BigBoard

Privacy Policy

Effective Date: March 22, 2026

1. Information We Collect

BIG BOARD LIVE LLC ("we," "us") collects information to provide a secure and personalized dashboard experience.

Account Information

  • Email address: Used for passwordless authentication via one-time codes.
  • Venue details: Name and location used for dashboard branding and regional sports data.

Billing Information

  • Payment data: Payment card details, billing name, and billing address are collected and processed by our payment provider, Paddle.com Market Limited ("Paddle"). We do not store your full payment card information on our servers. Paddle acts as the Merchant of Record and is subject to their own Privacy Policy.
  • Subscription identifiers: We store a Paddle customer ID and subscription ID linked to your account to manage your plan status.

Technical Data

  • Hashed Identifiers: We use SHA-256 hashing on IP addresses and device fingerprints. Under the NJDPA, while this is "de-identified," we treat the collection process with high-security standards to prevent re-identification.
  • Usage Data: Logins and settings changes are recorded for security audits.
  • Error Reports: We use Sentry, a third-party error-tracking service, to capture application errors and performance data. These reports may include technical context such as browser type, operating system, and the page URL where the error occurred. They do not intentionally capture personal information.

2. Your Rights & Opt-Outs

Under New Jersey law, you have specific rights regarding your data. You may exercise these by emailing [email protected]. We will respond to verifiable requests within 45 days:

  • Right to Opt-Out: You have the right to opt-out of the "sale" of your data or its use for targeted advertising. Note: BigBoard does not currently sell user data or run third-party ads.
  • Right to Access & Portability: You can request a machine-readable copy of your account data.
  • Right to Correction: You can fix any inaccuracies in your venue or account profile.
  • Right to Deletion: You can request the permanent removal of your account and all associated uploaded media.

3. How We Use Data

  • Authentication: We use "Passwordless" login. We never see or store a password for your account.
  • Verification: Hashed IPs ensure poll integrity (one vote per person) without storing your actual network address.
  • Billing: To process payments, manage subscriptions, and communicate billing-related notices.
  • Service Communications: To send transactional emails including login codes, subscription confirmations, and expiration notices.

4. Data Retention

We retain your data for the following periods:

  • Account data (email, venue details, settings): Retained for as long as your account is active. Deleted within 30 days of an account deletion request.
  • Audit & security logs (login events, settings changes): Retained for up to 12 months, then permanently deleted.
  • Hashed identifiers (IP hashes, device fingerprints): Retained for up to 90 days for poll integrity, then permanently deleted.
  • Uploaded media: Deleted within 30 days of an account deletion request or when you remove the file, whichever comes first.
  • Billing records: Retained as required by applicable tax and financial regulations (typically 7 years).

5. Third-Party Processors

We use the following secure partners to run the Service:

  • Paddle: Payment processing and subscription management (Merchant of Record). Receives billing information including name, email, and payment card details.
  • The Odds API: Sports data provider (No PII shared).
  • Resend: Secure transactional email delivery for login codes and billing notices. Receives your email address.
  • Render: Cloud infrastructure and database hosting.
  • Sentry: Application error monitoring and performance tracking (No PII intentionally shared).

6. Cookies & Tracking

We use "Strictly Necessary" cookies for session management (expiring in 24 hours). We do not use cross-site tracking, "Dark Patterns" to manipulate consent, or third-party marketing pixels.

7. Data Security

All data is encrypted in transit via HTTPS. We implement rate-limiting and input sanitization to protect your venue’s dashboard from unauthorized access.

8. Data Breach Notification

In the event of a security breach that compromises your personal information, we will notify affected users by email within 72 hours of confirming the breach, in accordance with New Jersey law. The notification will include the nature of the breach, the types of data affected, and the steps we are taking to address it.

9. Children’s Privacy

This Service is strictly for commercial use by individuals 18+. We do not knowingly collect data from minors. If we learn that we have collected personal information from a minor, we will take steps to delete that information promptly.

10. Governing Law

This policy is governed by the laws of the State of New Jersey. For residents of other states, we strive to meet the highest common denominator of US privacy protections (including CCPA/CPRA standards).

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice within the Service at least 14 days before the changes take effect. The "Effective Date" at the top of this page will be updated accordingly. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.

12. Contact

BIG BOARD LIVE LLC
464 Communipaw Avenue, Jersey City, NJ 07304
[email protected]

Terms of Service Back to Home
© 2026 BIG BOARD