Senad Bushati

Albania

Data Retention Policy At totosport, we value your privacy and strive to maintain transparency regarding the data we collect, store, and process. This Data Retention Policy outlines our practices related to the retention, processing, and deletion of user data when using our service. 1. Messages and Commands Message Storage: We do not store any messages or conversations that you send via Slack in our database. Command Processing: When you use one of our designated commands, the message is temporarily processed through our server in order to create the corresponding slips in our database. After processing, the message is not retained or stored. 2. Data We Retain We only retain the following Slack-related data: User Slack ID: This is the unique identifier provided by Slack when you interact with our bot. Group Slack ID: This is the unique identifier of the Slack workspace in which our bot is used. Group Name: The name of the Slack workspace where the bot is active. This information is retained in our database to support the core functionality of the bot and to maintain user-specific data for creating and tracking prediction slips. 3. Subscription Data We use Lemon Squeezy, a Stripe-affiliated service, to manage subscriptions and payments. We do not store any of your credit card or payment information in our database. The only subscription-related data we store is the Subscription ID associated with your Lemon Squeezy account. This allows us to verify your subscription status and provide you with the appropriate level of service. 4. Data Deletion and Retention Periods User and Group Data: User and group data (i.e., Slack IDs and Group Names) are retained in our database as long as your account remains active. If you choose to cancel your account or stop using our service, you may request the deletion of this data. Subscription Data: Subscription IDs are retained for the duration of your subscription and for a reasonable period thereafter, in accordance with legal and business requirements. If you cancel your subscription, we will remove your subscription ID from our database after all obligations have been fulfilled. 5. Security Measures We implement industry-standard security measures to protect the data we collect and store, including encryption and access controls. However, please note that no method of electronic storage or transmission over the internet is 100% secure, and we cannot guarantee absolute security. 6. Your Rights You have the right to access, correct, or request the deletion of the personal data we retain. If you would like to exercise these rights, please contact us at info@totosport.co. 7. Policy Updates We may update this Data Retention Policy from time to time to reflect changes in our practices, legal requirements, or improvements to our service. Any updates will be posted on this page with an updated "Last Updated" date. If you have any questions about this policy or how we handle your data, please contact us at info@totosport.co. This policy ensures that your personal data is managed responsibly and in accordance with privacy laws while maintaining the core functionality of our service.

Last Updated: 29/08/2024 At totosport, we are committed to the responsible management of your data throughout its lifecycle. This Data Archival and Removal Policy outlines the procedures for archiving and securely removing data when it is no longer required for operational, legal, or compliance purposes. 1. Purpose This policy aims to: - Ensure that data is archived securely when it is no longer actively used but must be retained for business, legal, or regulatory reasons. - Define the conditions and procedures for the permanent removal of data from our systems. - Comply with applicable data protection laws and regulations. 2. Data Archival Archiving Criteria: Data that is no longer needed for day-to-day operations but is required for legal, regulatory, or historical purposes will be archived. This may include user records, transaction logs, and system activity data. Archival Process: Archived data will be transferred to secure storage locations, separate from active databases. Data in archives will be encrypted and accessible only to authorized personnel for specific purposes. Retention Periods: Archived data will be retained for a predefined period, depending on the type of data and legal or regulatory requirements. Common retention periods may vary from 1 to 7 years or longer, depending on the data and jurisdiction. 3. Data Removal Conditions for Removal: Data will be removed from our systems under the following conditions: - The retention period has expired. - The data is no longer required for business or legal purposes. - A verified request for data deletion has been received from the data subject in accordance with their legal rights (e.g., GDPR Right to Erasure). Removal Process: When data meets the conditions for removal, it will be securely and permanently deleted from our systems. 4. Compliance and Regulatory Requirements Legal Compliance: We adhere to applicable data protection regulations, such as GDPR, and others, which may dictate specific requirements for data retention and removal. Audits and Reviews: We regularly review our data archival and removal practices to ensure compliance with current legal standards and to maintain data integrity and security. 5. User Rights and Data Deletion Requests Right to Erasure: Users have the right to request the deletion of their personal data under certain circumstances. Upon receiving a verified request, we will delete the requested data unless it is subject to legal holds or required for ongoing business operations. Request Procedure: Users can submit data deletion requests through info@totosport.co. We will respond to these requests within the legally required timeframe and confirm the deletion or provide a reason if the data cannot be deleted. 6. Policy Updates We may update this Data Archival and Removal Policy as necessary to reflect changes in our data management practices, legal requirements, or industry standards. Any updates will be posted on this page with the revised "Last Updated" date. If you have any questions or concerns about this Data Archival and Removal Policy, please contact us at info@totosport.co. This policy ensures that data is archived and removed responsibly, in compliance with legal standards, and in a manner that protects your privacy and security.

Last Updated: 29/08/2024 At totosport, we take the security and integrity of your data seriously. This Data Storage Policy outlines the methods and practices we use to store and protect your data throughout its lifecycle, ensuring compliance with legal and regulatory standards. 1. Scope This policy applies to all data collected, processed, and stored by totosport, including but not limited to: User Data: Identifiable information such as Slack IDs, Group IDs, Group Names, and subscription details. Transactional Data: Logs, records, and any other data generated as part of the service. Archived Data: Data that is no longer actively used but retained for legal, regulatory, or historical reasons. 2. Data Storage Locations Primary Storage: All active data is stored on secure, cloud-based servers. These servers are managed by reputable third-party providers who comply with industry standards for security and data protection. Backup Storage: Regular backups are conducted to ensure data availability and resilience against loss. Backup data is encrypted and stored in geographically separate locations to safeguard against physical and network threats. 3. Data Security Measures To protect the data we store, we implement a range of security measures, including: Encryption: - Data at Rest: All data stored on our servers is encrypted using strong encryption protocols (e.g., AES-256) to prevent unauthorized access. - Data in Transit: Data transmitted between our servers, and between our servers and external clients, is encrypted using TLS (Transport Layer Security) to protect it from interception. Access Controls: - Role-Based Access: Access to stored data is restricted based on user roles and responsibilities. Only authorized personnel have access to sensitive data, and all access is logged and monitored. - Multi-Factor Authentication (MFA): MFA is required for all personnel accessing sensitive data, adding an additional layer of security. Physical Security: 4. User Rights and Data Access Data Access: Users have the right to request access to the personal data we store about them. Requests can be made by contacting us at info@totosport.co

Albania

I use the Xano no-code tool for the backend which uses google cloud platform for hosting data.

no

no

Contact us at info@totosport.co and we will manually delete your data.

yes

no

no

info@totosport.co

no

no

no

Xano (for the backend), bubble (for the website), sportmonks (for the odds), and lemon squeezy (for payments).

no