Bet Playground (“the App”) is a simulated sports betting application. No real money is involved. This policy describes how we collect, use, and protect your information.
1. Information We Collect
Account Information
When you create an account, we collect:
Email address — used as your login identifier
Password — stored securely using industry-standard hashing; we never store plaintext passwords
Usage Data
We collect basic usage data to operate the App:
Simulated betting activity — bets placed, stakes, outcomes, and simulated balance (all using virtual currency only)
Transaction history — deposits and betting activity within the App's virtual currency system
Support tickets — subject, message body, and category when you contact support via the in-app Help & Support screen. Visible to you and to our admin team only.
Technical Data
Device type and operating system version — for app compatibility
IP address — for authentication and security purposes
Country/region code — sent by the app via a request header for geo-restriction compliance. Derived from your device locale, not GPS. Used only to block access from jurisdictions where simulated gambling apps are restricted. Not stored.
Crash reports and diagnostic data — when the app crashes or hits a handled error, a stack trace (function names, line numbers) plus device model, OS version, and app version are sent to our crash-reporting provider (Sentry). No message bodies, bet details, balances, passwords, tokens, email addresses, or IP addresses are included. We use the data solely to diagnose and fix bugs. You can opt out at any time via your device settings → Privacy → Analytics & Improvements → Share With App Developers.
Product analytics — a small, explicit set of event names (such as “user_logged_in”, “bet_placed”, “loss_limit_set”) together with structural properties (bet type, stake in cents, duration in days) are sent to our analytics provider (PostHog Cloud, EU region). Events are keyed by an opaque internal identifier (Cognito sub, not your email or username). No match names, team names, bet selections, opponent identities, chat messages, passwords, or authentication tokens are included. We use the data solely to understand aggregate funnel behaviour (sign-up → first bet → return-day retention) so we can improve the product. You can opt out at any time from your profile screen (Legal & Privacy → Product analytics); once toggled off, no further events leave your device. You can also opt out by deleting your account.
Push Notification Data (optional)
APNs device token — if you allow push notifications, Apple issues an opaque device token to the App. We store that token (plus the build environment — sandbox or production) against your account so we can send the notifications you have opted in to (bet-settled confirmations). The token is rotated by Apple periodically; we delete stale tokens on receipt of a new one and when you sign out or delete your account. We do not send the token, or any push-notification content, to any third party other than Apple’s Push Notification service, which is the transport mechanism required by iOS to deliver notifications.
Optional Security Data
Two-factor authentication (TOTP) — if you enable MFA, a shared secret is stored in our authentication provider (AWS Cognito) and used to validate time-based one-time passwords. We do not store the secret in our application database.
Biometric unlock (Face ID / Touch ID) — if you enable biometric unlock from the profile screen, the biometric check happens entirely on your device via Apple’s LocalAuthentication framework. We do not receive or store your biometric data in any form; we only store a local preference flag (on your device) that remembers whether you have enabled the feature.
2. What We Do NOT Collect
Payment information — the App does not process real payments of any kind
Precise location data — the App does not request GPS or track your location. The country/region code described above is derived from your device locale setting, not from location services
Contacts, photos, or other personal data — the App does not access any device data beyond what is listed above
Advertising identifiers — the App does not serve ads or track you for advertising
3. How We Use Your Information
To create and maintain your account
To operate the simulated betting features
To display your virtual balance and transaction history
To secure your account against unauthorized access
4. Data Storage and Security
Your data is stored on secured servers hosted on Amazon Web Services (AWS) in the EU West (London) region
Authentication is managed by AWS Cognito. Passwords are hashed by Cognito using industry-standard algorithms; we never store or see plaintext passwords
API communication is authenticated using JSON Web Tokens (JWT)
We implement reasonable security measures to protect your data, including encrypted database storage, restricted network access, and multi-factor authentication for administrative accounts
5. Data Sharing
We do not sell, rent, or share your personal information with third parties, except:
When required by law or legal process
To protect the rights, safety, or property of our users or the public
We use the following third-party services to operate the App:
Odds-API.io — real-time sports odds data. No user data is sent to this service; we only retrieve publicly available match and odds information
Sentry (sentry.io) — crash and error reporting. Receives only the technical diagnostic data described in Section 1 (“Crash reports and diagnostic data”). No personal information, no message content, no bet details. Crash events may include an internal user identifier (Cognito sub — an opaque UUID, not your email) so that recurring crashes can be grouped per user
PostHog (eu.posthog.com, EU/Frankfurt region) — product analytics. Receives only the event data described in Section 1 (“Product analytics”) — a small catalog of named events with structural properties, keyed by the opaque Cognito sub. Hosted in the European Union to keep analytics data in the same jurisdiction as our primary infrastructure (AWS eu-west-2). No match names, team names, bet selections, messages, or authentication material is sent
Apple Push Notification service (APNs) — when you opt in to push notifications, your device token and any notifications we send to you pass through Apple’s APNs. No personal data beyond the opaque device token is shared with Apple. APNs is the only way iOS delivers push notifications; opting out of notifications in your device settings or in-app disables this flow entirely.
6. Data Retention and Deletion
Account data is retained while your account is active
You can delete your account at any time from your profile screen in the App. Deletion removes all personal data (account, wallet, bets, betting history, Fantasy league data, support tickets, friend connections, and group memberships) and permanently deletes your authentication identity
Administrative audit logs (which record actions like balance adjustments and support responses) are retained for compliance and security purposes. These logs reference your account by an opaque identifier and do not contain the personal data that was deleted
You may also request deletion by contacting us
7. Children's Privacy
The App is not intended for children under 17. We do not knowingly collect information from children under 17. If you believe a child has provided us with personal information, please contact us and we will delete it.
8. Your Rights
You have the right to:
Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your account and data
Withdraw consent at any time by deleting your account
9. Changes to This Policy
We may update this policy from time to time. We will notify users of material changes through the App or by email.
10. Contact Us
For questions about this privacy policy or to request data deletion, contact: