BetAtlas Privacy Policy

Effective date: 2026-05-17 Last updated: 2026-05-17

⚠️ Pending legal review. Substance reflects what the app actually collects + processes per the codebase. A licensed attorney should review before this is treated as the final published version, especially around US sports-betting-adjacent activity, GDPR / UK GDPR, and CCPA / CPRA.

1. About this policy

This Privacy Policy explains how 4 BETTOR INSIGHT LLC ("BetAtlas," "we," "us," or "our") collects, uses, shares, and protects information about you when you use the BetAtlas mobile application, our backend services, and any related features (collectively, the "Service").

BetAtlas is a sports-betting tracker. We connect to your sportsbook accounts on your behalf with credentials you provide, sync your bet history into a unified dashboard, and surface analytics on your betting performance. We do not place bets, move money, or operate gambling infrastructure.

If you have questions about this policy or want to exercise your privacy rights, contact us at privacy@4bettorinsight.com.

2. Information we collect

2.1 Account information

When you sign up or sign in, we collect:

Email address (required).
Password — stored only as a one-way Argon2 hash; we never see or store your plaintext password.
Google or Apple OAuth identifier — if you sign in via "Sign in with Google" or "Sign in with Apple," we receive a stable account identifier from the provider, but no email metadata beyond what you'd consent to in the OAuth prompt.
Two-factor authentication secrets and backup codes — if you enable TOTP-based 2FA, we store the shared secret used to verify your codes and a small number of single-use backup codes.

In Account Settings you can also optionally provide additional profile information, which we store only as you supply it:

Display name — used to personalize the in-app experience.
Username — a unique handle of your choice.
Phone number — used only if you opt in to phone-based features (e.g. SMS account recovery, push delivery). We never share your phone number with advertisers or other third parties.

These profile fields are all optional. You can leave them blank, edit them, or clear them at any time from Account Settings.

2.2 Sportsbook credentials and session data

To sync your bet history, we ask you to connect each sportsbook account in one of two ways:

Credential connection: You enter your sportsbook username and password into the BetAtlas app. We encrypt these credentials at rest using AES-256-GCM before storing them in our database. They are decrypted only in memory at the moment a scrape job runs and are never transmitted to any party other than the sportsbook itself.
Cookie connection: For some sportsbooks, you log in inside an embedded browser inside the BetAtlas app. We capture the resulting session cookies and encrypt them with the same AES-256-GCM scheme. The cookies are decrypted in memory when our scraper restores your session and are never shared.

We never sell, share, or otherwise transmit your sportsbook credentials or session data to any third party. We never log credentials in our application or error logs.

We collect your betting activity from each connected sportsbook, including:

Bet placement timestamp and graded (settled) timestamp
Amount wagered, potential payout, and final result
Sport, league, event, selection, line, odds, and bet type
Bet status (pending, won, lost, push, canceled)
Bet structure (single, parlay, prop, future, etc.)

You may also import bets manually by uploading a CSV file from your sportsbook. The same fields are captured, plus a copy of the original CSV row for later re-parsing if our schema changes.

2.4 Subscription information

If you upgrade to a paid plan, we record your subscription tier (free or Pro) and basic subscription metadata from our payment processor (RevenueCat), including a non-payment-card subscription identifier, the subscription status, and the renewal or expiry date. We never receive or store your credit-card or payment-instrument information — that stays with Apple, Google, or our subscription processor.

2.5 Device and advertising information

If you use the free tier, our advertising provider (Google AdMob) collects information about your device, including:

Device advertising identifier (IDFA on iOS, AAID on Android)
IP address (used briefly to fetch ads and for fraud detection)
Approximate device type, OS version, and language

On iOS, we ask for your permission via the App Tracking Transparency prompt before allowing AdMob to use your IDFA for personalized ads. You can decline this prompt or change your choice later in iOS Settings → Privacy & Security → Tracking; AdMob will continue to serve non-personalized ads.

Pro subscribers see no ads and we do not pass any device identifiers to AdMob.

2.6 AI Analytics chat

If you use the AI Analytics feature (available to Pro subscribers), we send the following to our LLM provider (Anthropic) to generate a response:

A summary of your last 90 days of bet activity, including aggregate P&L, win rate, and category breakdowns
Your most recent ~50 bets (placement timestamp, sportsbook, sport, league, bet type, selection, stake, odds, status, result)
The text of your chat messages

Anthropic processes this data under its own terms (see https://www.anthropic.com/legal/privacy) solely to generate the response to your message and does not retain it for model training without your consent. The text-stream response from Anthropic is shown to you and stored locally on your device as part of your chat history (capped at your most recent ~20 turns).

2.7 Server logs

Our backend writes basic request logs (HTTP method, path, timestamp, status) and error traces to standard cloud logging. These are kept for no longer than 30 days and are used only for operational diagnostics.

3. How we use your information

We use the information described above to:

Provide the core Service (sync your bet history, render dashboards, power analytics)
Authenticate you and keep your account secure
Process subscription upgrades and downgrades
Generate AI Analytics responses when you invoke that feature
Serve and measure ads on the free tier
Diagnose bugs and improve reliability
Communicate with you about your account, service issues, or material policy changes
Comply with applicable law

We do not use your bet history or sportsbook activity to make betting decisions on your behalf, share it with other users, or advertise gambling products to third parties.

We share information only with the following categories of recipients, and only as needed:

4.1 Service providers

We use the following processors to operate the Service. Each is bound by a data-processing agreement or equivalent obligations:

Google Cloud Platform — hosting (Cloud Run), database (Cloud SQL for PostgreSQL), and managed Redis. Region: us-central1 (Iowa, USA).
Anthropic — generates AI Analytics chat responses on a per-message basis. Data is processed per Anthropic's privacy policy.
Google AdMob — serves ads on the free tier.
RevenueCat — manages subscription lifecycle and webhooks for Apple App Store and Google Play subscriptions.
Google Sign-In and Sign in with Apple — for OAuth authentication if you choose to use them.

4.2 The sportsbook operators you connect

When we scrape your bet history, we are authenticating to your sportsbook account using your credentials or session cookies, on your behalf. The sportsbook receives the same traffic it would if you logged in yourself. We do not disclose to the sportsbook that BetAtlas is the party making the request.

4.3 Legal disclosures

We may disclose your information when required to comply with a valid legal process, protect our rights, prevent fraud, or protect the safety of any person. We will give you notice when possible.

4.4 Business transfers

If we are acquired, merged, or otherwise reorganized, your information may transfer to the successor entity, subject to this policy.

4.5 We do not sell your information

We do not sell your personal information. We do not "share" your personal information for cross-context behavioral advertising, as those terms are defined by the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

5. Your choices and rights

5.1 Access, correction, deletion, and export

You can:

Access your data by signing into the app — your dashboard, bet history, and account settings are all visible to you.
Export your full bet history as a CSV from inside the app (Settings → Export Bet History).
Correct account-level information from Account Settings.
Delete your account permanently from Account Settings → Delete Account. Deletion removes your account row, every bet and leg we have stored for you, your sportsbook connections (including encrypted credentials and cookies), your subscription record, and any pending scrape jobs in our queue. The deletion is immediate and irreversible.

5.2 California residents (CCPA / CPRA)

If you are a California resident, you have additional rights, including:

The right to know what personal information we have collected about you
The right to delete that information
The right to correct inaccurate information
The right to opt out of the "sale" or "sharing" of personal information (we do not do either, but you have this right regardless)
The right not to be discriminated against for exercising any of the above

To exercise these rights, contact us at privacy@4bettorinsight.com. We will verify your identity using your registered email address before fulfilling any request.

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the GDPR / UK GDPR:

The right to access your personal data
The right to rectify inaccurate personal data
The right to erasure ("right to be forgotten")
The right to restrict or object to processing
The right to data portability
The right to lodge a complaint with your local supervisory authority

Our legal bases for processing your data are: (a) contract — processing necessary to provide the Service you signed up for; (b) legitimate interests — operating, securing, and improving the Service; (c) consent — for advertising-related tracking on iOS via the App Tracking Transparency prompt and for any other consent-gated processing; and (d) legal obligation — where applicable law requires.

5.4 Advertising opt-outs

iOS: decline the App Tracking Transparency prompt or change it in Settings → Privacy & Security → Tracking.
Android: in Settings → Privacy → Ads, you can reset your advertising ID or opt out of personalized ads.
Both platforms: upgrade to the Pro tier to remove all ads entirely.

6. Data retention

Account information, bet history, sportsbook connections, and subscription data are retained for as long as your account is active. They are permanently deleted when you delete your account.
Server logs are retained for up to 30 days.
AI chat transcripts are stored on your device only. We do not retain a server-side copy.

If we are required to retain certain information for legal compliance (for example, tax records related to your subscription), we will keep only what the law requires for only as long as the law requires.

7. Security

We use industry-standard safeguards, including:

TLS encryption in transit for all client/server traffic
AES-256-GCM encryption at rest for sportsbook credentials and session cookies
Argon2id password hashing
JWT access tokens with a short expiry and rotating refresh tokens
Optional biometric (Face ID / Touch ID / fingerprint) sign-in on device

No system is perfectly secure. If we become aware of a security incident affecting your information, we will notify you in accordance with applicable law.

8. Children

BetAtlas is not directed to anyone under the legal sports-betting age in their jurisdiction (typically 21 in the United States, 18 elsewhere where sports betting is legal). We do not knowingly collect personal information from anyone under that age. If you believe we have collected information from a minor, contact us at privacy@4bettorinsight.com and we will delete it.

9. International data transfers

Our servers are located in the United States (Google Cloud, us-central1 region). If you use BetAtlas from outside the United States, your information will be transferred to and processed in the United States. For transfers from the European Economic Area, the United Kingdom, or Switzerland, we rely on the Standard Contractual Clauses adopted by the European Commission and, where applicable, the UK International Data Transfer Addendum.

10. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify you by email or by an in-app notification before they take effect. The "Effective date" at the top of this policy will always reflect the latest version.

11. Contact us

For privacy questions, requests, or complaints:

privacy@4bettorinsight.com

4 BETTOR INSIGHT LLC 10716 Wynspire Rd Highlands Ranch, CO 80130

Appendix: third-party privacy policies

If you want to know how our processors handle data, their policies are linked below:

Google (Cloud, AdMob, Sign-In): https://policies.google.com/privacy
Anthropic: https://www.anthropic.com/legal/privacy
Apple (Sign in with Apple): https://www.apple.com/legal/privacy/
RevenueCat: https://www.revenuecat.com/privacy