Home

Privacy Policy

Last updated: 19 February 2026

1. Introduction

betr.pro ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our betting tracking service, including our website and mobile application (together, "the Service").

This policy applies to all users of betr.pro, whether accessing the Service via web browser or our mobile app (iOS/Android).

Contact: For privacy-related inquiries, email us at support@betr.pro

2. Legal Basis for Processing

We process your personal data under the following lawful bases as defined by the UK GDPR and Data Protection Act 2018:

  • Contract (Article 6(1)(b)): Processing necessary to provide the Service — account creation, storing your betting data, authentication, and subscription management.
  • Legitimate interest (Article 6(1)(f)): Error monitoring (Sentry), server logging, security measures, and service improvement — where our interest does not override your rights.
  • Consent (Article 6(1)(a)): Analytics (PostHog and Google Analytics), AI-powered screenshot extraction (Anthropic), email notifications (review summaries, trial reminders), and Telegram bot integration. You may withdraw consent at any time.

Where we rely on consent, you may withdraw it at any time by adjusting your account settings or contacting us. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

3. Information We Collect

3.1 Account Information

When you create an account, we collect:

  • Email address (required) — for authentication and communication
  • Password (required) — securely hashed, never stored in plain text
  • Display name (optional) — for personalisation

On our mobile app, you may also sign in via Google Sign-In or Apple Sign-In. In this case, we receive your email address and display name from the OAuth provider. We do not receive or store your Google or Apple password.

3.2 Betting Data (User-Provided)

You may choose to input or import the following betting information:

  • Bet dates and times
  • Stakes and odds
  • Returns and profit/loss figures
  • Event names and selections
  • Market types and bet types
  • Tipster and bookmaker names
  • Personal notes and tags

This data is entirely user-provided. We do not collect betting data from external sources on your behalf.

3.3 Uploaded Content

When using import features, you may upload:

  • Screenshots — sent to Anthropic Claude for AI text extraction, not permanently stored by us
  • CSV/Excel files — processed locally in your browser, not stored on our servers
  • Telegram messages — if you use our Telegram bot, screenshots and message text you send are forwarded to Anthropic for extraction (see Section 3.5)

3.4 Automatically Collected Technical Data

We collect the following technical data to operate and improve the Service:

  • Analytics (PostHog and Google Analytics): We use PostHog inside the authenticated product and Google Analytics on our website to collect usage data including page views, feature interactions, landing-page performance, and user journeys. PostHog identifies you by user ID and email after login to provide per-user product analytics. Google Analytics receives browser, device, and page interaction data for website reporting. These analytics tools only load when you accept analytics cookies.
  • Search performance reporting (Google Search Console): We use Google Search Console to verify ownership of betr.pro and review aggregated search performance, indexing, and crawl data for our public pages. We do not send your betting records or private account data to Search Console.
  • Error monitoring (Sentry): We use Sentry to capture application errors and crash reports. Error data is sanitised to remove financial information (stakes, returns, odds) and authentication tokens before transmission. Sentry may record a sample of session replays (approximately 10%) for debugging purposes.
  • Server logs (Vercel): Our hosting provider Vercel collects standard web server logs including page performance metrics and request metadata.
  • Authentication session — managed by Supabase for secure access

3.5 Telegram Bot Integration

If you use our Telegram bot to import bet slips, the following data is processed:

  • Telegram user ID and chat ID — to associate messages with your betr.pro account
  • Screenshots and images — forwarded to Anthropic Claude for bet extraction
  • Message text — a preview (first 100 characters) is logged for debugging purposes

Telegram message metadata (chat ID, chat title, text preview) is recorded in server logs. Screenshots are not permanently stored after extraction processing is complete.

4. How We Use Your Information

We use your information to:

  • Provide the Service — store and display your betting data, calculate analytics
  • Authenticate you — verify your identity and secure your account
  • Process imports — extract data from screenshots using AI (Anthropic Claude)
  • Process payments — manage subscriptions and billing via Stripe (web) and RevenueCat (mobile)
  • Communicate with you — send verification emails, end-of-day review summaries, trial reminders, and respond to support requests via Resend
  • Monitor errors — detect and fix bugs using Sentry error reports
  • Analyse usage — understand how the Service is used to improve it, via PostHog and Google Analytics
  • Improve the Service — fix bugs and enhance features based on usage patterns

We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes.

5. Data Storage and Security

5.1 Database Security

Your data is stored securely using Supabase (PostgreSQL database) with:

  • Row-Level Security (RLS) — ensures you can only access your own data
  • Encryption at rest — data encrypted when stored
  • Encryption in transit — all connections use HTTPS/TLS

5.2 Application Security

We implement multiple security measures:

  • Input validation and sanitisation on all user inputs
  • Protection against common vulnerabilities (XSS, SQL injection, CSRF)
  • Secure session management
  • Rate limiting on sensitive endpoints
  • Regular security updates

5.3 Password Security

Your password is:

  • Hashed using industry-standard algorithms by Supabase Auth
  • Never stored in plain text
  • Required to meet minimum complexity standards (8+ characters, mixed case, numbers)

6. Third-Party Data Processors

We share data with the following third-party processors, each of which is essential for providing or supporting the Service:

6.1 Supabase (Database & Authentication)

  • Purpose: Database hosting, user authentication, and data storage
  • Data shared: Account information, betting data, all user-generated content
  • Location: EU (Frankfurt) region
  • Privacy policy: supabase.com/privacy

6.2 Anthropic (AI Screenshot Extraction)

  • Purpose: Extract text from bet slip screenshots using Claude vision AI
  • Data shared: Screenshot images you upload (via web, mobile, or Telegram)
  • Processing: Images analysed in real-time, not retained by Anthropic after processing
  • When used: Only when you use the screenshot import feature or Telegram bot
  • Privacy policy: anthropic.com/privacy

6.3 Stripe (Payments — Web)

  • Purpose: Subscription billing and payment processing for the web app
  • Data shared: Email address, subscription plan, payment method details, billing address
  • When used: When you subscribe to a paid plan via the web app
  • Privacy policy: stripe.com/privacy

6.4 RevenueCat (Payments — Mobile)

  • Purpose: Subscription management for in-app purchases on iOS and Android
  • Data shared: User ID, purchase receipts, subscription lifecycle events
  • When used: When you subscribe to a paid plan via the mobile app
  • Privacy policy: revenuecat.com/privacy

6.5 PostHog (Analytics)

  • Purpose: Product analytics to understand feature usage and improve the Service
  • Data shared: User ID, email, page views, feature interactions, subscription events
  • Opt-out: You may disable analytics in your account settings
  • Privacy policy: posthog.com/privacy

6.6 Google Analytics & Search Console (Website Measurement)

  • Purpose: Website traffic measurement, search performance reporting, and crawl/indexing diagnostics for our public pages
  • Data shared: Page views, browser/device metadata, referrer and campaign data, and aggregated search performance information made available by Google
  • When used: Google Analytics loads only when you accept analytics cookies; Search Console is used to verify site ownership and review aggregated search performance
  • Privacy policy: policies.google.com/privacy

6.7 Sentry (Error Monitoring)

  • Purpose: Application error tracking and crash reporting
  • Data shared: Error traces, user ID, sanitised session data (financial data and auth tokens are scrubbed before transmission)
  • Session replays: Approximately 10% of sessions are recorded for debugging
  • Privacy policy: sentry.io/privacy

6.8 Vercel (Hosting & Analytics)

  • Purpose: Web application hosting, serverless functions, and web analytics
  • Data shared: Page views, performance metrics, server request logs
  • Privacy policy: vercel.com/legal/privacy-policy

6.9 Resend (Email Delivery)

  • Purpose: Transactional and notification email delivery
  • Data shared: Email address, email content (review summaries may include event names, selections, odds, and stakes)
  • Privacy policy: resend.com/legal/privacy-policy

6.10 Google & Apple (Mobile OAuth)

  • Purpose: Sign-in authentication on the mobile app
  • Data shared: Email address and display name received from the provider during sign-in
  • When used: Only when you choose to sign in via Google or Apple on the mobile app
  • Privacy policies: Google / Apple

6.11 Telegram Bot API (Screenshot Import)

  • Purpose: Receive bet slip screenshots via Telegram for AI extraction
  • Data shared: Telegram user ID, chat ID, screenshots, message text preview
  • When used: Only when you send messages to our Telegram bot
  • Privacy policy: telegram.org/privacy

6.11 Football-Data.org & Racing API (Data Feeds)

  • Purpose: Fixture data for event autocomplete suggestions
  • Data shared: No user data is shared — only API keys are used server-side

7. Data Retention

  • Account data: Retained until you request deletion
  • Betting data: Retained until you delete it or close your account
  • Screenshots: Not retained — processed in real-time by Anthropic and immediately discarded
  • Analytics data (PostHog): Retained in accordance with PostHog's data retention policies
  • Error data (Sentry): Retained for 90 days
  • Server logs (Vercel): Retained in accordance with Vercel's log retention policies
  • Telegram message logs: Message metadata (chat ID, text preview) is retained in server logs
  • Email records (Resend): Delivery logs retained in accordance with Resend's policies
  • Local storage: Controlled by your browser, cleared when you clear browser data

Upon account deletion, your data is permanently removed from our primary database within 30 days. Backups may retain data for up to 90 days for disaster recovery purposes. Third-party processors retain data according to their own retention schedules.

8. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have the right to:

  • Access your data (Article 15): View all personal data we hold about you. To request a copy, email support@betr.pro with the subject "Data Subject Access Request". We will respond within 30 days.
  • Rectification (Article 16): Correct inaccurate data — edit your betting records directly in the Service or contact us.
  • Erasure (Article 17): Request deletion of your account and all associated data. To request account deletion, email support@betr.pro with the subject "Account Deletion Request".
  • Restrict processing (Article 18): Request that we limit how we use your data.
  • Data portability (Article 20): Receive your data in a structured, machine-readable format. Contact us to request a data export.
  • Object to processing (Article 21): Object to processing based on legitimate interest, including analytics.
  • Withdraw consent: Where processing is based on consent (analytics, email notifications), you may withdraw at any time via account settings or by contacting us.

To exercise any of these rights, contact us at support@betr.pro

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data protection rights have been violated.

9. Cookies and Similar Technologies

We use cookies and similar browser storage technologies as follows:

TechnologyPurposeType
Supabase auth tokenSession authenticationEssential
PostHog cookiesAnalytics identification and session trackingAnalytics
Google Analytics cookiesWebsite traffic measurement and landing-page performance reportingAnalytics
Referral cookie (betr_ref)Tracking referral source for attributionFunctional
Theme preference (localStorage)Remembering your dark/light mode choiceFunctional
Pending import data (localStorage)Temporary storage during multi-step import workflowsEssential

We do not use cookies for advertising or cross-site tracking. You can clear browser cookies and local storage at any time through your browser settings.

10. Automated Processing

Our Service uses AI (Anthropic Claude) to automatically extract betting data from screenshots you upload. This is not automated decision-making as defined by GDPR Article 22:

  • AI is used for data extraction only — converting images of bet slips into structured text
  • You review and approve all extracted data before it is imported into your account
  • No automated decisions are made that produce legal or similarly significant effects on you
  • No profiling or automated assessment of your betting behaviour is performed

11. Mobile Application

In addition to the web app, betr.pro is available as a mobile application for iOS and Android. The mobile app introduces the following data practices:

  • OAuth sign-in: Google Sign-In and Apple Sign-In are available. We receive your email and display name from the OAuth provider. We do not access your contacts, calendar, or other device data.
  • In-app purchases: Subscriptions are managed through Apple App Store or Google Play, with RevenueCat processing subscription lifecycle events.
  • Push notifications: If you enable push notifications, a device token is stored to deliver notifications. You can disable these at any time in your device settings.
  • Mobile analytics: PostHog collects usage analytics on the mobile app, consistent with Section 6.5.

The mobile app does not access your camera roll, contacts, location, or other device sensors beyond what is needed for the features you explicitly use (e.g., camera for screenshot capture).

12. International Data Transfers

Your data may be processed in countries outside the United Kingdom or European Economic Area where our service providers operate, including the United States. When this occurs:

  • We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms approved by the ICO
  • Our providers maintain appropriate data protection standards consistent with UK GDPR requirements
  • Data transfers comply with Chapter V of the UK GDPR (Articles 44-49)

For more information about the safeguards in place for international transfers, contact us at support@betr.pro

13. Server-Side Logging

Certain API routes record operational data in server logs hosted on Vercel. This includes:

  • Telegram webhook: Chat ID, chat title, message text preview (first 100 characters)
  • Email cron jobs: User ID, bet count (review emails); user ID and email address (trial reminders)
  • Error logging: Client error messages, user agent, URL (may contain share tokens)

Server logs are used solely for debugging and operational purposes. We do not mine logs for analytics or marketing.

14. Sharing Features

betr.pro allows you to share your betting performance via shareable links. When you use this feature:

  • A unique share token is generated and embedded in the URL
  • Anyone with the link can view the shared data — share links are not indexed by search engines
  • Optionally, you may password-protect shared links
  • Share links do not expire unless you manually revoke them

Be cautious when sharing links, as they may appear in browser history or be transmitted via referrer headers. You can revoke shared links at any time from your account.

15. Children's Privacy

betr.pro is not intended for use by anyone under 18 years of age. We do not knowingly collect personal information from children under 18.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to delete such information from our systems.

16. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of changes by:

  • Updating the "Last updated" date at the top of this page
  • Sending an email notification for material changes
  • Displaying a notice within the Service

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes indicates acceptance of the updated policy.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@betr.pro

Please include "Privacy Query" in your subject line. We aim to respond to all privacy-related inquiries within 30 days.