Privacy Policy: Your Data Rights in Gaming Compliance

Effective Date: January 15, 2025

Here's what BettingFlows does with your information - no legalese, just facts.

What We Collect (And Why)

When you work with us on gaming licenses or payment processing, we gather three types of data:

  • Business Information: Company details, ownership structures, financial statements. Required for regulatory applications - gaming commissions demand this before issuing licenses.
  • Technical Data: IP addresses, browser types, site usage patterns. Helps us optimize our platform and catch security threats before they impact your operations.
  • Communication Records: Emails, consultation notes, support tickets. We keep these to maintain service continuity and prove compliance if regulators audit our processes.

How Your Data Gets Used

We use collected information for four specific purposes:

  1. License Applications: Submitting your documentation to state gaming boards, tribal authorities, and federal agencies. This is the core service you're paying for.
  2. Payment Processing: Setting up merchant accounts, configuring transaction routing, managing chargeback disputes. Your financial data stays encrypted and isolated from other clients.
  3. Compliance Monitoring: Tracking regulatory changes that affect your licenses. When Iowa updates its responsible gaming requirements, you get alerted within 48 hours.
  4. Service Improvement: Analyzing application success rates to refine our submission strategies. Your individual data stays anonymous in these reviews.

Who Sees Your Information

Three categories of third parties may access your data:

Regulatory Bodies: State gaming commissions, tribal gaming agencies, and federal entities receive whatever their applications require. We don't control their data practices - each jurisdiction has separate privacy rules.

Service Partners: Payment processors, KYC verification providers, and geolocation vendors. They see only what's needed for their specific function. Example: our geolocation partner never sees your financial statements.

Legal Obligations: If subpoenaed or audited, we provide requested records. This has happened twice in 8 years - both times during routine regulatory reviews, not enforcement actions.

Your Data Rights

You can request:

  • Access: Full copies of what we've collected about your business
  • Corrections: Updates to outdated or inaccurate information
  • Deletion: Removal of data not required for regulatory retention (most gaming documents must be kept 7-10 years per state law)
  • Portability: Transferable formats if you switch service providers

Security Measures

We protect your data with:

  • 256-bit encryption for data at rest and in transit
  • SOC 2 Type II certified infrastructure
  • Role-based access controls (analysts can't see payment credentials)
  • Annual third-party penetration testing

Changes to This Policy

When we update these terms, active clients get 30 days' notice via email. Material changes - like adding new data collection practices - require your explicit consent before taking effect.

Questions?

Contact our privacy team: [email protected] or call +1 (555) 024-7890. Response time averages 2 business days.

This policy covers BettingFlows services only. Third-party platforms (gaming software providers, affiliate networks) have separate privacy practices - review those directly with each vendor.