Select Page

Privacy Policy

THIS PRIVACY POLICY IS SUBJECT TO THE TERMS AND CONDITIONS ON THIS WEBSITE AND/OR APPLICATION.
BY CONTINUING TO USE THIS WEBSITE AND/OR APPLICATION, YOU AGREE TO THE TERMS AND CONDITIONS SET OUT IN THIS PRIVACY POLICY. PLEASE NOTE THAT BY SUBMITTING INFORMATION VIA THIS WEBSITE AND/OR APPLICATION, YOU CONSENT TO THE COLLECTION, COLLATION, PROCESSING AND STORING OF SUCH INFORMATION AND THE USE AND DISCLOSURE OF SUCH INFORMATION IN ACCORDANCE WITH THIS PRIVACY POLICY.
WE RECOMMEND THAT YOU READ THIS PRIVACY POLICY TOGETHER WITH OUR TERMS AND CONDITIONS PRIOR TO SUBMITTING INFORMATION TO THIS WEBSITE AND/OR APPLICATION.

1.INTRODUCTION
1.1 This is the Privacy Policy of BLOW THE REF (PTY) LTD (hereinafter referred to as ‘BLOW THE REF’, ‘us’, ‘we’ or ‘our’ as required by the context). In this Privacy Policy we list our policies regarding the collection, use, and disclosure of Personal Information or data when you use our service and the choices you have associated with that data. We use your data to provide and improve our service. By using the service, you agree to the collection and use of information in accordance with this Privacy Policy.
1.2 The provisions as set out in this Privacy Policy are in conjunction with the provisions as set out in the Terms and Conditions of our website and/or application as set out above.

2.DEFINITIONS
2.1 The following words expressions and abbreviations shall have the meaning hereinafter assigned to them:
2.1.1 ‘service’ means the service(s) and/or products provided on our website and/or application as advertised on the website and/or application by email or other marketing campaigns under the same domain operated by the proprietor of this website and/or application;
2.1.2 ‘Personal Information’ means data about a living individual (you) who can be identified from those data (or from those and other information either in our possession or likely to come into our possession), such as your name, contact details, your company details and service history. It may also contain information of your browsing habits on our website and/or application;
2.1.3 ‘Data or Content’ means data collected automatically either generated by the use of service and providing certain information or from the service infrastructure itself which includes Personal Information;
2.1.4 ‘Cookies’ means small pieces of data stored on your device;
2.1.5 ‘Data Controller’ means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and manner in which any personal information are, or are to be, processed.
For the purpose of this Privacy Policy, we are a Data Controller of your Personal Information, Content or Data;
2.1.6 ‘Data Processors or Service Providers’ means any natural or legal person who processes the data on behalf of the data controller. We may use the services of various Service Providers in order to process your data more effectively; and
2.1.7 ‘Data Subject or user’ means any living individual who is using our service and is the subject of Personal Information.

3.CONSENT
3.1 How does BLOW THE REF get your consent?
3.1.1 We obtain your consent when you provide us with Personal Information on our website and/or application.
3.1.2 Further, we obtain your consent if we ask for your Personal Information for a secondary reason (such an example of marketing, promotions etc.). We will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
3.2 How do I withdraw my consent?
3.2.1 If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at demetrius@blowtheref.com or michelle@blowtheref.com

4.AGE OF CONSENT
By using this website and/or application you represent that you are at least the age of majority in your province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this website and/or application. Therefore, you represent that you are at least 18 years of age should you opt for the “pay to play” option and furthermore, are not listed on the register of excluded persons contemplated in section 14 of the National Gambling Act, 2004. Should you opt to play for free, you represent that you are at least 13 years of age.

5.INFORMATION COLLECTION
When you provide us with your personal information as set out in clause 3.1 above, we collect the personal information you give us in order to provide our service to the user.

PERSONAL INFORMATION, DATA AND CONTENT
By using this website and/or application you represent that you are at least the age of majority in your province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this website and/or application.
5.1 While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you.
5.2 Personally identifiable information may include, but is not limited to:
5.2.1 Any identifying number, full names, symbol, e-mail address, physical address, telephone number, cell phone number, location information, online identifier, preferred sports brand, preferred sports, preferred sports teams, banking details, or other particular assignment to you;
5.2.2 Your name if it appears with your other personal information or if your name itself would reveal information about you.
5.3 We may use your Data to make contact with you regarding your profile, research, contact you with our newsletter, announcement emailer or promotional materials and other information that may be of interest to you or us. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us at demetrius@blowtheref.com or michelle@blowtheref.com

DATA THAT WE COLLECT ABOUT YOU
5.4 You may be asked or be required to provide limited personal information in order to enable us to provide certain services to you. We may store this information manually or electronically. We will only use it for purposes for which it was provided, if you have consented to it. Information provided will be kept for as long as necessary to fulfil that purpose.
5.5 Identity and Profile Data: includes your first name, last name, username or similar identifier and password, title, date of birth, gender, purchases or orders made by you, your sports interests, sports preferences, feedback and survey responses.
5.6 Technical Data: includes information about your computer including, where applicable, your IP address, operating system and browser type, for system administration purposes and to report aggregate information to our webmasters. This information reveals nothing personal about you. It is statistical data about our users’ browsing actions and patterns which do not identify individuals and allows us to ensure that content from our website is presented in the most effective manner for you and for your computer.
5.7 Financial Data: includes your bank account details and credit card or other payment method details.
5.8 Transaction Data: includes details about payments made to you and payments made from you, including details of bets placed, games played, and products purchased from us on our website and/or application.
5.9 Usage Data: includes information about how you use our website and/or application, bets placed, games played and products you engaged with.

TRACKING & COOKIES DATA
5.10 We may use cookies and similar tracking technologies to track the activity on our Service and hold certain information.
5.11 Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags and scripts to collect and track information and to improve and analyse our Service to you.
5.12 You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service.
5.13 Our BLOW THE REF application does not use cookies for data collection. Instead, we utilize Google Analytics, which is built-in with Firebase Analytics, to track user behavior and interactions within the application. Firebase Analytics does not store user details or personal information. The analytics focus on understanding user engagement and the application performance.

6.THE PURPOSES FOR USAGE OF YOUR DATA
6.1 We use the collected data for various legal purposes, not limited to the below, and depending on the specific purpose for which we are to use your data:
6.1.1 To deliver the services you have asked for. In other words, to provide and maintain our service;
6.1.2 To register you as a customer and verify your age;
6.1.3 Researching your preferences in order to provide you with a tailored experience;
6.1.4 To notify you about changes to our service;
6.1.5 To allow you to participate in interactive features of our service when you choose to do so;
6.1.6 To provide customer support;
6.1.7 To gather analysis or valuable information so that we can improve our service and provide you with tailored content;
6.1.8 To monitor the usage of our service and prevent fraudulent activity or cheating;
6.1.9 To detect, prevent and address technical issues;
6.1.10 To determine what promotions and bonuses to offer you should you consent to receive our marketing material; and providing you, unless you have opted not to receive such information, with information about our services, and selected third party services, products, competitions, prizes and offers.
6.1.11 To provide you with news, special offers and general information about other products, services and events which we offer that are similar to those that you already used or enquired about unless you have opted not to receive such information;
6.1.12 Demographical and statistical information about user behavior may be collected and used to analyze the popularity and effectiveness of this website and/or application. Any disclosure of this information will be in aggregate form and will not identify individual users;
6.1.13 If you subscribe for data, news, announcements, alerts or any such information to be emailed to you from this website and/or application, we will hold your details on our database until such time as you chose to unsubscribe from this service. You may do this at any stage by selecting the appropriate option in the alerts section of this site.
6.1.14 Personal information will not be sold to third parties, or provided to direct marketing companies or other such organizations without your permission. We may disclose your personal information to third parties if we are under a duty to disclose or share such.

7.RETENTION OF PERSONAL INFORMATION, CONTENT AND DATA

7.1We will retain your personal information, content and data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your data to the extent necessary to provide our service and for research to comply with legal obligations.

7.2We store the information we collect using robust and GDPR-compliant systems to ensure data privacy and security. The storage of different types of data is as follows:

7.2.1 User authentication: User authentication is managed through Firebase Auth, which is a service provided by Google Identity and Access Management (IAM). Firebase Auth is fully GDPR-compliant, providing a secure and reliable authentication system for our users. This service handles user registration, login credentials, and authentication tokens, safeguarding sensitive user information.

7.2.2User data: All user-specific data is stored in Google Firebase Firestore, which is a GDPR-compliant NoSQL database. Firestore offers a secure and scalable solution for storing structured data, ensuring that user information is well-organized and easily accessible for authorized users. To comply with data protection regulations, we strictly control access to user data, limiting it to authenticated users only.

7.2.3GDPR compliance: We have taken significant measures to ensure compliance with the General Data Protection Regulation (GDPR), which sets high standards for data protection and privacy within the European Union (EU). As the GDPR regulations are more stringent, our use of GDPR-compliant services like Firebase Auth and Firestore further strengthens the security and privacy of the data we collect.

7.2.4Data location: All data is stored in Google’s EU-WEST data center, ensuring that it resides within the European Union region and adheres to EU data protection laws. Storing data in the EU-WEST region helps to maintain compliance with the requirements of the GDPR, even if the data is accessed by users from different countries.

7.2.5Data encryption: In addition to the secure storage provided by Firebase Auth and Firestore, data transmission between our PWA and the backend is encrypted using SSL/TLS, ensuring data confidentiality during transit.

7.2.6Data retention: We follow data retention policies that align with the purposes for which the data was collected and the requirements of applicable data protection laws.

8.TRANSFER OF PERSONAL INFORMATION, CONTENT AND DATA
8.1 Your data, may be transferred to, and maintained on, computers located outside of your state, province or country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
8.2 Please note that we may transfer data, to the locations of our third-party service providers’ servers and process it required or necessary.
8.3 Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
8.4 We will take reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

9.DISCLOSURE OF DATA
9.1 For purposes of research, we may disclose your data to relevant institutions for research purposes.
9.2 Legal requirements may require us to disclose your data, however, this is done in good faith and with the belief that such action is necessary to:
9.2.1 To comply with a legal obligation;
9.2.2 To protect and defend the rights or property of the proprietor of this website and application;
9.2.3 To prevent or investigate possible wrongdoing in connection with the service;
9.2.4 To protect the personal safety of users of the service or the public; and
9.2.5 To protect against legal liability.

10.SECURITY OF DATA
10.1 To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. The following are the key security systems and measures we have in place:
10.1.1 Firebase Authentication: Users are required to authenticate using Firebase Auth before accessing any data or functionalities in the application. Only registered users with valid Firebase Auth bearer tokens can access the API endpoints.
10.1.2 Database Access Control: Our Firebase Firestore database is tightly locked down to ensure that only authenticated users can access their relevant data. Data access is limited to users who are part of a specific chat group. Users can only retrieve chat messages they are authorized to access.
10.1.3 Bearer Token Validation: Our API inspects the validity of the bearer token for each request to ensure it is active and belongs to an authenticated user. The API extracts the UID (User ID) from the valid active token and uses it to determine the user’s identity.
10.1.4 Data Encryption at Rest: Firebase automatically encrypts data at rest in Firestore, providing an additional layer of protection for the data stored in the database.
10.1.5 Secure Socket Layer (SSL) Encryption: Communication between the PWA and the Firebase backend is secured using SSL/TLS encryption, ensuring that data transmitted over the network remains confidential and protected from interception.
10.1.6 Limited User Data Exposure: Our system is designed to minimize data exposure by ensuring that users can only access their own data with their respective tokens. Users cannot accidentally access or read other users’ data due to strict access controls and token validation.
10.1.7 Regular Security Audits: We conduct periodic security audits to identify and address potential vulnerabilities in our application. These audits help us stay proactive in addressing security concerns and adhering to the best practices in data protection.
10.1.8 Compliance with Data Protection Regulations: We are fully committed to complying with relevant data protection laws and regulations in South Africa. Our security measures are designed to align with industry standards and best practices in data protection.

11.THIRD-PARTY LINKS
11.1 In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. Our website and/or application may include links to third-party websites, plug-ins and applications. Clicking on the third-party links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
11.2 In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. In light of the aforementioned, if you elect to proceed with a transaction that involved the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
11.3 Once you leave our website and/or application or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website and/or application’s Terms and Conditions.
11.4 Links: when you click on links on our website and/or application, they may direct you away from our website and/or application. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

12.“DO NOT TRACK” SIGNALS
We do not support “Do Not Track” (‘DNT’). DNT is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your web browser.

13.LINKS TO OTHER SITES
13.1 Our service may contain links to other sites that are not operated by us. If you click on a Third-party link, you will be directed to that party’s website and/or application.
13.2 We have no control over and assume no responsibility nor liability for the content, privacy policies or practices of any third party website, application or service.

14.CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Changes and clarification will take effect immediately upon posting on the website and/or application. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

15.APPLICABLE LAWS
This Privacy Policy is governed by the laws of the Republic of South Africa, and you consent to the jurisdiction of the South African courts in respect of any dispute which may arise out of or in connection with the formation, interpretation, substance or application of this Privacy Policy.

16.QUESTIONS AND CONTACT INFORMATION
If you would like to: access, amend, correct or delete any personal information we have about you, register a complaint, or simply want more information, contact our data protection officer at demetrius@blowtheref.com or michelle@blowtheref.com