Privacy Policy

DawBets ("we," "us," or "our") operates the website at dawbets.com and the DawBets progressive web app (collectively, the "Service"). DawBets is a sports betting analytics platform — we help you find positive expected value (+EV) bets by comparing odds across sportsbooks, calculating fair prices, and recommending wager sizes using the Kelly criterion. We are not a sportsbook. We do not accept bets, handle gambling deposits, or process any wagering transactions.

This Privacy Policy explains what information we collect, how we use it, who we share it with, and what choices you have. We believe in plain language, so we have kept legalese to a minimum.

By using DawBets you agree to the collection and use of information as described here. If you do not agree, please do not use the Service.

1. Information We Collect

Account Information

When you create an account we collect:

• Email address
• Password (stored only as a cryptographic hash — we never see or store your plaintext password)
• If you sign in with Google or X, we receive the OAuth profile your provider shares (typically name and email)

Subscription & Billing Information

When you subscribe to a paid plan, payment is handled entirely by Stripe. We store your Stripe customer ID and subscription tier so we can grant access to the features you paid for. We do not store your credit card number, expiration date, or CVC on our servers.

User-Generated Content

• Tracked bets — bets you choose to log in the app (sport, market, odds, stake, outcome, etc.)
• Preferences — your selected sportsbooks, favorite teams, odds format (American or decimal), risk tolerance setting, and theme preference (light, dark, or system)
• Boost builder presets — saved parlay configurations

Automatically Collected Information

• Analytics events — page views and feature-usage events sent to PostHog (see Section 3)
• Timezone — used to schedule emails at reasonable local times
• Device & browser metadata — standard HTTP headers (user agent, IP address) collected by our hosting provider, Vercel, in access logs

Push Notification Data

If you opt in to push notifications, we store a Web Push subscription endpoint and associated VAPID keys. This data is used solely to deliver the notifications you requested. You can unsubscribe at any time through your browser or device settings.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Authenticate your identity and manage your subscription
• Display personalized betting analytics (your tracked bets, preferred sportsbooks, filtered feeds)
• Process payments through Stripe and enforce tier-based feature access
• Send transactional emails (trial reminders, subscription confirmations, account notifications)
• Deliver push notifications you have opted into
• Analyze aggregate usage patterns to improve features and fix bugs
• Detect and prevent fraud, abuse, and security issues
• Handle referral attribution

We do not sell your personal information. We do not use your data for advertising. We do not share your tracked bets or preferences with sportsbooks or any third party for marketing purposes.

3. Third-Party Services

We rely on the following third-party services to operate DawBets. Each has its own privacy policy governing how it handles data:

4. Cookies & Local Storage

We use a small number of cookies that are essential to how the Service works. We do not use advertising cookies or third-party tracking cookies.

We also use localStorage in your browser to persist app state such as your parlay builder selections and onboarding progress. This data stays on your device and is never sent to our servers unless you take an action (like placing a parlay).

5. Data Retention

• Active accounts: We retain your data for as long as your account is active.
• Account deletion: When you delete your account (via Settings), we perform a soft delete. Your data is retained for a 30-day grace period in case you change your mind. After 30 days, a scheduled job permanently and irreversibly deletes your account and all associated data (profile, tracked bets, preferences, presets, shared bets).
• Stripe records: Stripe retains payment history according to its own retention policies and legal obligations. Deleting your DawBets account does not delete your Stripe payment history.
• Analytics data: PostHog retains pseudonymous event data and (where applicable) masked session replays according to its own retention policies. This data is not linked to your email or name after account deletion.
• Server logs: Vercel access logs are retained per Vercel's standard retention schedule (typically 30 days or less).

6. Data Security

We take reasonable measures to protect your data:

• All data in transit is encrypted via HTTPS/TLS
• Database data is encrypted at rest (Supabase/AWS infrastructure)
• Passwords are cryptographically hashed — we never store or have access to plaintext passwords
• Row-level security (RLS) ensures users can only access their own data in the database
• Server-side API routes enforce authentication and subscription tier checks before returning data
• Stripe webhook signatures are verified to prevent spoofing, and processed events are tracked for idempotency

No system is 100% secure. While we work hard to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately.

7. Your Rights & Choices

You have control over your data. Here is what you can do:

• Access & update your data: View and edit your profile, preferences, and tracked bets at any time through the app.
• Delete tracked bets: Remove any individual tracked bet from your account.
• Delete your account: Go to Settings and choose "Delete Account." Your data will be soft-deleted immediately and permanently removed after 30 days.
• Opt out of push notifications: Disable notifications through your browser or device settings at any time.
• Manage your subscription: Cancel or modify your subscription through the billing portal in Settings.
• Request your data: Contact us at support@dawbets.com to request a copy of the personal data we hold about you.

If you are a resident of California or another jurisdiction with specific privacy rights (CCPA, etc.), you may have additional rights including the right to know what data we collect, the right to deletion, and the right to opt out of the sale of personal information. As stated above, we do not sell personal information. To exercise any of these rights, email us at support@dawbets.com.

8. Children's Privacy

DawBets is not intended for anyone under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@dawbets.com and we will promptly delete that information.

9. International Users

DawBets is based in and primarily serves users in the United States. If you access the Service from outside the United States, please be aware that your data may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to this transfer.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you via email or an in-app announcement. We encourage you to review this page periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

Email:support@dawbets.com

Website:dawbets.com