Privacy Policy

Soundswire LLC is the data controller for personal information processed in connection with the Service. For users in the European Economic Area, the United Kingdom, Brazil, and other jurisdictions with similar regimes, you may contact us at privacy@betcut.app for any data-protection inquiry. We do not currently maintain a separate EU representative; we will appoint one as required if our processing footprint in the EU expands.

We collect three categories of information:

• Account data. Your first name (or anonymous handle if you prefer), the email address returned by Sign in with Apple, your country, language, time zone, and your subscription status from the Apple App Store.
• Recovery data. The answers you give during onboarding (motivations, triggers, estimated monthly betting spend), daily check-ins, urge logs, redirected amounts, journal entries, milestones, tier progress, and panic-mode usage. This is the data that lets Betcut build and adapt your plan.
• Device and diagnostics. Device model, operating system version, App version, language, time zone, anonymized installation identifier, and crash reports. We use this only to keep the App stable and improve performance.

We do not request access to your contacts, photos, microphone, or precise location. Push notifications and optional biometrics (Face ID / Touch ID) are opt-in and processed on your device.

• We do not connect to your bank, credit card, brokerage, or sportsbook accounts. The amounts you redirect inside Betcut are recorded manually by you.
• We do not collect biometric data, government-issued IDs, genetic data, or precise health-record data.
• We do not include third-party advertising SDKs, social tracking pixels, or session-replay tools that capture your keystrokes or screen content.
• We do not use your journal entries, urge logs, or recovery answers to train artificial-intelligence models, our own or anyone else's.

We use the data we collect only to:

• Operate and personalize the Service for you, including building your recovery plan, calculating streaks and simulated savings, and showing relevant prompts.
• Manage subscriptions by verifying entitlements with the Apple App Store.
• Send transactional and account messages and, only with your opt-in, optional recovery reminders or product updates.
• Diagnose crashes, fix bugs, and measure aggregated product usage so we can improve the Service.
• Detect, investigate, and prevent fraud, abuse, and security incidents.
• Comply with legal obligations and protect the rights and safety of our members and the public.

Where applicable laws require it, we rely on the following legal bases: performance of our contract with you (to deliver the Service you asked for), our legitimate interests in keeping the Service secure and improving it (balanced against your rights), your consent (for optional notifications and product analytics where required), and compliance with legal obligations. You can withdraw consent at any time without affecting the lawfulness of prior processing.

We use PostHog as our sole product-analytics provider. PostHog helps us understand how the App is used in aggregate (for example, which screens are reached, which actions are taken, where new members get stuck), so we can improve it.

• We do not send your journal entries, urge content, or personal recovery answers to PostHog.
• Events sent to PostHog are limited to anonymized identifiers and structural usage signals such as screen names, feature interactions, app version, and device class.
• IP addresses are not stored long-term for analytics; we configure PostHog to discard precise IP after standard geolocation.
• You can disable analytics in the App settings ("Help improve Betcut"). When disabled, no analytics events are sent.

PostHog is a privacy-respecting, EU-and-US-hosted analytics platform. You can read more about PostHog's processing practices at posthog.com/privacy.

We share data only with vetted service providers ("processors") that help us run the Service, under contracts that limit how they can use it. Current providers include:

• Cloudflare for hosting, edge delivery, DDoS protection, and storage.
• Neon (managed PostgreSQL) for the encrypted database that stores your account and recovery data.
• Apple for Sign in with Apple, push notifications, and App Store subscription management.
• Better Auth and our email-delivery provider for authentication and account-related email.
• PostHog for the limited product analytics described above.
• Crash and performance tools limited to anonymized device diagnostics.

We never sell personal information, and we do not "share" it for cross-context behavioral advertising as defined by the California Consumer Privacy Act (CCPA / CPRA). We do not share your recovery data with advertisers, data brokers, insurers, or employers. We will disclose data when legally compelled (for example, a valid court order or a subpoena), and we will challenge requests we believe to be overbroad or unlawful.

In the event of a merger, acquisition, financing, or asset sale, personal information may be transferred to the successor entity, subject to a privacy notice consistent with this Policy.

Data is encrypted in transit using TLS 1.2 or higher and encrypted at rest in our database and backups. Access inside Betcut is restricted to a minimal number of engineers, granted on a need-to-know basis, and access is logged. Sensitive fields such as journal entries are stored with additional column-level encryption. We perform regular dependency and vulnerability reviews.

No system is perfect. If we ever experience a security incident that affects your personal data, we will notify you within the timelines required by applicable law (within 72 hours under GDPR where feasible) and explain what happened and what to do.

• Active accounts: recovery data is kept for as long as your account is active so you can see your full progress over time.
• Closed accounts: when you delete your account from inside the App, we immediately erase your account and all associated recovery data from our live database. We do not maintain per-account backups, archives, or cold storage of recovery data. We retain only the limited records we must keep for tax, accounting, fraud-prevention, or legal compliance. See Deleting your account for full detail.
• Database backups: our database (Neon) performs an automated daily snapshot of the entire database for disaster recovery, with a 14-day retention window. Deleted-account data disappears from backups within that window as snapshots cycle out. We do not restore from these backups to undo individual account deletions.
• Analytics events (PostHog) are retained for up to 12 months in identifiable form, then aggregated.

Account deletion is permanent and cannot be undone. When you tap "Delete my account" inside the App (Profile → Settings → Delete my account), we permanently erase your account and every piece of recovery data tied to it. There is no recovery window, no soft-delete, and no support escalation that can bring it back.

What is destroyed when you delete your account:

• Your account record, Sign in with Apple link, and email address.
• Your full recovery history: streaks, tier progress, redirected amounts, simulated savings, and milestones.
• Every urge log, journal entry, panic-mode session, daily check-in, onboarding answer, and trigger map you ever recorded.
• Your personalized plan, guards, reminders, and notification preferences.
• Anonymized analytics events tied to your installation identifier.

Deletion runs immediately in our live database. We do not keep per-account backups, archives, cold storage, or support-tool snapshots of your recovery data — there is nothing for us to restore from. The only place a deleted account can briefly persist is our managed-database (Neon) daily snapshot, which exists for disaster recovery only and cycles out within 14 days. We do not restore from those snapshots to undo individual deletions. After 14 days, no copy of your account exists anywhere in our systems. If you sign up again later you will start from a blank account; nothing carries over.

The only data we retain after deletion is the minimum required by law: subscription and payment records held by Apple under the App Store agreement, and the limited tax, accounting, fraud-prevention, or legal-compliance records noted in the Retention section. These contain no recovery content.

If you only want to take a break, you can sign out, mute notifications, or pause your subscription from the App Store without deleting anything. Deletion is intended to be a final step.

Want a copy first? Email privacy@betcut.app and we will send you an export of your data before you delete. Once deletion runs, we cannot reproduce it.

You can delete your personal data at any time from inside the App (Profile → Settings → Delete my account). For access, export, correction, or restriction of processing, write to privacy@betcut.app. We respond within 30 days, faster when we can. Note that account deletion is permanent and irreversible — see Deleting your account before you proceed.

Depending on where you live, you may also have the right to object to processing based on legitimate interests, withdraw consent, request data portability, and file a complaint with your local data-protection authority. We will not retaliate against you for exercising any of these rights.

California residents have specific rights under the CCPA / CPRA including the right to know, delete, correct, and opt out of the "sale" or "sharing" of personal information. As stated, Betcut does not sell or share personal information for cross-context behavioral advertising. We do not knowingly process the personal information of anyone under 16 for sale or sharing.

Betcut is operated from the United States. If you use the Service from outside the United States, your information will be transferred to and processed in the United States and other countries where our service providers operate. Where required, we use Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or equivalent safeguards to protect your data during transfer. By using the Service, you understand that your information may be transferred to jurisdictions that may not provide the same level of data-protection law as your country of residence.

Betcut is not directed to children, is not intended for users under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, contact privacy@betcut.app and we will delete the account and the data promptly. The Service is not subject to COPPA but we apply COPPA-grade protections to any account inadvertently opened by a minor.

We do not subject you to decisions based solely on automated processing that produce legal effects or similarly significantly affect you. The personalized plan and prompts are generated algorithmically from your onboarding answers; they are supportive, not determinative, and you can edit or override any setting at any time.

Because the Service does not engage in cross-context behavioral advertising or sale of personal information, our practices already align with Do-Not-Track and Global Privacy Control signals. We respect those signals where they apply.

We will update this Privacy Policy when our practices change or when laws require it. Material changes will be announced in-app and on betcut.app at least 14 days before they take effect (or sooner if required by law), and the "Last updated" date above will reflect the latest revision. Prior versions are available on request.

Soundswire LLC, operator of Betcut. For privacy questions or to exercise your rights, contact privacy@betcut.app. For general support, use hello@betcut.app.