ProBettingHubPrivacy Policy

Last updated: 15 April 2026

1. Who We Are

In short: We are ProVision Entertainment s.r.o., a Czech company. We control your data and you can contact us anytime.

The Service is operated by ProVision Entertainment s.r.o., a company incorporated under the laws of the Czech Republic. We act as the data controller for all personal data processed through the Service.

If you have any questions about this Privacy Policy or how we handle your data, you can reach us at [email protected].

2. Information We Collect

In short: We collect your email and preferences when you sign up, plus technical data like IP address and cookies automatically.

We only collect the data we need to provide, secure, and improve the Service. Here is what we collect and why.

Account Information

  • Email address (required for registration and login)
  • Password (stored as a secure hash — we never see or store your actual password)
  • Display name or username (optional)
  • Timezone and locale preferences
  • Newsletter opt-in preference (you choose at registration)

Automatically Collected Data

  • IP address and approximate country (via Cloudflare infrastructure headers, used for localization and security)
  • Session cookie (30-day httpOnly cookie for keeping you logged in)
  • Timezone preference cookie (1-year cookie for consistent time display)
  • Statistics visibility preference cookie (1-year cookie)
  • League selection preferences (stored in your browser's localStorage — never sent to our servers)
  • Campaign and referral data (UTM parameters at registration — source, medium, campaign)

Third-Party Authentication

  • When you sign in with Google, we receive your name, email address, and profile picture from Google. We do not receive or store your Google password.

3. How We Use Your Information

In short: We use your data to run the service, keep it secure, and improve it. We never use it for purposes you haven't agreed to.

We process your personal data under the following legal bases:

Contract Performance

  • Providing and maintaining your account
  • Authenticating your identity and managing sessions
  • Delivering personalized sports statistics and match data
  • Storing your display preferences (timezone, odds format, favorite leagues)

Legitimate Interests

  • Protecting the Service against fraud, abuse, and automated attacks
  • Understanding how the Service is used to improve features and performance
  • Delivering real-time live score updates (functional, not tracking)

Consent

  • Sending marketing or newsletter emails (only if you opt in; you can unsubscribe at any time)
  • Analytics cookies (when activated — see Section 4)

Legal Obligations

  • Complying with applicable laws, regulations, and lawful requests from authorities

4. Cookies and Local Storage

In short: We use a few essential cookies to keep you logged in and remember your preferences. Analytics cookies are not currently active.

We use cookies and browser storage technologies to operate the Service. Here is exactly what we use:

Essential Cookies

  • Session cookie ("session") — keeps you logged in for 30 days. HttpOnly and Secure in production.

Functional Cookies

  • Timezone cookie ("tz") — stores your timezone for consistent date/time display. Expires after 1 year.
  • Statistics visibility cookie ("show_stats") — remembers whether you show or hide statistics. Expires after 1 year.

Local Storage

  • League selection — stores your selected league IDs in your browser. This data never leaves your device.

Analytics (Not Currently Active)

  • Google Analytics (GA4) — configured but not yet active. When activated, it will use anonymized IP and require consent where applicable.
  • Meta Pixel — configured but not yet active. When activated, consent will be required before loading.
You can clear cookies and localStorage at any time through your browser settings. Essential cookies are required for the Service to function — disabling them may prevent you from logging in.

5. How We Share Your Information

In short: We do not sell your data. We only share it with service providers that help us run the platform.

We do not sell, rent, or trade your personal data. We share data only with the following categories of service providers, and only to the extent necessary:

  • Cloudflare — content delivery, DDoS protection, and security. Cloudflare processes IP addresses and request data as part of its infrastructure services.
  • Google — authentication (OAuth) when you choose to sign in with Google. Data shared is governed by Google's privacy policy.
  • Hosting and database providers — to store and serve your account data securely.
  • Payment processors (when activated) — card details will be handled directly by Stripe; we will never see or store your full card number or CVV.
  • Email delivery services (when activated) — to send transactional and marketing emails if you opt in.
All service providers are bound by data processing agreements and are only permitted to use your data for the purposes we specify.

6. Data Retention and Security

In short: We keep your data only as long as needed, use strong encryption, and delete it when you close your account.

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy.

Retention Periods

  • Session cookies: 30 days
  • Preference cookies: 1 year
  • Account data: retained while your account is active, then deleted or anonymized within 30 days of account closure
  • Campaign/UTM data: retained for analytics purposes, anonymized after 12 months

Security Measures

  • All traffic is encrypted via HTTPS/TLS
  • Passwords are hashed using industry-standard algorithms — we never store plaintext passwords
  • API requests are proxied through our backend to prevent direct exposure of internal services
  • Session cookies use HttpOnly and Secure flags in production to prevent client-side access
  • Access to personal data is restricted to authorized personnel only

7. International Data Transfers

In short: Our company is based in the EU (Czech Republic). Data may pass through Cloudflare's global network with appropriate safeguards.

ProVision Entertainment s.r.o. is based in the Czech Republic, a member of the European Union. Your data is primarily processed within the EU.

  • Cloudflare operates a global content delivery network. Your requests may be routed through servers outside the EU, but Cloudflare maintains EU Standard Contractual Clauses (SCCs) and appropriate safeguards.
  • Google OAuth data may be processed in the United States, subject to Google's data processing terms and applicable transfer mechanisms.
  • We ensure that any international transfer of personal data is protected by appropriate safeguards as required by GDPR.

8. Your Privacy Rights

In short: You can access, correct, delete, or export your data at any time. Just email us and we'll respond within 30 days.

Depending on your location, you may have the following rights regarding your personal data:

Under GDPR (EU/EEA)

  • Right of access — request a copy of your personal data
  • Right to rectification — correct inaccurate or incomplete data
  • Right to erasure — request deletion of your personal data
  • Right to restriction — limit how we process your data
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — withdraw consent at any time without affecting prior processing

Under CCPA (California)

  • Right to know what personal information is collected and how it is used
  • Right to delete personal information
  • Right to opt out of the sale or sharing of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights
To exercise any of these rights, email us at [email protected]. We will respond within 30 days (GDPR) or 45 days (CCPA).

If you are in the EU/EEA, you also have the right to lodge a complaint with your local data protection authority. In the Czech Republic, this is the Office for Personal Data Protection (ÚOOÚ).

9. Children's Privacy

In short: Our service is for users aged 18 and over. We do not knowingly collect data from minors.

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we discover that we have inadvertently collected data from a person under 18, we will delete it promptly. If you believe a minor has provided us with personal data, please contact us at [email protected].

10. Changes to This Policy

In short: We'll update this page when our practices change and show the date at the top.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page. For material changes, we may notify you through the Service or by email. Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

Contact Us

Questions about this Privacy Policy or your personal data? Email us at .

[email protected]