Privacy Policy

Effective date: April 24, 2026

Xaslar (“we”, “us”, “our”) operates the Xaslar App and the website at xaslarbet.com (collectively, the “Service”). This Privacy Policy explains what information we collect, how we use it, and the choices you have. We aim for plain English — if anything is unclear, email us at [email protected].

1. Information We Collect

We only collect what we need to run the Service and keep your account secure.

Account information

  • Email address
  • Password (stored only as a salted hash — we never see your actual password)
  • Display name you choose

Authentication and session data

  • JSON Web Tokens (JWT) issued when you sign in, used to keep you logged in
  • Firebase Cloud Messaging (FCM) registration tokens, used only to deliver push notifications you have enabled

Technical data

  • IP address (for rate limiting and fraud prevention)
  • Device and app information: platform (Android, iOS, web), app version, operating system version
  • App usage interactions (for example, which picks screen you opened), used to improve the product

We do not collect your location, contacts, photos, microphone, camera, SMS, call logs, or advertising identifiers.

2. How We Use Your Information

  • Account authentication — creating your account, signing you in, keeping your session valid
  • Delivering picks and content — showing you the sports statistics, predictions and sheets you have access to
  • Push notifications — sending alerts about new picks or account events, if you have opted in
  • Fraud prevention and security — detecting abuse, shared credentials, or suspicious activity
  • Customer support — responding to your emails and troubleshooting issues
  • Product improvement — understanding which features are used so we can improve them

3. Who We Share Data With

We do not sell your personal information. We do not share it with advertisers, data brokers, or analytics companies that profile users across apps.

The only third parties that may receive limited data are payment processors, and only if you choose to subscribe:

  • PayPal — handles payment when you subscribe via PayPal. They receive billing details directly; we only receive a subscription status and transaction reference.
  • NOWPayments — handles cryptocurrency payments if you choose that option. They receive the payment details; we receive confirmation that the payment was completed.

We may also disclose information if required by law (for example, a valid legal request), or to protect the rights, safety, and property of Xaslar or our users.

4. Data Retention

We keep your account data until you delete your account. If an account is inactive for three (3) consecutive years, we may delete it along with associated data. Server logs that include IP addresses are typically retained for a short operational period and then rotated out.

5. Security

We take reasonable steps to protect your information:

  • All traffic between the app and our servers runs over HTTPS (TLS)
  • Passwords are stored as salted hashes — never in plaintext
  • JWT tokens are validated server-side on every request
  • Access to production infrastructure is limited and protected by SSH key authentication

No system is 100% secure, but we work to keep yours safe.

6. Your Rights and Choices

You can:

  • Access the personal data we have about you by emailing [email protected]
  • Correct your email or display name from within the app (Account settings) or by contacting support
  • Delete your account directly in the app via Account → Delete account, or by emailing [email protected]. Deletion removes your profile, credentials, push tokens, and associated data.
  • Opt out of push notifications at any time from your device settings or inside the app

Depending on where you live (for example, California under CCPA, or the EU under GDPR), you may have additional rights. Contact us and we will honor them.

7. Children

The Xaslar App is intended for adults only. You must be at least 18 years old to use the Service. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected data from a minor, we will delete it. If you believe a child has given us data, contact [email protected].

8. Cookies and Local Storage

On the website (xaslarbet.com) we use a minimal number of session cookies required for login. We do not use advertising cookies or cross-site tracking cookies.

The mobile app uses Capacitor Preferences to store your session token locally on your device. This storage is local-only — it is not shared with us or any third party beyond what is described above.

9. International Users

Xaslar is based in Serbia, and our servers are in the United States. If you access the Service from outside the United States, you consent to your data being transferred to and processed in the United States.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of the page. Material changes will be communicated inside the app or by email. Continued use of the Service after changes means you accept the updated policy.

11. Contact Us

Questions, requests, or complaints? Email us at [email protected]. We read every message.

Scroll to Top