What we receive
- Settled bet records — match metadata, market type, your offered odds, the result, and (optionally) stake size and customer segmentation tier.
- That's it. No PII. No customer IDs. No payment instruments. No KYC data. No IP addresses. No device fingerprints. No geographic data beyond tournament-level league info.
If you are about to send us anything customer-identifiable, stop.
The CSV spec excludes it on purpose. If your export tooling is going to
include a column we don't ask for, you can drop it before send or we can
help you write a one-line filter on our pre-flight call.
Where it lives
- Storage: encrypted at rest in a customer-isolated bucket / volume. Per-customer encryption keys, rotated quarterly.
- Transit: TLS 1.2+ to all endpoints (S3, SFTP, API). We do not accept unencrypted plaintext drops.
- Backups: 30-day rolling, encrypted, in the same region as primary. We can restrict to a specific region on request (EU-only, US-only) at pilot setup.
- Access: read access is restricted to (a) an automated processing role and (b) the operator (Sean). No third-party contractors, no offshore access.
Retention
| Data | Default retention | On request |
|---|---|---|
| Raw bet drops | 90 days after pilot end | Deleted within 7 days of written request |
| Aggregated metrics (used for our model improvements) | Indefinite, with explicit consent in the pilot agreement | Anonymization audit on request |
| Generated Shadow Reports | Indefinite | Deleted on request; copies you've already received are yours |
| Backups | 30 days rolling | Hard-delete confirmation by email within 7 days |
What we never do
- Sell, lease, or share your data with any third party. Ever.
- Use your data to compete with you. Aggregated model improvements flow back to all customers; per-operator competitive intelligence does not become a product we sell to your competitors.
- Train ML models on your raw bet data without explicit per-pilot consent. The pilot agreement spells out what we may use the data for.
- Process payments, hold customer funds, or take any role in your trading workflow. We are read-only.
Compliance posture
We're a young company. Honest description of our compliance state today:
- GDPR: we do not knowingly process EU personal data because the CSV spec excludes it. If your export tool ever leaks a personal field, we'll flag it on validation and reject the file.
- UKGC / MGA / other regulator licensing: we are not currently a licensed gambling-software supplier. The Shadow Pilot is a data-services / consulting engagement, not regulated software supply. If your jurisdiction requires the audit provider to hold a B2B critical gaming supply licence, we will pause the engagement until that's clarified by your legal team.
- SOC 2 / ISO 27001: not yet. Roadmap target is SOC 2 Type 1 in Q3 2026 once we have a small handful of paying operators. Until then, our infrastructure is documented and reproducible but not formally audited.
Incident response
If we believe data has been improperly accessed or disclosed:
- You're notified by email + phone within 24 hours.
- We provide a written incident summary within 72 hours covering: what data, who accessed it, time window, containment steps taken.
- You can demand immediate hard-deletion of all data we hold on you without contractual penalty.
Pilot agreement
The 30-day Shadow Pilot is governed by a one-page MSA + DPA we send in the kickoff packet. Material terms: mutual NDA, data-handling exactly as described above, mutual right to walk away with no fee.