Privacy on the Paddy Power reader mirror

This document governs personal data processed on this hostname configured in the Paddy Power newsroom style. It is deliberately separate from Flutter’s controller notices for real-money Paddy Power accounts. When you deposit, verify identity, or spin wheels inside a licensed client, that operator’s privacy policy—not ours—controls how verification images, payment metadata and play history are stored. Our mirror hosts articles, navigation, and lightweight feedback channels only.

Categories of information

Technical identifiers arrive automatically: IP addresses, device fingerprints implied by user-agent strings, referrer URLs, timestamps, and coarse location guesses derived from network data. If you write to the footer email, we process your address, message body and routing headers. Optional marketing sign-ups store the email you type and consent timestamps. We avoid collecting passport numbers, full payment credentials, or gambling transaction histories because this site is not built to secure them.

Purposes

Security monitoring uses logs to block abusive traffic patterns. Analytics measures which reader-file topics attract attention so we can rewrite unclear sections. Correspondence handling lets us fix typos, answer privacy questions, and retain proof of good-faith editing if disputes arise. We do not use this dataset to calculate personalised gambling offers; any promotional messaging you see elsewhere originates from other controllers.

Legal bases and marketing

Legitimate interests cover fraud prevention at the CDN layer, uptime monitoring, and aggregated reporting. Consent covers non-essential cookies where our banner asks for it and covers optional newsletters. You may withdraw marketing consent at any time via unsubscribe links or a direct email. Objections to certain analytics may be honoured where they do not undermine our security obligations.

Cookies and local storage

Strictly necessary tokens keep cookie preferences consistent across pages. Measurement scripts may set pseudonymous IDs; reject them through the banner or browser controls if you prefer. Some video or embed providers set their own cookies when you interact with them; their policies apply at that moment.

Processors and onward transfers

Hosting companies, mail transport agents, and analytics subcontractors act on documented instructions. They must notify us of breaches affecting personal data according to contract. If a subprocessor sits outside the UK/EEA, we rely on approved transfer tools. We do not permit independent sale of mailing lists derived from this mirror.

Retention and deletion

Logs roll off on a timetable tuned for incident response—not indefinite archiving. Support-style email may be kept longer when threads include legal threats or regulator correspondence. Newsletter contacts are erased within a reasonable window after unsubscribe unless a narrow legal hold applies.

Your rights and ICO referral

UK readers may exercise GDPR-style rights subject to exceptions. Email the privacy contact in the footer with enough detail to locate your records. We may ask for proof of identity before exporting data. If unsatisfied, you may escalate to the Information Commissioner’s Office. EU visitors may also have local supervisory authorities.

Minors

This mirror assumes an adult audience interested in regulated betting context. We do not market to children and will delete data that appears to belong to minors once alerted.

Changes to this notice

Reader mirrors evolve when templates or vendors change. We will update this text when practices materially shift. Review the policy periodically if you rely on it for compliance decisions; the hostname in your browser bar determines which notice applies.