Introduction

This Data Retention Policy explains how long Best Odds Corp retains personal information collected through our services, including data collected via social sign-in providers (Google, Facebook), and the criteria we use to determine retention periods.

This policy complies with applicable data protection laws and the requirements of third-party authentication providers. For general privacy information, please see our Privacy Policy.

1. Data Retention Principles

We retain personal information only for as long as necessary to:

• Fulfill the purposes for which it was collected
• Provide and maintain our services
• Comply with legal, regulatory, tax, and accounting obligations
• Resolve disputes and enforce our agreements
• Protect against fraudulent, abusive, or illegal activity
• Maintain business records and analytics

When personal information is no longer needed for these purposes, we securely delete or anonymize it in accordance with this policy.

2. Specific Retention Periods

2.1 Account and Profile Information

2.2 Social Sign-In Data (Google, Facebook)

2.3 Transaction and Payment Records

2.4 Project and Service Delivery Data

2.5 Marketing and Communication Data

2.6 Website Analytics and Usage Data

2.7 Customer Support and Communications

2.8 Security and Fraud Prevention Data

2.9 Legal and Compliance Records

3. Data Deletion Procedures

3.1 Automated Deletion

We implement automated systems to identify and delete personal information that has exceeded its retention period. These systems run on a regular schedule and include:

• Monthly reviews of account activity and retention status
• Automated deletion of expired session data and temporary files
• Quarterly purges of marketing data for unsubscribed users
• Annual reviews of archived project data and communications

3.2 User-Requested Deletion

You may request deletion of your personal information at any time by:

• Submitting a deletion request through our contact form
• Emailing us at [email protected]
• Deleting your account through account settings (if applicable)

We will process deletion requests within 30 days, subject to legal retention requirements. Some information may be retained in backup systems for up to 90 additional days.

3.3 Secure Deletion Methods

When deleting personal information, we use secure methods including:

• Permanent deletion from active databases and systems
• Overwriting of deleted data to prevent recovery
• Removal from backup systems within 90 days
• Anonymization of data required for statistical or analytical purposes
• Secure destruction of physical records containing personal information

4. Exceptions to Deletion

We may retain certain personal information beyond the standard retention periods when:

• Legal Obligation: Required by law, regulation, or court order
• Pending Litigation: Subject to ongoing or anticipated legal proceedings
• Fraud Investigation: Involved in active fraud or security investigations
• Debt Collection: Related to outstanding payments or financial obligations
• Contractual Obligation: Required under existing contracts or service agreements
• Legitimate Business Interest: Necessary for compelling business purposes that override deletion requests

In such cases, we will inform you of the reason for extended retention and the expected retention period.

5. Social Sign-In Provider Compliance

5.1 Google Sign-In Compliance

Our data retention practices comply with Google's OAuth 2.0 policies and requirements:

• We only request access to Google user data necessary for authentication and service delivery
• Google OAuth tokens are stored securely and encrypted
• Access tokens are automatically revoked upon account deletion
• We do not share Google user data with third parties except as disclosed in our Privacy Policy
• Users can revoke access at any time through their Google Account settings

5.2 Facebook Login Compliance

Our data retention practices comply with Facebook Platform Policies:

• We only request Facebook permissions necessary for authentication
• Facebook user data is deleted within 90 days of account deletion or access revocation
• We comply with Facebook's data deletion callback requirements
• Users can manage permissions and delete data through Facebook settings
• We provide a data deletion status check endpoint as required by Facebook

5.3 Revoking Social Sign-In Access

You can revoke our access to your social sign-in data at any time:

• Google: Visit Google Account Permissions and remove Best Odds Corp
• Facebook: Visit Facebook Apps and Websites and remove Best Odds Corp
• Our Platform: Delete your account through account settings or contact us directly

6. Data Anonymization

When personal information is no longer needed for its original purpose but has value for statistical, analytical, or research purposes, we may anonymize it. Anonymized data:

• Cannot be used to identify individuals
• Is aggregated with other data to prevent re-identification
• Has all direct and indirect identifiers removed
• May be retained indefinitely for business intelligence and service improvement

Anonymized data is not considered personal information and is not subject to data subject rights or deletion requests.

7. Updates to This Policy

We may update this Data Retention Policy to reflect changes in our practices, legal requirements, or business operations. Material changes will be communicated through:

• Email notification to registered users
• Prominent notice on our website
• Updated "Last updated" date at the top of this policy

Continued use of our services after policy updates constitutes acceptance of the revised retention practices.

8. Contact Us

If you have questions about our data retention practices or wish to request deletion of your personal information, please contact us: