Privacy

Accounts are optional.BetSetGo is fully usable without signing in. Picks, watchlist, and notification preferences live in your browser's localStorage and never leave the device unless you opt into cloud sync.

If you sign in (magic link, Google, or GitHub), we store your email + auth provider id via Supabase Auth, and mirror your picks / watchlist / preferences to a row keyed by your user id. Row-level security means only you can read or write your rows. You can sign out + wipe local data any time via /settings.

• Analyses— the model's output for every match analyzed on the site. Public read. No link to who ran it.
• Odds snapshots — bookmaker prices captured at generate-time. Used for CLV + the line-movement chart. No PII.
• News context — the structured JSON Gemini returns for a match. Cached with a TTL that decays toward kickoff. No PII.
• Rate-limit log — IP + timestamp for each regenerate request, to prevent abuse. 7-day retention; never linked to any other field.
• Share counters — a single integer per kind (pick / parlay) that ticks up once per generated share URL. No IP, no user agent, no payload, no identifiers.
• User tables (only when you sign in) — user_profiles, user_picks, user_watchlist, user_prefs. Every row is keyed by your auth.users id and guarded by row-level security so nobody but you (or the service role used by cron jobs) can read them.

Pick and parlay share URLs (/p/<token>, /pp/<token>) are stateless and self-contained. The URL itself is an HMAC-signed payload — the database has no record of what was shared, by whom, or when. Rotating the server secret invalidates every outstanding share link. Share pages are noindex'd and blocked in robots.txt so they don't leak into search.

Off by default. If you opt in via /settings, the weekly digest cron sends a plain summary (accuracy + top edges) to the email address on your Supabase auth account via Resend. We never use the list for marketing, and every email links to a one-click unsubscribe.

• Supabase — Postgres database + row-level security for public data.
• Google Gemini — news context generation via grounded search. We send match metadata (team names, league, date), not user identifiers.
• The Odds API, football-data.org, balldontlie, API-Football — free tier sports data providers. No user data is sent to them.
• Vercel — hosting. Standard request logs apply.
• Resend — only if you opt into the weekly email digest. Receives your email + the digest HTML at send time.

If you never sign in, there's nothing to delete — clearing your browser storage removes every trace. If you did sign in, you can:

• Export everything via /settings → Backup & restore.
• Delete the account self-serve from /settings → Danger zone, via the Supabase dashboard, or by emailing the contact address below. Deletion cascades to every user_* row via foreign-key on-delete-cascade; nothing is retained.