Read How We Handle Reader Data, Cookies, and Tracking

A plain-language description of every data flow on this site, from cookies and analytics to affiliate redirects and the contact form.

This policy covers how Offshore Betting World collects, processes, stores, and shares personal data. It applies to every page on this domain and to the supporting subsystems (contact form, redirect handler, analytics). It does not cover the privacy practices of third-party operators reached through outbound links; those operators publish their own policies on their own sites.

Data Controller

The data controller for personal data processed through this website is the editorial entity operating Offshore Betting World, contactable at the addresses listed in the final section of this policy. The controller decides the purposes and means of processing described below.

What We Collect

The site runs on a stack engineered to minimise data collection. Most readers can browse the entire library without any personal information being recorded against an identifier. Two categories of data are nonetheless collected.

The first category is technical data automatically transmitted by every web client (IP address, user agent string, requested URL, referring URL, response status, byte count, timestamp). This information is recorded by the web server and used for service operation, security, and aggregate statistics.

The second category is data the reader voluntarily submits, primarily through the contact form (name, email, subject, message). No account creation, payment, or KYC step is involved on this site, so no identity documents, financial details, or biometric data are processed.

Cookies and Local Storage

Offshore Betting World uses one cookie and one localStorage key. The cookie banner records the reader's acknowledgement so that the banner is not shown again on the same browser. The cookie has a thirteen-month lifetime, the longest period generally compatible with European guidance on consent renewal. No third-party advertising cookies, fingerprinting scripts, or behavioural trackers are loaded by this site.

Readers can clear the cookie and localStorage entry at any time through their browser settings; the only consequence is that the banner reappears on the next visit.

Analytics and Server Logs

The server keeps standard access logs for thirty days as a security and operations requirement (incident investigation, abuse detection, capacity planning). These logs include the technical data described above. They are stored on the same server that hosts the site and are not exported to third-party analytics platforms.

If, at a future date, an analytics tool is added, this policy will be updated to describe the tool, the data captured, the legal basis, and the opt-out path. As of the current revision, no client-side analytics beacon is loaded.

Affiliate Redirects

Outbound links to commercial partners pass through internal redirect endpoints under /go/. The redirect handler reads the requested partner slug, sets a noindex header for crawlers, and forwards the browser to the partner site through a meta refresh. The redirect script does not log per-user identifiers and does not append tracking parameters that would identify the reader. Once the browser arrives on the partner site, that operator's privacy policy applies; cookies, analytics, and identifiers placed by the operator are governed by the operator, not by this site.

The reader is free to copy partner brand names into a search engine and reach the operator without going through the redirect, in which case no record of the click is made on this site.

Contact Form Data

The contact form transmits the submitted fields (name, email, subject, message) plus a CSRF token and a honeypot field used to filter automated submissions. Messages are routed to the editorial mailbox and retained as long as the conversation is active, plus a short archival period for audit purposes.

Sensitive content (financial details, identity numbers, medical or legal data) should not be submitted through the form. The editorial address accepts PGP-encrypted email for readers who prefer that channel.

Under the General Data Protection Regulation, the legal bases relied upon are: legitimate interest for server logs, fraud prevention, and basic site operation; consent for the cookie banner acknowledgement; and contract performance (or pre-contract steps) for messages exchanged through the contact form. Where a reader resides in a jurisdiction with stricter rules, the higher standard applies.

Sharing With Third Parties

Personal data is not sold, rented, or licensed to third parties. Limited sharing occurs in three situations only: with the hosting provider, which processes server logs as a processor on behalf of the controller; with the email provider that delivers replies to the contact form; and with public authorities when a binding legal request is received. In the latter case, the request is reviewed for scope and validity before any data is disclosed.

Retention Periods

Server access logs are retained for thirty days. Cookie acknowledgement is stored for thirteen months on the reader's device. Contact-form messages are kept for the duration of the active conversation and an additional twenty-four months for archival; on request, individual conversations are deleted earlier. Aggregate statistics (page-view counts, broad geographic regions) may be kept indefinitely as they no longer identify any individual.

Your Rights

Readers covered by GDPR and similar regimes have the rights of access, rectification, erasure, restriction, portability, and objection. These rights can be exercised by writing to the editorial mailbox (see the final section). A response is provided within thirty days; identity verification may be requested when the data subject is not obvious from the message.

Readers also have the right to lodge a complaint with the supervisory authority of their place of residence if they believe that processing on this site infringes their rights.

Security Measures

The site is served over HTTPS with modern TLS only. Security headers (Content-Security-Policy, X-Content-Type-Options, Referrer-Policy, Permissions-Policy) are applied at the server level. Form inputs are sanitised, and CSRF tokens are required on every state-changing request. Access to the back-end is restricted to keypair-authenticated administrators; passwords are not used for shell access.

Minors

This site is intended for adults of legal gambling age in their jurisdiction. The content is not directed at minors, and no data is knowingly collected from anyone under eighteen. If a minor's data is submitted by error, it will be deleted on receipt of a notice to the editorial mailbox.

Policy Changes

This policy may be updated to reflect changes in processing, legal requirements, or site architecture. Material changes are announced on the site for a reasonable period before they take effect. The current revision is the authoritative version; older revisions are kept internally for reference and can be supplied on request.

How to Reach Us

For privacy questions, data-subject requests, or complaints, write to [email protected]. The contact page provides additional channels (partnerships, press) for non-privacy enquiries.