GDPR Compliance

General Data Protection Regulation

We are fully compliant with the General Data Protection Regulation (GDPR) and committed to protecting your data rights. This page explains how we handle your personal data in accordance with GDPR requirements.

1Your Data Rights 2Legal Basis for Processing 3Data Collection & Use 4Data Retention 5Data Security 6Data Transfers 7Third-Party Processors 8Cookies & Tracking 9Automated Decision Making 10Data Breach Procedures 11Contact Information 12Updates & Changes

1. Your Data Rights

Under GDPR, you have several important rights regarding your personal data. We are committed to upholding these rights:

Right of Access

You can request a copy of all personal data we hold about you, including how we use it and who we share it with.

Right of Rectification

You can request correction of inaccurate or incomplete personal data we hold about you.

Right of Erasure

You can request deletion of your personal data in certain circumstances (also known as the "right to be forgotten").

Right to Restrict Processing

You can request that we limit how we use your personal data in certain circumstances.

Right to Data Portability

You can request a copy of your data in a machine-readable format for transfer to another service.

Right to Object

You can object to our processing of your personal data in certain circumstances.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

Contract Performance

Processing necessary to provide our services and fulfill our contractual obligations to you.

Examples: Account creation, payment processing, service delivery

Legitimate Interest

Processing necessary for our legitimate business interests, provided these do not override your fundamental rights.

Examples: Service improvement, fraud prevention, marketing (with opt-out)

Consent

Processing based on your explicit consent, which you can withdraw at any time.

Security, analytics, service optimization

4. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Active Account Data

For the duration of your account plus 7 years

Legal compliance, service continuity

Financial Records

7 years from transaction date

Tax and regulatory requirements

Marketing Data

Until consent withdrawal or 2 years

Marketing purposes with consent

Analytics Data

2 years from collection

Service improvement and analytics

Support Communications

3 years from last contact

Customer service and quality improvement

Security Logs

1 year from generation

Security monitoring and incident response

5. Data Security

We implement comprehensive security measures to protect your personal data:

Encryption

All data is encrypted in transit and at rest using industry-standard encryption protocols.

Access Controls

Strict access controls ensure only authorized personnel can access personal data.

Monitoring

Continuous monitoring and logging of all data access and system activities.

Regular Updates

Regular security updates and vulnerability assessments to maintain protection.

6. Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure adequate protection through:

Adequacy Decisions: Transfers to countries with EU adequacy decisions
Standard Contractual Clauses: EU-approved data transfer agreements
Certification Schemes: Third-party certifications ensuring data protection
Binding Corporate Rules: Internal policies for multinational transfers

7. Third-Party Processors

We use carefully selected third-party processors who are GDPR compliant and process data only as instructed:

Payment Processors

Purpose: Secure payment processing

Data Shared: Payment information

Cloud Hosting

Purpose: Data storage and hosting

Data Shared: All service data

Analytics Services

Purpose: Service improvement

Data Shared: Usage analytics

Email Services

Purpose: Communication

Data Shared: Contact information

8. Cookies & Tracking

We use cookies and similar technologies in compliance with GDPR requirements:

Essential Cookies

Required for basic site functionality. Cannot be disabled.

Analytics Cookies

Help us understand how visitors use our site. Can be disabled.

Marketing Cookies

Used for personalized advertising. Require explicit consent.

You can manage your cookie preferences at any time through your account settings or browser settings.

9. Automated Decision Making

We may use automated decision-making processes, including profiling, for:

Betting Predictions: AI-powered analysis to provide betting recommendations
Fraud Detection: Automated systems to detect and prevent fraudulent activity
Personalization: Tailoring content and recommendations based on your preferences

You have the right to request human review of any automated decisions that significantly affect you.

10. Data Breach Procedures

In the unlikely event of a data breach, we have established procedures to ensure compliance with GDPR requirements:

Detection & Assessment

Immediate detection and assessment of the breach scope and impact

Notification

Notification to relevant authorities within 72 hours of discovery

User Communication

Communication to affected users when there is a high risk to their rights

Remediation

Implementation of measures to contain and remediate the breach

11. Contact Information

For any questions about our GDPR compliance or to exercise your data rights, please contact us:

Data Protection Officer

Email: contact@soccerbot.co.uk

Subject: GDPR Request

General Inquiries