Privacy Policy

Last updated: April 2026

This policy describes what personal data TickOdds collects, how we use it, and your rights under applicable laws (including GDPR and CCPA where relevant).

1. Data we collect

• Account data. Email address, plan tier, API key metadata. No passwords are stored; authentication is via Stripe-backed customer portal and API-key presentation.
• Billing data. Handled by Stripe, Inc. We receive subscription status, last-four card digits, and country for tax purposes. We never see or store full card numbers.
• Usage data. Request counts, rate-limit events, endpoints called, and aggregate latency metrics. We retain per-key usage for 90 days for support and rate-limit enforcement.
• Website analytics. Privacy-friendly, cookieless analytics (aggregated page views and referrers). No cross-site tracking.
• Support communications. Emails you send us are retained for customer-service purposes.

2. Data we do not collect

• Your actual wagers or betting positions.
• Any personal data belonging to players, teams, or end users of your app.
• Browsing behavior outside our domain.

3. How we use data

• To operate and support the Service (authentication, billing, rate limiting).
• To prevent abuse and enforce Terms (e.g., detecting key sharing).
• To communicate operational changes, security incidents, or policy updates.
• To improve the product via aggregate, anonymized usage analysis.

We do not sell personal data and do not show ads.

4. Third-party processors

• Stripe, Inc. (billing) — subject to their privacy policy at stripe.com/privacy.
• Cloud infrastructure providers (compute, storage, DNS) — data is stored in encrypted form at rest.
• Email provider for transactional email.

5. Retention

• Account data: for the life of the account and 12 months after closure.
• Usage data: 90 days.
• Support communications: 24 months.
• Billing records: 7 years (legal requirement).

6. Your rights

You can:

• Request a copy of the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion (subject to legal retention requirements, e.g., billing records).
• Withdraw consent for non-essential communications at any time.

Email privacy@tickodds.com to exercise any of these rights. We respond within 30 days.

7. Security

Data is encrypted in transit (TLS 1.2+) and at rest. API keys are hashed, never stored in plain text. We publish security incidents at /changelog.

8. Children

TickOdds is not directed at anyone under 18. We do not knowingly collect data from minors.

9. Contact

Questions about privacy? Email privacy@tickodds.com.

Terms of Service