Privacy Policy

Last updated: 2026-05-18

1. Data controller

The controller responsible for the processing of your personal data under the EU General Data Protection Regulation (GDPR) is:

Hristos Moschogiannis
Franziska-Bilek-Weg 1
80339 München
Email: legal@betedge.tips

2. What data we collect

We process the following categories of personal data:

• Account data — your email address and a hashed password (managed by Supabase Auth), created when you register.
• Subscription & billing data — your email address, a payment-method token, and transaction records, processed via Stripe when you subscribe. We do not store full card numbers.
• Usage & server-log data — automatically transmitted when you visit the site (IP address, browser type, referrer, timestamp), used to operate and secure the Service.
• Analytics data — anonymized usage statistics, collected only with your consent.

3. Legal bases for processing (GDPR Art. 6)

• Contract (Art. 6(1)(b)) — to create and operate your account and to provide the subscription you purchased.
• Legitimate interests (Art. 6(1)(f)) — to keep the Service stable and secure (e.g. server logs, rate-limiting) and to operate the AI analytics that power our picks.
• Consent (Art. 6(1)(a)) — for optional analytics cookies. You may withdraw consent at any time with effect for the future.
• Legal obligation (Art. 6(1)(c)) — where we must retain certain records (e.g. for tax or accounting).

4. Service providers (processors)

We rely on the following service providers, who process personal data on our behalf under data-processing agreements:

• Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA) — website hosting and delivery. Data may be processed in the USA; transfers are safeguarded by Standard Contractual Clauses and the EU-US Data Privacy Framework.
• Stripe Payments Europe Ltd. (1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) — payment processing. See stripe.com/privacy.
• Anthropic PBC (548 Market Street, PMB 90375, San Francisco, CA 94104, USA) — the Claude AI model used to generate analytics. Structured sporting data is sent to Anthropic; no personal user data is transmitted for this purpose. See anthropic.com/privacy.
• Supabase — authentication and database services, storing your account and application data.
• Resend — transactional and notification email delivery (e.g. account and digest emails).
• Upstash — rate-limiting and caching infrastructure used to protect the Service.

Where any of these providers process data outside the European Economic Area, such transfers are safeguarded as described in Section 8.

5. Cookies & consent

We use the following categories of cookies and local-storage items:

• Necessary (always active, no opt-out) — your login session (Supabase Auth cookies) and similar items required for the Service to function.
• Optional analytics (only with your consent) — anonymized usage analytics.
• Marketing — currently not active.

We manage your choices through our consent banner (Klaro). You can review or withdraw your consent at any time using the cookie settings available at the bottom of the screen.

6. Your rights

Under the GDPR (Art. 15–21) you have the right to:

• access your personal data (Art. 15);
• rectify inaccurate data (Art. 16);
• erasure of your data (Art. 17);
• restrict processing (Art. 18);
• data portability (Art. 20);
• object to processing based on legitimate interests (Art. 21);
• withdraw any consent you have given, at any time with effect for the future (Art. 7(3)).

You can export a copy of your data at any time from your account settings (which calls /api/account/export), and you can delete your account directly from your settings. To exercise any other right, email us at legal@betedge.tips.

7. Data retention

We retain your account data for as long as your account exists. When you request account deletion, your account is first soft-deleted (deactivated); the underlying personal data is then permanently purged after a 30-day grace period by an automated daily job, after which it cannot be recovered. Some records may be retained longer where required to comply with legal obligations.

8. International data transfers

Some of our processors (notably Vercel and Anthropic in the USA) process data outside the European Economic Area. Where this occurs, we ensure an adequate level of protection through appropriate safeguards — primarily the EU Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework.

9. Contact & supervisory authority

For any privacy question or to exercise your rights, contact us at legal@betedge.tips.

You also have the right to lodge a complaint with a data-protection supervisory authority — in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. As the controller is established in Germany, the competent authority is the data-protection supervisory authority of the federal state of the operator’s registered seat.

10. Changes to this policy

We may update this Privacy Policy to reflect changes to the Service or to legal requirements. The current version is always available on this page, with the “Last updated” date shown above.