Privacy and Cookies Policy

Gambling.com Group Limited

PRIVACY AND COOKIES POLICY

GDC Media Limited, a subsidiary of Gambling.com Group Limited (Nasdaq: GAMB) (“GAMB”).

The terms “GDC”, “we”, “us”, or “our” refer collectively to GAMB, and its current and future subsidiaries (“Group Members”).

GDC Media Limited is the owner of the websites operated by and on behalf of GDC except for certain GDC websites which are owned by OddsJam, Inc., another Group Member.

GDC Media Limited and OddsJam, Inc. have licensed the operation of certain GDC websites in certain geographic locations to other Group Members, including:

(a) certain GDC websites operating in the United States to GDC America, Inc.;
(b) certain GDC websites owned by OddsJam, Inc. to GDC Media Limited and OpticOdds, Inc.; and
(c) certain GDC websites operating in the United States to Roto Sports, Inc., under a sub-license from GDC America.

This Privacy and Cookies Policy (“Policy”) describes the practices of GDC Media Limited, OddsJam, Inc. and the Group Members involved in the operation of the GDC’s websites in different geographic locations and the rights and choices available to individuals regarding personal data.

1. PURPOSE OF THIS POLICY

GDC respects your privacy and is committed to protecting your personal data. Personal data means any information that relates to an identified or identifiable individual. It does not include data where the ability to identify an individual has been removed (anonymous data).

This Policy describes your rights and choices regarding your personal data. It is important that you read the Policy carefully. If you have any questions about this Policy, including any requests to exercise your legal rights, please contact us as set out below.

We may alter this Policy at any time and from time to time as needed for certain services of GDC and to abide by local laws or regulations around the world, including by providing supplemental information to users in certain jurisdictions. This Policy does not apply to GDC’s processing of the personal data of its personnel, such as employees and contractors.

We also provide important additional information, which users should read, that is solely applicable to individuals located (i) within the Member States of the European Union, countries in the European Economic Area, the United Kingdom, and Switzerland (collectively, “Europe” or “European”), (ii) in Brazil, and (iii) in California, Colorado, Connecticut, Delaware, Montana, Nevada, Utah, Iowa, Florida, Washington, Virginia and other states of the United States, (iv) in Australia, (v) in Canada and (vi) in Mexico.

Our websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect, use or otherwise handle data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave any of our websites, we encourage you to read the privacy policy of every website you visit.

2. THE PERSONAL DATA WE COLLECT

We collect personal data about individuals from various sources described below. Where applicable, we will let you know how we intend to use your data before collecting it, so that you can decide whether or not you wish to provide that information. We may collect, use, store and transfer different kinds of personal data about you (“Personal Data”) which we have grouped as follows:

“Personal Information” includes any information from which (alone or when used in combination with other information) you can be personally identified, including your name, surname, email address, telephone number or mobile number. The Personal Information we collect varies depending on our relationship and interactions with you.

Personal Information, sometimes referred to as “personal data”, may also have specific meanings under different privacy laws.

“Profile Data” includes a username (or nickname), password (encrypted), login and logout times and a profile image that an individual may establish and upload on one of our websites or mobile applications, along with any comment or content posted by that user and any other information that an individual enters into their account profile (e.g. ‘Freemium’ account);

“Financial account data” includes payment card details or bank account details;

“Recruitment Process Data” includes the CV and any covering letter of a job applicant and notes taken for the duration of your recruitment process relating to a job application and interview of a job applicant, and other information supplied by a job applicant, such as professional credentials and skills, educational and work history, and other information of the type included on a CV or covering letter;

“Usage Data” includes information about how you use our websites. This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, operating system and platform, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access our mobile applications with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

We may use and store information about your location if you give us permission to do so (“Location Data”). We use this data to provide features of our services, to improve and customize our services.

You can enable or disable location services when you use our services at any time by way of your device settings.

We also may collect, use and share “Aggregated Data” such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.

We may retain recordings of any telephone voice messages that you have left for our customer support teams.

We automatically collect Usage Data. If you are using a mobile device, we collect data that identifies your mobile device, device-specific settings and characteristics, app crashes and other system activity.

We do not collect any information about your race, ethnicity, religious or philosophical beliefs, gender or sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data. However, if you are applying for a job with us, we will collect information about criminal convictions and offences.

3. COLLECTION OF PERSONAL DATA

We may use different methods to collect data from and about you including the following:

Direct interactions. You may give us your Personal Information, Profile Data, Financial Account Data and Recruitment Process Data by: a) filling in a job application form on our Career Page, b) providing an email address to register with our websites and/or receive our newsletter, c) posting comments during your use of our sites, and/or d) providing your contact details, payment card details and/or account log-in details via our registration and/or newsletters form.
Indirect interactions. You may give us your Personal Information indirectly by providing an email address and/or contact details to register with websites of and/or receive newsletters or other forms of communication from entities with whom we have an agreement to work in partnership with and provide services to (“Media Partners”).
Automated technologies. As you interact with our websites, we will automatically collect Usage Data about your equipment, browsing actions and patterns. We collect this data by using cookies, server logs and other similar technologies.Third parties or publicly available sources. We may partner with third parties (such as content providers and analytics companies including Google Analytics, OptInMonster, Hotjar, customer.io, plausible.io, segment.io, Mixpanel and Convert.com) to help us improve the services of our website, including to provide you with relevant and interesting content and to conduct analytics and measurement to understand how our services are used. These companies may collect information from you automatically in connection with your visit. We may use third-party Service Providers to automate the development process of our service (such as development platform to host and review code, manage projects, and build software, including GitHub).

Generally, our websites can be accessed and used without registration and without having to provide us any Personal Data (Personal Information, Profile Data, and/or Recruitment Process Data). You may opt in to receive information about promotions, bonuses, bets, tips and strategy by subscribing to one or more of our mailing lists by providing your email address. You may any time opt out from receiving such communications by writing to us or clicking the “unsubscribe” button in any of our emails to you. In case you contact us, whether by email, through contact forms, or in other writings, we may keep a copy of that correspondence. We will not share your Personal Data with third parties for marketing purposes unless you have provided us with your express consent to do so and/or, with respect to our Media Partners, you have consented to receive marketing communications from those Media Partners. You may withdraw your consent by contacting those Media Partners directly. You may not withdraw your consent given to our Media Partners by contacting the Group Members.

4. USE OF PERSONAL DATA

We may use your Personal Data for the purposes of:

Providing our services, which may include:

Operating, evaluating, maintaining, improving, and providing the features and functionality of our services;
Notifying you about changes to our services;
Fulfilling a payment transaction initiated by you; Communicating with you regarding your account with us (if you have one), including by sending you service-related emails or messages (e.g., messages regarding account verification, changes or updates to the functionality of our services, technical and security notices and alerts, notices about your subscription, including expiration and renewal notices, email-instructions, and support messages)
Personalizing the manner in which we provide our services;
Administering and protecting our business;
Provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;
Monitoring the usage of our services;
Detecting, preventing and addressing technical issues; and
Providing support and maintenance for our services, including responding to your service-related requests, questions, and feedback.

For research and development

We use the information we collect for our own research and development purposes, which include:

Developing or improving our services; and
Developing and creating analytics and related reporting.

Marketing

We may use your Personal Data to form a view on what services we think you may want or need or what may be of interest to you.

We may contact you with marketing communications using the Personal Data you have provided to us if you have actively expressed your interest in availing of our services or have availed of our services and, in any case, you have not opted out of receiving that marketing, to the extent permitted by applicable law.

You can ask us to stop sending you marketing messages at any time by contacting us using the details below or clicking on the opt-out link included in each marketing message.

Should you choose to opt out of receiving our marketing messages, we will continue to conduct our other relevant activities using your Personal Data, including sending non-marketing messages.

Managing our recruiting and processing employment applications

We process Personal Data, such as information submitted to us in a job application, to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, and monitoring recruitment statistics.

Complying with law

We use your Personal Data as we believe necessary and appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

Compliance, fraud prevention and safety

We use your Personal Data as we believe necessary or appropriate to (a) enforce the terms and conditions that govern our services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

With your consent

In some jurisdictions, applicable law may require us to request your consent to use your Personal Data in certain contexts, such as when we would like to send you certain marketing messages. If we request your consent to use your Personal Data, you have the right to withdraw your consent any time in the manner indicated when we requested the consent or by contacting us. If you have consented to receive marketing communications from our third-party partners, including our Media Partners, you may withdraw your consent by contacting those partners directly (and not by contacting us).

To create anonymous data

We may create anonymous data from your Personal Data and other individuals whose Personal Data we collect. We make Personal Data into anonymous data by excluding information that makes the data personally identifiable to you and use that anonymous data for our lawful business purposes.

5. TO WHOM DO WE PROVIDE PERSONAL DATA

We may have to share your data to the following parties:

Group Members

We may disclose your Personal Data to other Group Members for purposes consistent with this Policy.

Service providers

We may employ third parties to administer and provide services on our behalf (such as third parties that provide customer support, that we engage to host, manage, maintain, and develop our websites, mobile applications, and IT systems, and that help us process payments). These third parties may use your information only as directed by us and in a manner consistent with this Policy. These third parties are prohibited from using or disclosing your information for any other purpose.

Participants in the transaction processing chain

We may share your Personal Data with companies in the transaction processing chain in connection with processing a payment transaction, such as merchants, banks or other card issuers, card associations, debit network operators and their members.

Business Transaction

If GDC and any Group Member are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.

Professional advisors

We may disclose your Personal Data to professional advisors, such as lawyers, bankers, auditors and insurers, in the course of the professional services that they render to us.

Transfers to third parties

We may disclose your Personal Data to third parties, such as our Media Partners and other third-party business partners, in order to provide our services. When we carry out any sharing with third parties, we always ensure that there is an appropriate contract in place, that the information being shared is transferred in a secure way, and that we only share the minimal amount of your information necessary. We will never sell your information to any other third parties.

Where the third party is a data controller, they have the same obligations under data protection law to protect your data, as we do.

Where the third party is a data processor, we require that these third parties provide a sufficient guarantee that the necessary safeguards and controls have been implemented to ensure there is no impact on your data rights and freedoms.

Compliance with Laws and Law Enforcement; Protection and Safety

GDC may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our services; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. GDC may also disclose Personal Data in connection with any complaint regarding your use of our sites, for example, in the event of a complaint or legal action arising from a comment or content posted.

6. INTERNATIONAL TRANSFERS OF DATA

GAMB is incorporated in the Channel Island of Jersey and GDC operates globally, with primary offices in United States and Ireland. The mailing address of our principal executive offices is 22 Greenville St., St. Helier, Channel Island of Jersey JE4 8PX. Your personal data may be transferred to other locations outside of your state, province, country or other governmental jurisdiction where we, our third-party partners, including our Media Partners, or our service providers maintain offices and where privacy laws may not be as protective as those in your jurisdiction. If we make such a transfer, we will require that the recipients of your personal data provide data security and protection in accordance with applicable law; and we will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.

European users should read the important information provided below in Section 10 about transfer of personal data outside of your region / country.

7. DATA SECURITY AND DATA RETENTION

We have put in place appropriate security measures which we believe reasonably prevents your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors, subsidiaries, affiliates and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality. We have put in place commercially reasonable procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

As we seek to use reasonable physical, electronic, and procedural measures to safeguard Personal Data within our organization against loss, theft, and unauthorized use, disclosure, or modification, however, no data transmission over the internet can be guaranteed to be 100% secure. As a result, while we strive to protect your information, we cannot guarantee its security.

We will process and store the relevant Personal Data for as long as it is necessary for the purposes set out in this Privacy Policy or required in order to fulfil our legal, contractual, or statutory obligations and/or for the establishment, exercise or defence of legal claims.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our services, or we are legally obligated to retain this data for longer time periods.

If, during your use of our websites, you post comments, we will keep a record of your commenting history. Personal data collected from commenting will be kept for the lifetime of the article commented on.

8. YOUR RIGHTS AND CHOICES

In this section, we describe the rights and choices available to all users. Users who are located in Europe and Brazil should read additional information about their rights in paragraph 10 below; users who are located in California, Virginia and other US states should read additional information about their rights in the relevant paragraphs below; and users who are located in Australia, Canada and Mexico should read additional information in paragraphs 14, 15 and 16 respectively.

Marketing communications

You can ask us to stop sending you marketing messages at any time by contacting us or clicking on the opt-out link included in each marketing message. You may continue to receive service-related and other non-marketing messages.

Choosing not to provide your Personal Data

Where we request Personal Data directly from you, you do not have to provide it to us. If you decide not to provide the requested information, in some circumstances we may be unable to provide services to you. For example, we may be unable to process your transaction.

Accessing, modifying or deleting your information

In some jurisdictions, applicable law may provide a right for individuals to access, modify, or delete their Personal Data in some. You may contact GDC directly to request access to, modify or delete your information. We may not be able to provide access to, modify, or delete your information in all circumstances.

Complaints

If you have a complaint about our handling of your Personal Data, you may contact our data protection officer using the contact information below. A complaint must be made in writing. Please provide details about your concern or complaint so that we can investigate it. We will determine whether to take action in response to your complaint, which, if we do so, may include conducting internal discussions with relevant business representatives. We may contact you for additional details or clarification about your concern or complaint. We will contact you to inform you of our response to your complaint. You also may have a right to file a complaint with a national or local regulatory agency.

9. PAYMENTS

We may provide paid products and/or services. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with from time to time and at any time include:

Apple Store In-App Payments:
Their Privacy Policy can be viewed at: https://www.apple.com/legal/privacy/en-ww/ / https://support.apple.com/en-us/HT203027

Google Play In-App Payments:
Their Privacy Policy can be viewed at: https://policies.google.com/privacy?hl=en&gl=us / https://payments.google.com/payments/apissecure/u/0/get_legal_document?ldo=0&ldt=privacynotice&ldl=en

Stripe:
Their Privacy Policy can be viewed at: https://stripe.com/us/privacy

Authorize.net:
Their Privacy Policy can be viewed at: https://www.authorize.net/about-us/privacy/

10. ADDITIONAL INFORMATION FOR EUROPEAN USERS AND BRAZILIAN USERS

Data Controller

GDC is the data controller for the purpose of the General Data Protection Regulation (“GDPR”), and other applicable data protection laws. This means that GDC is principally responsible for looking after your Personal Data and this Policy determines the means and purposes of processing of Personal Data.

Legal bases for processing

We are required to inform you of the legal bases of our processing of your Personal Data, which are described in the table below. If you have questions about the legal basis of how we process your Personal Data, please contact us at [email protected].

Processing purpose	Legal Basis
Providing our services	Processing is necessary to perform the contract governing our provision of the services.
Marketing For research and development To manage our recruiting and process employment applications For compliance, fraud prevention and safety To create anonymous data To manage user-generated content	These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you and your rights before we process your Personal Data for our legitimate interests. We do not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). We may need to disclose Personal Data in the event of a complaint or legal action arising from any comment or content posted by that user.
To comply with law	Processing is necessary to comply with our legal obligations.
With your consent	Processing is based on your consent. Where we rely on your consent, you have the right to withdraw it anytime in the manner indicated at the time we collect your information or by contacting us at [email protected].

Use for new purposes

We may use your Personal Data for reasons not described in this Policy where permitted by law and the reason is compatible with the purpose for which we collected it.

How long will we use your Personal Data?

We will use your Personal Data for as long as necessary based on why we collected it and what we use it for. This may include our need to satisfy a legal, regulatory, accounting, or reporting requirement.

To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In general terms, we will retain your Personal Data for the duration of your involvement/engagement with us and for as long as reasonably necessary afterwards. There are also certain types of information which are required to be retained for a certain period by law.

Your individual legal rights

You have the right to obtain access to, rectification of, erasure of, restriction of Personal Data, portability of Personal Data and to object to the processing of your Personal Data as follows:

Access. You are entitled to ask us if we are processing your Personal Data and, if so, for a copy of the Personal Data we hold about you, as well as obtain certain other information about our processing activities.
Correction. If any Personal Data we hold about you is incomplete or inaccurate, you can require us to correct it, though we may need to verify the accuracy of the new data you provide to us.
Erasure. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. If you are in Brazil, you may also ask us to anonymize or block personal data that is excessive, unnecessary or where we may have processed your information unlawfully.
Object. Where our reason for processing your Personal Data is legitimate interest, you may object to processing as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
Restriction. You may ask us to suspend our use of your Personal Data in the following scenarios:
- if you want us to establish the data's accuracy;
- where our use of your Personal Data is unlawful but you do not want us to erase it;
- where you need us to hold your data for a longer period than we usually would, because you need it to establish, exercise or defend legal claims; or
- you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
Transfer. Where it is possible, we will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to Personal Data provided by you which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent. Where our reason for processing is based on your consent, you may withdraw that consent at any time. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
Automated decision making. You have the right not to be subject to automated decision making (e.g., profiling) that significantly affects you. The exercise of this right is not available to you in the following cases:
- The automated decision is required to enter into, or perform, a contract with you.
- We have your explicit consent to make such a decision.
- The automated decision is authorised by local law of an EU member state.

However, in the first two cases set out above, you still have the right to obtain human intervention in respect of the decision, to express your point of view and to contest the decision.

If you have any questions about this Policy or wish to exercise any of the rights set out above, please contact us at [email protected].

We may need to request specific information from you to help us confirm your identity and ensure you are entitled to exercise a right in respect of your Personal Data. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

There may be legal or other reasons why we cannot, or are not obliged to, fulfil a request to exercise your rights. We will use available lawful exemptions to your individual rights to the extent appropriate. If we decline your request, we will tell you why, subject to legal restrictions.

You also have the right to make a complaint at any time to a supervisory authority (for more information go to https://edpb.europa.eu/about-edpb/board/members_en). If you are located in the UK, you also have a right to make a complaint to the Information Commissioner’s Office (ICO).

International transfers of data

We may transfer the Personal Data we collect about you to recipients in countries other than your country, including the United States. These countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your Personal Data to other countries, we will protect that information as described in this Policy or as otherwise disclosed to you.

We comply with applicable legal requirements when transferring Personal Data to countries other than the country where you are located. If you are located in the EEA, the UK or Switzerland, we will transfer your Personal Information in accordance with adequacy decisions, standard contractual clauses, and other data transfer mechanisms.

See list of countries for which the European Commission has issued an adequacy decision here.

See list of countries for which the UK government has issued an adequacy decision here.

11. INFORMATION FOR CALIFORNIA RESIDENTS

A) Your Data Protection Rights under the California Consumer Privacy Act

We are required by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CPRA), (“CCPA”) to provide California residents with an information of how we collect, use and share their Personal Data, and of the rights and choices we offer California residents regarding our handling of the Personal Data.

Your California privacy rights

As a California resident, you have the rights listed below. However, these rights are not absolute, and we may decline your request as permitted by the CCPA.

Access and data portability. You may have the right to request that we provide you a copy of the Personal Data we have collected about you. In addition, you may have the right to request that we disclose to you information about our collection and use of your personal data in the preceding 12 months, including: (a) the categories and specific pieces of personal data we collect; (b) the categories of sources from which we collect personal data; (c) the business or commercial purpose for which we collect, sell or share personal data; (d) the categories of third parties to whom we disclose personal data; and (e) the categories of personal data disclosed for a business purpose or sold to third parties and the categories of third parties to whom such personal data was sold or disclosed. You may only make an access request to us for your personal data up to two times in any 12-month period.
Deletion. You may have the right to request that we delete certain personal data that we have collected about you. The foregoing is subject to our right to maintain your personal data for specific purposes permitted under the CCPA. If we are unable to comply with any such request, we will notify you.
Correction. You may have the right to request that we correct inaccuracies in the personal data we have collected about you.
Right to limit the use and disclosure of sensitive personal data. The CCPA grants you the right to instruct a business to limit its use or disclosure of your sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by you in your request for those goods or services and to perform certain activities permitted by the CCPA. We do not collect, use or disclose sensitive personal data for any purposes other than those necessary to provide the relevant services or as permitted by the CCPA.
Right to opt-out. You may have the right to request that your personal data not be shared (as such terms are defined above) with third parties.
Non-discrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as by denying you goods or services, increasing the price/rate of goods or services, decreasing the service quality, or suggesting that we may penalize you as described above for exercising your rights. However, the CCPA allows us to charge you a different price or provide a different service quality if that difference is reasonably related to the value of the Personal Data we are unable to use.

How to exercise your rights

You may exercise your California privacy rights as follows:

Right to information, access and deletion

You can request to exercise your information, access and deletion rights by:

Contacting us at [email protected]
Identify verification. The CCPA requires us to verify the identity of the individual submitting the request before providing a substantive response to the request. A request must be provided with sufficient detail to allow us to understand, evaluate and respond. The requester must provide sufficient information to allow us to reasonably verify that the individual is the person about whom we collected information. A request may also be made on behalf of your child under 13.
Authorized agents. California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming that authority.

Sale or Sharing of Personal Information for cross-context advertising means

Our websites and online services and the websites of our Media Partners may use analytics and advertising tools that enable us and our analytics and marketing partners to collect and disclose internet or other electronic network activity information based on your activity across our services and websites and the websites of our Media Partners, including to analyze your usage of our services and our services with our Media Partners and to serve you advertisements that are relevant to you (collectively, “cross-context behavioral advertising”). However, please note that we do not knowingly sell or share the Personal Information of consumers under 16 without parental consent.

Personal information that we collect, use and share

The table below summarizes what data we may collect or what data may have been collected from California residents during the last 12 months before the effective date of this Policy.

Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by GDC but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if you provided such personal information directly to us.

Categories of Information We Collect	Data Elements within the Category	Do we collect this information?	Do we share this information for business purposes?
Identifiers	Real name, alias, postal address, unique personal identifier, customer number, email address, account name, other similar identifiers.	Yes	No
Online Identifiers	An online identifier or other persistent identifier that can be used to recognize a person, family or device, over time and across different services, including but not limited to, a device identifier; an Internet Protocol address; cookies, beacons, pixel tags, mobile ad identifiers, or similar technology; customer number, unique pseudonym, or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers (i.e., the identification of a person or a device to a degree of certainty of more probable than not) that can be used to identify a particular person or device.	Yes	No
Protected Classification Characteristics	Race, religion, sexual orientation, gender identity, gender expression, age	Age Possible	No
Commercial information	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies	No	No
Biometric Information	An individual's physiological, biological or behavioural characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish an individual's identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a face print, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.	No	No
Internet or Network Information	Browsing history, search history, and information regarding a consumer's interaction with an Internet website, application, or advertisement.	Yes	Yes
Geolocation Data	Precise location, e.g., derived from GPS coordinates or telemetry data.	Yes	Yes
Professional or Employment Information	Information relating to a person's current, past or prospective employment or professional experience (e.g., job history, performance evaluations), and educational background.	Possible	No
Financial Information	Bank account number, debit or credit card numbers, insurance policy number, and other financial information.	Yes	Yes
Medical Information	Personal information about an individual's health or healthcare, including health insurance information.	No	No

B) Your Data Protection Rights under the California Privacy Protection Act (CalOPPA)

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacyprotection-act-caloppa-3/

According to CalOPPA we agree to the following:

(a) users can visit our site anonymously;
(b) our Privacy Policy link includes the word “Privacy”, and can easily be found on the page
specified above on the home page of our website;
(c) users will be notified of any privacy policy changes on our Privacy Policy page;
(d) users are able to change their personal information by emailing us at [email protected].

12. INFORMATION FOR VIRGINIA RESIDENTS

Under the Virginia Consumer Data Protection Act, Virginia residents have the following rights around GDC’s collection, use and disclosure of their personal data. For purposes of exercising the rights in this section, the listed terms are defined as follows:

Definitions:

Profiling means any form of automated processing to evaluate, analyze or predict personal aspects related to a person’s economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Sale of personal data means the exchange of personal data for monetary consideration.
Targeted advertising means displaying advertisements to a consumer where the advertisement is selected based on personal data obtained from that consumer’s activities over time and across non-affiliated websites or online applications to predict such consumer’s preferences or interests.

As a Virginia resident, you may have the rights listed below.

Right of access. You may have the right to confirm whether we are processing your personal data and to access your personal data.
Right of data portability. You may have the right to request that we provide you a copy of the personal data that you previously provided to GDC.
Right to correction. You may have the right to request that we correct inaccuracies in the personal data we have collected about you.
Right to deletion. You may have the right to request that we delete certain personal data that we have collected about you. The foregoing is subject to our right to maintain your personal data for specific purposes permitted under applicable state law. If we are unable to comply with any such request, we will notify you.
Right to opt-out. You may have the right to request that your personal data not be sold to third parties or used for targeted advertising or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
Appeal. You may have the right to appeal GDC’s denial of any of the above-listed rights. You may do so by responding to the message in which GDC has communicated its denial and indicating you would like to appeal that denial.

How to exercise your rights

If you are a Virginia resident, you may exercise your rights by contacting us at [email protected]

13. OTHER STATES OF THE UNITED STATES PRIVACY RIGHTS

The States of Colorado, Connecticut, Florida and Utah each provide their state residents with rights to:

Confirm whether we process their personal information.
Access, correct and delete certain personal information.
Data portability.
Opt-out of personal data processing for targeted advertising and sales.

The States of Colorado and Connecticut also each provide their state residents with rights to:

Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose.
Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.

If you are a resident of any of these states, you may exercise any of these rights by contacting us [email protected].

The State of Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out rights may submit a request to this designated address: [email protected]. However, we do not currently sell data triggering that statute’s opt-out requirements.

The State of Iowa provides their state residents with rights to:

Rights to access. Consistent with applicable law, you may submit a verifiable consumer request to access, the personal information that we have collected about you as well as more information about our data practices. For more information about how we collect, use, and disclose personal information for business purposes, please review our Global Privacy Policy.
Rights to delete. Consistent with applicable law, you may submit a request to delete your personal information.
Right to data portability. Consistent with applicable law, you have the right to obtain a copy of the personal data they provided to the controller, except when such data is subject to security breach protection, or previously provided to the controller in a portable and readily usable format that allows the consumer to transmit the data to another controller without hindrance, where processing is carried out by automated means.
Appeal of Consumer Rights Requests. To appeal a refusal to take action on your request, please see the instructions in our response to your request or submit your appeal in writing by contacting [email protected] with the subject “Appeal of Consumer Rights Request.”

The States of Delaware, Montana, New Hampshire, New Jersey, Oregon and Tennessee provide their state residents with rights to:

Right to Access. Consistent with applicable law, you may submit a verifiable consumer request to access the personal information that we have collected about you as well as more information about our data practices. For more information about how we collect, use, and disclose personal information for business purposes, please review our Global Privacy Policy.
Right to Correct. Consistent with applicable law, you may submit a verifiable consumer request to correct inaccuracies in your personal information held by GDC.
Right to Delete. Consistent with applicable law, you may submit a verifiable consumer request to delete your personal information.
Appeal of Consumer Rights Requests. To appeal a refusal to take action on your request, please see the instructions in our response to your request or submit your appeal in writing by contacting [email protected] with the subject “Appeal of Consumer Rights Request.”
Personalized Advertising Opt-Out. We do not sell personal information. However, we may process personal information for purposes of displaying advertisements that are selected based on users’ online activities over time and across different sites, services, and devices. Consistent with applicable law, you may opt out of such processing by contacting us. We strive to honour opt-out preference signals where required by applicable law. The opt-out preference signals are offered by a third party that we do not control.

The State of Washington provide their state residents with rights to:

Right to Access. Consistent with applicable law, you may submit a request to access the personal information that we have collected about you as well as more information about our data practices. For more information about how we collect, use, and disclose personal information for business purposes, please review our Global Privacy Policy.
Right to Correct. Consistent with applicable law, you may submit a request to correct inaccuracies in your personal information held by GDC.
Right to Delete. Consistent with applicable law, you may submit a request to delete your personal information.
Right to data portability. Consistent with applicable law, you have the right to obtain a copy of the personal data they provided to the controller.
Right to Opt Out. Consistent with applicable law, you can opt out of certain data processing activities, namely data processing for targeted advertising, data sales, and profiling.
Appeal of Consumer Rights Requests. To appeal a refusal to take action on your request, please see the instructions in our response to your request or submit your appeal in writing by contacting [email protected] with the subject “Appeal of Consumer Rights Request.”

Please note that in case of submitting data subject rights requests, you may need to verify your identity and request before further action is taken. As a part of this process, you may be required to provide personal information, such as your name, state of residence, phone number and email address associated with your account, if applicable. Consistent with applicable laws, you may designate an authorized agent to make a request on your behalf.

14. INFORMATION FOR AUSTRALIA RESIDENTS

GDC is providing the following additional information for individuals whose personal information is collected or held by us at a time when the collecting or holding entity has an “Australian link” within the meaning of the Australian Privacy Law.

Where you are such an individual, you may make a complaint to us about a breach of the Australian Privacy Principles by contacting us at [email protected].

We will investigate your complaint and endeavour to resolve any issue to your satisfaction. If we do not adequately answer your concerns, you will have the right to make a complaint in writing to the Office of the Australian Information Commissioner here.

If at any time you want to know what personal information we hold about you, you may request access to your record by contacting us and we will respond within a reasonable period from the date your application is received.

If at any time you want to change personal information that is inaccurate or out of date, please contact us and we can amend the record. If you want to have your personal information deleted, please let us know and we will take reasonable steps to delete it unless we need to keep it for legal or regulatory purposes.

15. INFORMATION FOR CANADA RESIDENTS

We may collect, use, and disclose Personal Data for the purposes identified in this Privacy Policy, and for any additional purposes, as required by law, with notice to you and your express or implied consent.

You may be able to take advantage of the tool developed by the Digital Advertising Alliance of Canada to opt out of third-party advertising. Where available, this tool provides a list of parties that may target advertisements based on your online web-browsing activities and the ability to opt out of their use of your information for that purpose. To access the tool, visit https://youradchoices.ca.

If you have a question or a complaint about our handling of your personal information, please contact us at [email protected]. We will respond to your complaint within a reasonable time. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner.

16. INFORMATION FOR MEXICO

Please see below information regarding GDC privacy practices as relates to Mexico’s Federal Law for the Protection of Personal Data Held by Private Parties (Ley Federal de Protección de Datos Personales en Posesión de los Particulares).

You have the following ARCO rights regarding GDC's handling of your personal information: the right to access your personal information and request explanations about how GDC uses this information, the right to correct inaccurate or incomplete data, the right to cancel your data if you believe it is not being used in accordance with the principles, duties and obligations set forth in Mexican law regarding data protection, and the right to object to GDC's processing of your data for certain purposes. These rights are known under Mexican law as the “ARCO rights.” To exercise your ARCO rights, please submit your request at [email protected]. Please indicate “Exercise of ARCO rights/Mexico” at the beginning of your request.

Please note that GDC, as a data controller, may deny you the exercise of your ARCO rights in the cases permitted by applicable law and will inform you of such decision. The refusal may be partial, in which case GDC will carry out the access, rectification, cancellation or objection in the relevant part.

Data Transfers. GDC, as a data controller, will ensure that third parties to whom the data is transferred comply with the principles and obligations set out in the Federal Law for the Protection of Personal Data Held by Private Parties.

If a data breach compromising personal data occurs, GDC as a data controller will notify you, as an affected data subject, and the National Institute for Transparency, Access to Information, and Personal Data Protection (INAI).

17. LINKS TO OTHER WEBSITES

In the provision of our services, on our websites and on the websites of our Media Partners, we may link to third-party websites, mobile applications, and other content. GDC is not responsible for the privacy practices of any such third party, and this Policy does not apply to such third party’s websites, mobile applications, or other content. GDC does not guarantee, approve, or endorse any information, material, services, or products contained on or available through any such linked third-party website, mobile application, or other content. GDC is not responsible for any content on any such third-party properties to which we link.

18. COOKIES, PIXEL AND TRACKING INFORMATION

Cookies are small pieces of data served on your computer that remember what you enter while you're browsing a website. For more information about cookies and how they work, please visit: www.aboutcookies.org.

We use cookies, pixels, and similar technologies to improve our service, and to enhance your user experience, for example, to show you the most relevant information when you return to our site.

When we use cookies, pixels and similar technologies, we do not typically process any information that personally identifies a user. By using our websites, you are consenting to us using cookies. You can manage cookie usage, disable or delete cookies through your browser settings at any time. The help function in your preferred browser should provide you with the correct information.

Like many other companies which offer online services to their clients/customers, we use services provided by Google, Meta, and other companies that use tracking technology. One purpose of these services is to provide interest-based ads that are optimized for effectiveness based on inferences about you. Your choices to adjust your preferences for interest-based advertising, and/or opting-out of use of your personal information by these companies for such advertising, include:

Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit allaboutcookies.org.
Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery, or uBlock Origin, and configuring them to block third-party cookies/trackers.
Platform opt-outs. The following advertising partners offer opt-out features that let you opt-out of the use of your information for interest-based advertising:
- Google: https://adssettings.google.com
- Facebook: https://www.facebook.com/about/ads
- Criteo: https://www.criteo.com/privacy/disable-criteo-services-on-internet-browsers/
- Bounce Exchange: https://www.bouncex.com/privacy/your-ad-choices/
Advertising industry opt-out tools. Some of our business partners that collect information about users’ activities may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising. You can use the following opt-out options to limit the use of your information for interest-based advertising by participating companies:
- Digital Advertising Alliance: http://optout.aboutads.info
- Network Advertising Initiative: http://optout.networkadvertising.org/?c=1
- European users may opt-out of receiving targeted advertising on websites through members of the European Interactive Digital Advertising Alliance by clicking here, selecting the user’s country, and then clicking “Choices” (or similarly titled link).
- We also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms we linked above.

As noted above, if you choose to opt-out of targeted advertisements, you will still see advertisements online, but they may not be relevant to you. Even if you do choose to opt-out, not all companies that serve online behavioral advertising are included in this list, so you may still receive some cookies and tailored advertisements from companies that are not listed.

More information on how to deactivate or delete cookies can be found below as well as on https://www.aboutcookies.org/cookie-faq/.

Some browsers provide helpful cookie guides:

Chrome: https://support.google.com/chrome/bin/answer.py?hl=en&answer=95647&p=cpn_cookies
Firefox: http://support.mozilla.org/en-US/kb/Cookies
Internet Explorer: http://support.microsoft.com/kb/278835
Safari 5 for Mac: https://support.apple.com/e
Opera: http://help.opera.com/Linux/10.50/en/cookies.html

In addition, Google Analytics provides its own opt-out options:

http://tools.google.com/dlpage/gaoptout

In the case of mobile devices, it may be necessary to consult the device’s instruction manual to manage cookies effectively. Restriction of cookies may have an impact on the functionality of our websites.

TYPES OF COOKIES

We may use cookies for different purposes and with different functions.

Essential cookies are necessary for our websites to work effectively. They help to make our websites usable by enabling basic functionalities such as page navigation and accessibility to secure areas of our websites. Cookies of this nature may also be used to protect and accelerate our websites for security reasons and to identify our trusted visitors. They may filter bots and distinguish them from legitimate users, preventing any form of spam activity on our websites.

Preference cookies enable our websites to remember information that changes the way our websites behave or look. They may also be used to provide services you have asked for.

Analytics cookies analyse information about how our websites are being used. Analytics cookies can process information about the number of visitors to our websites, where visitors to our websites came from, the pages they visit, scrolling activities, downloads, information about user agents, time spent on our websites and approximate geo-location of a device that you use to access our websites. We use this information to compile reports that help us to improve our websites.

In case we allow others to service cookies through our websites and/or apps, these cookies are called “third party cookies”. Third-party cookies can be used for a variety of purposes, including site analytics, advertising, and social media features.

Below is more information about most common cookies that we use, how they are used, and how long they will be stored on your computer or device.

Our most common cookies and other tracking technologies are:

Cookie	Description
KAX_P - Placed by GDC	This is a first party cookie to give us information about how visitors discover our websites (e.g., whether they clicked a Google search result, an advertisement or typed any of our websites address on their browser). This cookie is stored for 1 month.
Google Analytics – Placed by Google	This third-party cookie provides us information about your use of the site, including where the site is accessed from, time of visit, pages viewed, etc. This cookie is stored for 2 years.
Google AdWords - Placed by Google	This third-party cookie enables us to advertise our site using Google AdWords campaigns. This cookie is stored for 2 years.
Google Cookies	_ga - Google cookie used to identify users which expires after 2 years. _gid - Google cookie used to identify users which expires after 24 hours. _gasessionid - Placed by Google. Used to tie user activity to a specific time window. _gaclientid - Placed by Google. Unique identifier for a browser–device pair that helps Google Analytics link user actions on a site. _utmzz - Placed by Google. Used to track where visitors came from.
Google AdSense DoubleClick Cookie	Google, as a third party vendor, uses cookies to serve ads on our Service. Google's use of the DoubleClick cookie enables it and its partners to serve ads to our users based on their visit to our service or other websites on the Internet. You may opt out of the use of the DoubleClick Cookie for interest-based advertising by visiting the Google Ads Settings web page: http://www.google.com/ads/preferences/
Microsoft Cookies	Microsoft Clarity. Placed by Microsoft. Used to track how users interact with a site. MMID - Placed by Microsoft Identifies unique web browsers visiting Microsoft sites.
KTag Cookies (our inhouse tracking system)	g_uuid - KTag User ID. Placed by gambling.com group and used to assign an anonymous identifier to each user so we can tailor content to your preferences. g_sid - KTag session id. Placed by gambling.com group and used to assign an anonymous session to each user so we can track which advertisements perform best.
Optin Monster Cookies	Placed by Optin Monster. Used to track user interactions with AB tests.
Custom Cookies	PrivacyModalVisited. Placed by gambling.com. Used to track if users interacted with a model to avoid showing it twice.
Hotjar - Placed by Hotjar	This third-party cookie allows us to measure and observe user behaviour on our websites with no connection to personal information.
Outbrain	This third-party cookie allows us to tailor content based on viewer preferences. This cookie is stored for 10 Months.
Viafoura	This third-party cookie allows us to create interactive features for our users on some of our websites and it enables you to log in to be able to post a comment, like a comment, follow a user or a conversation, etc.
Cloudflare - Placed by Cloudfare.	This cookie is strictly necessary for Cloudflare's security features and cannot be turned off. It does not correspond to any user ID in your web application and does not store any personally identifiable information. This cookie is stored for 12 Months.
Vizibl	This cookie is used to deliver GDC advertisements relevant to you, based upon your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of an advertising campaign. This cookie is stored indefinitely.
Facebook custom audiences	This cookie is used to deliver GDC advertisements relevant to you, based upon your on-site actions. This cookie is stored for 180 days. We may use Facebook custom audiences to deliver advertisements to email subscribers based on email addresses we have gathered. For further information on Facebook advertising please visit here. To learn how to opt out of Facebook advertising please visit here.
PushEngage	This cookie is used to send you notifications relevant to you based upon your interests, after you have subscribed to receive notifications from GDC. They are also used to send you notifications based on your geolocation. For instructions on how to unsubscribe from receiving notifications please visit here.
Cohort - ID	This cookie is used categorise the user into a group based on their device so that we are able to tailor better offers for you.
Criteo	This cookie is used to deliver GDC advertisements relevant to you, based upon your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of an advertising campaign. This cookie is stored indefinitely. If you would like to opt out of our service for all browsers we have been able to link to the cookie ID of your current browser, please see the opt out module included in the “User Choices” section here. If you only want to opt out from your current browser uncheck the box.
ALGOLIA	This cookie is used to search analytics and preferences. This cookie is stored for 6 months.
op_list_region_us	This cookie used to store a record of users’ preferred US state. This cookie expires when the users session ends.
__gads	Google Advertising cookie, expires after 13 months.
__gpi	Google Advertising cookie, expires after 13 months.
__qca:	Quantcast Digital Advertising cookie to store and track audience reach, expires after 13 months.
_cc_id	Lotame digital marketing cookie, expires after 270 days.
_fbp	Facebook Pixel cookie, expires after 3 months.
TikTok pixel	Used to track ad campaign performance.
_gcl_au	Google Analytics and Advertising cookie, expires after 90 days.
_uetsid	Bing Advertising cookie, expires after 1 day. Bing Ads is an advertising service provided by Microsoft Inc. You can opt-out from Bing Ads by following the instructions on Bing Ads Opt-out page: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads For more information about Bing Ads, please visit their Privacy Policy: https://privacy.microsoft.com/en-us/PrivacyStatement
advert	Used to track any referrals (such as rotowire.com/try), limited to that session.
cookie	Digital marketing cookies, expires after 28 days.
cto_bidid	Criteo Advertising cookie, expires after 13 months.
cto_bundle	Criteo Advertising cookie, expires after 13 months.
panoramaId_expiry	Lotame digital marketing cookie, expires after 7 days.
panoramaId	Lotame digital marketing cookie, expires after 7 days.
panoramaIdType	Lotame digital marketing cookie, expires after 7 days.
PHPSESSID	The unique session ID of a logged in user, expires after 1 year.
RW_addons	Used in subscription process to track if a subscriber purchased an optional add-on (such as a magazine), limited to that session.
RW_coupon	Used to redeem special subscription offer codes, limited to that session.
RW_orderTotal	Used in subscription process to display changes in order total, expires after 1 year.
RW_viewedSubChoices	Impression cookie used to track conversions, limited to that session.
rwbaseballmyleague	The user's preferred league in MyLeagues feature, limited to that session.
rwbasketballmyleague	The user's preferred league in MyLeagues feature, limited to that session.
RWCFBrankings	Used to preserve a user's preferences on our College Football Rankings page, expires after 6 months.
RWDefvsPos90Stats	Used to preserve a user's preferences on our Soccer Defense vs Position (Per 90 Minutes) page, expires after 6 months.
RWDefvsPosTotStats	Used to preserve a user's preferences on our Soccer Defense vs Position page, expires after 6 months.
rwfootballmyleague	The user's preferred league in MyLeagues feature, limited to that session.
rwhockeyleague	The user's preferred league in MyLeagues feature, limited to that session.
rwlanding	Used to route a user back to what they were viewing after they login, expires after 1 day.
rwmlbH2HPoints	Used to preserve a user's preferences on our MLB Rankings page, expires after 6 months.
rwmlbH2HRoto	Used to preserve a user's preferences on our MLB Rankings page, expires after 6 months.
rwmlbPoints	Used to preserve a user's preferences on our MLB Rankings page, expires after 6 months.
RWMLBPositionEligibility	Used to preserve a user's preferences on our MLB Games Played By Position page, expires after 6 months.
RWMLBProjected	Used to preserve a user's preferences on our MLB Projected Starters page, expires after 6 months.
rwmlbRoto	Used to preserve a user's preferences on our MLB Rankings page, expires after 6 months.
rwnbaH2HPoints	Used to preserve a user's preferences on our Basketball Rankings pages, expires after 6 months.
rwnbaH2HRoto	Used to preserve a user's preferences on our Basketball Rankings pages, expires after 6 months.
rwnbaPoints	Used to preserve a user's preferences on our Basketball Rankings pages, expires after 6 months.
rwnbaRoto	Used to preserve a user's preferences on our Basketball Rankings pages, expires after 6 months.
RWNFLrankings	Preserves a user's NFL scoring and roster preferences across Auction Values and Rankings pages, expires after 6 months.
rwnhlPts	Preserves a user's NHL scoring and roster preferences across Auction Values and Rankings pages, expires after 6 months.
rwnhlRoto	Preserves a user's NHL scoring and roster preferences across Auction Values and Rankings pages, expires after 6 months.
RWPlayerPer90Stats	Used to preserve a user's preferences on our Soccer Player Stats (Per 90 Minutes) page, expires after 6 months.
RWPlayerStats	Used to preserve a user's preferences on our Soccer Player Stats page, expires after 6 months.
RWPrizePicksProjections	Remembers a user's preferred sports on our Prize Picks page, expires after 6 months.
rwsoccermyleague	The user's preferred league in MyLeagues feature, limited to that session.
RWSOCrankings	Preserves a user's Soccer scoring and roster preferences across Weekly Rankings and Season Rankings pages, expires after 6 months.
RWTeamStats	Used to preserve a user's preferences on our Soccer Team Stats page, expires after 6 months.
.33across.com	The 33Across platform delivers programmatic video and display ad revenue to publishers across devices.
.adform.net	Adform is an advertising platform.
.amazon-adsystem.com	Amazon Ad System is an online advertising service which run ads on the Amazon network.
.colossusssp.com	Colossus SSP is a custom supply side platform that delivers a diverse marketplace, enabling brands of all sizes to connect with multicultural and general market audiences.
.connextra.com	Connextra is the gaming industry's No 1 adserver, delivering live prices & messages into dynamically-built online adverts.
.creativecdn.com	RTB House is a global company that provides AI-based advertising and marketing technologies for large brands and agencies worldwide.
.crwdcntrl.net	The crwdcntrl.net is owned by Lotame Solutions Inc. “Data Management Platform: Lotame licenses its Data Management Platform software to online publishers, marketers, agencies and other companies for their use in collecting, organizing and activating data for their marketing purposes.
.id5-sync.com	ID5 operates an identity platform for the digital advertising industry, helping publishers monetise their websites and protect their users' privacy.
.mediago.io	MediaGo is a global AI-integrated marketing platform under the Baidu Global brand that helps clients to rapidly expand into the global market and enhance international influence.
.prebid.a-mo.net	Prebid Mobile is an open-source library that provides an end-to-end header bidding solution for mobile app publishers.
.pub.network	Provides advertising or advertising-related services such as data collection, behavioral analysis or retargeting.
.quantserve.com	quantserve.com is a domain used by Quantcast. The domain is used for advertising and analytics.
.scorecardresearch.com	ScorecardResearch.com is a domain owned by Full Circle Studies, a market research company that is part of Comscore, Inc. Comscore is media analytics and measurement company that provides marketing data, analytics, and digital market research to its clients.
adnxs.com	Adnxs.com is run by AppNexus, a company that provides technology, data and analytics to help companies buy and sell online display advertising.
bidswitch	BidSwitch provides immediate and seamless real-time access for supply and demand partners across all media types (display, mobile, video, native, etc.)
dotomi	Dotomi provides Personalized Media display advertising that is dynamically adapted in real time at the user and impression level.
justpremium	Justpremium offers programmatic buying and selling of online advertising space with real-time technologies.
openx	OpenX is a leader in programmatic advertising, powering monetization and advertising revenue for publishers.
quantserve	quantserve.com is a domain used by Quantcast. The domain is used for advertising and analytics.
sonobi	Sonobi is an consumer-focused technology company that provides a media marketplace to connect advertisers.

Please note that our advertisers may also use cookies on their websites, and we have no control over such use.

Other Technologies.

We may use other similar technologies to collect information automatically. Other such tools that we, our vendors, and third parties may use include:

Server logs. These logs record information about the device, browser, operating system, network, and other resources you use to access our digital services.
Web pixels. These are small electronic images deployed on websites and emails that collect information about how users interact with content. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages or within HTML formatted emails. Pixel tags are used to demonstrate that a web page was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of the Sites, so that we can manage our content more effectively.

We may further use third-party Service Providers to show advertisements to you to help support and maintain our services:

AdMob by Google

AdMob by Google is provided by Google Inc.

You can opt-out from the AdMob by Google service by following the instructions described by Google: https://support.google.com/ads/answer/2662922?hl=en

For more information on how Google uses the collected information, please visit the “How Google uses data when you use our partners' sites or app” page: http://www.google.com/policies/privacy/partners/ or visit the Privacy Policy of Google: http://www.google.com/policies/privacy/

AdButler

AdButler is an advertising service provided by Sparklit Networks Inc.

For more information about AdButler, please visit their Privacy Policy: https://www.sparklit.com/agreements.spark?agreement=privacy

Unity Ads

Unity Ads is provided by Unity Technologies.

You can opt-out from Unity Ads service by following the instructions as described by Unity Technologies on their Privacy Policy page: https://unity3d.com/legal/privacy-policy

For more information about Unity Technologies, please visit Unity Technologies Privacy Policy: https://unity3d.com/legal/privacy-policy

If you have any questions about this Policy or you wish to exercise any of the rights set out above, please contact us at [email protected].

We will respond to all legitimate requests promptly and, in any event, within any timeframes prescribed by applicable law. In general, we must respond to queries within one month from the receipt of the request. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

19. BEHAVIORAL REMARKETING

We may use remarketing services to advertise on third party websites to you after you visited our service. We and our third-party vendors use cookies to inform, optimise and serve ads based on your past visits to our service.

Google Ads (AdWords)

Google Ads (AdWords) remarketing service is provided by Google Inc.

You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads

Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en

Bing Ads Remarketing

Bing Ads remarketing service is provided by Microsoft Inc.

You can opt-out of Bing Ads interest-based ads by following their instructions: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

You can learn more about the privacy practices and policies of Microsoft by visiting their Privacy Policy page: https://privacy.microsoft.com/en-us/PrivacyStatement

Twitter

Twitter remarketing service is provided by Twitter Inc.

You can opt-out from Twitter's interest-based ads by following their instructions: https://support.twitter.com/articles/20170405

You can learn more about the privacy practices and policies of Twitter by visiting their Privacy Policy page: https://twitter.com/privacy

Pinterest

Pinterest remarketing service is provided by Pinterest Inc.

You can opt-out from Pinterest's interest-based ads by enabling the “Do Not Track” functionality of your web browser or by following Pinterest instructions: http://help.pinterest.com/en/articles/personalization-and-data

You can learn more about the privacy practices and policies of Pinterest by visiting their Privacy Policy page: https://about.pinterest.com/en/privacy-policy

20. UPDATES TO THIS POLICY

As we may make changes to this Policy from time to time, you can always find an up-to-date version of this Policy on our websites.

This Policy was updated as of January 15, 2025.