Lotto Poolers

Privacy Policy

Last updated: October 8, 2025

Lotto Poolers ("we", "us", "our") provides tools to help people manage private lottery pools. We are not a lottery operator and do not sell lottery tickets. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (the "Service"). For questions or requests, contact privacy@lottopoolers.com.

Key Points

  • We practice data minimization and privacy-first design.
  • We do not sell your personal information.
  • We use vetted service providers under contractual safeguards.
  • We are not responsible for pool member conduct or outcomes.

Data We Don't Collect

We do not collect:

  • Government-issued IDs (SSN, driver's license, passport)
  • Financial account credentials or full payment card numbers
  • Biometric identifiers (fingerprints, facial scans)
  • Precise geolocation data
  • Health or medical information

Information We Collect

  • Account Information: basic identifiers such as username, user ID, and authentication metadata handled by our auth provider. We avoid storing unnecessary personal data.
  • Pool and Activity Data: pool names, roles, invitations, contribution records, agreements acknowledged, and audit timestamps.
  • Uploaded Content: ticket photos and related images you provide. We remove EXIF where feasible to protect privacy.
  • Device and Usage Data: logs, IP address, browser info, and pages viewed to maintain security and improve the Service.
  • Cookies and Similar Technologies: see our Cookie Policy for details and controls.

Data Sharing Within Pools

Pool functionality requires sharing certain information with other pool members. When you create or join a pool, you consent to disclosure of:

  • Display name/username and pool role
  • Contribution settings and amounts you record in the pool
  • Activity signals (e.g., invitations sent/accepted, timestamps)
  • Ticket photos and notes that you choose to upload

Pool organizers may have additional visibility and controls (e.g., the ability to invite members, view contribution summaries, and manage tickets/agreements). Do not share information in a pool that you are not comfortable disclosing to other members.

How We Use Information

  • Provide, maintain, and secure the Service
  • Enable pool management features and recordkeeping
  • Detect, prevent, and investigate fraud or misuse
  • Communicate service updates and transactional notices
  • Improve functionality, performance, and user experience
  • Maintain audit trails and activity logs for operational purposes, security, and abuse prevention (not as a recordkeeping service to you)

Payments and Contributions

Pool Contributions: Lotto Poolers does not handle, process, transmit, or have access to any money exchanged between pool members. We never see or store payment information for pool contributions. Contribution amounts recorded in the Service are informational entries you manually input and reflect off-platform transfers you arrange directly with other pool members (e.g., cash, Venmo, Zelle). We are not a payment processor or money transmitter for pool contributions.

Platform Subscriptions: Platform subscription billing (for premium features) may be handled by our authentication/billing provider and its payment partners. We do not store full payment card numbers for platform billing. Please review the applicable provider's privacy notices for details about payment data processing.

Automated Tools and Accuracy Disclaimer

We offer optional automated features, including but not limited to winning number lookups, historical data displays, automated ticket checking, AI ticket scanning, and smart-pick number generation. These features may be experimental or rely on third-party sources and are provided "as is" without any guarantees. We do not warrant the accuracy, completeness, or timeliness of any results. You are solely responsible for verifying winning numbers and ticket outcomes with official lottery sources.

Third-Party Services and Data Sharing

We use the following categories of service providers (examples may be updated):

  • Authentication and Account Management: (e.g., auth provider)
  • Hosting and Infrastructure: Supabase, (e.g., Vercel/AWS)
  • Email Delivery: (e.g., transactional email provider)
  • Analytics: (e.g., privacy-focused analytics / Google Analytics if used)
  • AI Processing: (e.g., AI vendor for ticket scanning)
  • Payment Processing (subscriptions): (e.g., payment processor for platform billing)

These providers may access limited data necessary to perform their services and operate under contractual data protection obligations. For AI ticket scanning or other automated features, images or extracted text you submit may be transmitted to an AI vendor for processing. We share only what is necessary to perform the requested function and require appropriate safeguards.

Legal Basis

Where applicable, we process data based on your consent, our legitimate interests in providing and improving the Service, and the necessity to perform a contract with you. You may withdraw consent at any time where consent is the basis.

Sharing and Disclosure

  • Service Providers: processing data on our behalf
  • Compliance and Safety: to comply with laws, enforce agreements, and protect rights, property, and safety
  • Business Transfers: in a merger, acquisition, or asset sale, data may be transferred consistent with this Policy

Cookies and Similar Technologies

Cookies and similar technologies help us operate and improve the Service as detailed in our Cookie Policy. You can control certain cookie settings through your browser or (where implemented) our cookie preference center.

Dispute Resolution and Records

We maintain audit timestamps and activity logs for operational purposes. These records may incidentally assist users in resolving disputes, but we make no guarantee about their availability, accuracy, or suitability for any purpose. We are not a party to pool agreements, do not mediate disputes, and are not responsible for providing evidence in disputes. Records are retained as described below and may change without notice.

Data Retention

We retain data for operational purposes and to meet legal obligations. We are not a recordkeeping or archival service. Any retention practices may change at any time and are not guaranteed. Pool-related content (including pool records, uploaded ticket photos, comments/notes, invitations, and activity/audit logs) is generally retained within plan-aligned windows and may also be retained longer (or deleted earlier) at our discretion:

  • Free: 30 days (typical target, not guaranteed)
  • Premium: 90 days (typical target, not guaranteed)
  • Pro: 180 days (typical target, not guaranteed)

Photo Storage: Ticket photos and uploaded images may be deleted or archived to lower-cost storage sooner than other pool records. High-resolution photos are typically retained for approximately 1 year after upload, after which they may be compressed, archived to slower storage, or deleted. d pool records (member lists, contribution amounts, dates, notes) may be retained longer at our discretion.

We may in some cases retain certain pool records for approximately up to 3 years for active accounts (e.g., for abuse prevention, fraud analysis, or system integrity), but this practice is discretionary and may change without notice. After account termination, retention of remaining records varies by plan and operational needs (see the Terms of Service, Section 4A and Section 12).

Inactive Accounts: Accounts inactive for extended periods (typically 2+ years) may have data archived or deleted earlier than the typical windows above, with or without notice.

No Reliance: You should export and maintain your own independent records. Do not rely on the Service as your sole source of pool participation, contribution, or ticket documentation.

After a retention window (or earlier at our discretion), we may permanently delete or anonymize data, except where we retain specific records for security, fraud prevention, dispute handling, or legal obligations (including legal holds). Non-pool records (e.g., account identifiers, billing records, and system logs) may be retained longer for compliance and legitimate business purposes.

Export Responsibility: We may provide export tools as a convenience; exports are not guaranteed to be comprehensive, accurate, or available at a future time. Exports may not include all historical data, deleted content, or system metadata. Large files (such as high-resolution photos) may be compressed or excluded from automated exports. You should export data regularly while it is still available in the Service. You are solely responsible for preserving records you may need for tax, legal, or evidentiary purposes.

Data Deletion Requests

To request deletion, email privacy@lottopoolers.com from the email associated with your account or use in-product request tools where available. We will verify your identity and respond within 30 days (or the timeframe required by applicable law). Certain data may be retained where required for security, fraud prevention, dispute resolution, or legal obligations.

Shared Pool Data: If you participated in pools with other users, your participation records may remain associated with those pools for other members' use, but will be disassociated from your personal account and may be anonymized. We cannot delete records from pools where other members may have legitimate need to maintain contribution or participation history.

Security

  • Encryption in transit (TLS) and at rest for stored data
  • Role-based access controls and least-privilege practices
  • Row-level security and audit logging where applicable
  • Regular reviews and vulnerability mitigation
  • Incident response procedures and breach notification protocols
  • Third-party security assessments where appropriate

No system is completely secure; we cannot guarantee absolute security.

Your Rights

Depending on your location, you may have rights to access, correct, delete, or port your data, and to object or restrict certain processing. To exercise rights, contact us using the details below.

US State Privacy Disclosures (e.g., CA, VA, CO, CT, NV)

  • Right to Know/Access, Correct, Delete, and Port: You may request a copy of your data, corrections, deletion, or a portable copy.
  • Opt-Outs: We do not sell personal information. If we use targeted advertising or share limited identifiers with providers, you may request opt-outs via privacy@lottopoolers.com.
  • Authorized Agents: You may use an authorized agent where allowed by law, subject to verification.
  • Non-Discrimination: We will not discriminate for exercising your rights.

International Transfers

Your data may be processed in the United States and other countries. Where required (e.g., under GDPR), we rely on appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses (SCCs) with our service providers, and implement additional measures where appropriate to protect your information.

Governing Law

This Policy is governed by the laws of the State of Delaware, without regard to conflict of law principles, as further described in our Terms of Service.

Contact

For privacy questions or requests, contact: privacy@lottopoolers.com

Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated date. Your continued use of the Service constitutes acceptance of the revised Policy.