR (Articles 15–22), you have the right to:

• Access your personal data
• Rectify inaccurate or incomplete data
• Erase your data (“right to be forgotten”)
• Restrict processing in certain circumstances
• Data Portability – receive your data in a structured format
• Object to processing based on legitimate interests

Where processing is based on consent (e.g., push notifications), you have the right to withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise these rights, contact us at the email listed in Section 1. We will respond within 30 days. You also have the right to lodge a complaint with a supervisory authority (see Section 8).

Essential Cookies Only: We use a single session cookie (session_id) for authentication. No tracking or advertising cookies.

Local Storage: Theme preferences and dashboard settings are stored locally in your browser.

Security: All data in transit is encrypted via TLS/HTTPS. Sessions are bound to your IP address. Passwords are hashed using industry-standard algorithms. Access is role-based.

You are responsible for maintaining the security of your account credentials. While we implement robust security measures, no method of electronic transmission or storage is completely secure.

You have the right to lodge a complaint with a supervisory authority. We encourage you to contact us first so we can attempt to resolve your concern. The Italian supervisory authority is:

We may modify this Privacy Policy from time to time. For material changes affecting your rights or the legal basis of processing, we will provide at least 15 days notice via email or platform notification and, where required, seek your renewed consent before applying changes.

For terms governing your use of the Service, see our Terms of Service.