Privacy Policy
Last updated: June 18, 2026
How KidsPref LLC, operating as Detect The Bet, collects, uses, and protects the personal information of parents, monitored minors, and monitored young adults who use our service.
At a glance. We do not use personal information to train AI models. The Detect The Bet Guardian app collects only what it needs to detect gambling signals. This website collects newsletter, petition, and survey information, and uses standard analytics and advertising technologies (described in “Cookies, tracking & advertising”) to measure and grow this awareness movement.
KidsPref LLC (“KidsPref,” “we,” “us,” or “our”), operating under the trade name “Detect The Bet,” provides this Privacy Policy to explain how we collect, use, disclose, and protect personal information in connection with the Detect The Bet mobile application and the detecthebet.com website (collectively, the “Service”).
This Privacy Policy is incorporated by reference into our Terms of Service. By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree, do not access or use the Service.
1. Contact information
Questions about this Privacy Policy, requests to exercise privacy rights, or notices required by law should be directed to:
KidsPref LLC
Attention: Privacy
alex@detecthebet.com
2. Who uses the Service
Detect The Bet involves three types of users:
A Account-holder parents
Adults 18 years of age or older who are the parent or legal guardian of a minor, or who otherwise have full legal authority to monitor the financial activity of a minor or young adult between the ages of 13 and 22. Account-holder parents create the account, agree to our Terms of Service, and are the contracting party with KidsPref.
B Monitored minors aged 13–17
Minors between the ages of 13 and 17 who are added to the account by their parent or legal guardian. These minors may sign in to the Service, view their own financial activity and signals, and use features designed to support their financial and behavioral education. The parent or legal guardian provides consent on the minor’s behalf to the data practices described in this Privacy Policy. The minor will be shown an age-appropriate notice describing what the Service does with their information.
C Monitored young adults aged 18–22
Individuals 18 or older who are added to an account by a parent or legal guardian. At their first sign-in, these individuals are asked to personally consent to being monitored by the named parent. If they decline, their data is removed from the Service and they cannot access the account.
The Service is not directed to and is not intended for use by anyone under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without verified parental consent meeting the requirements of the Children’s Online Privacy Protection Act (“COPPA”), we will delete that information promptly.
3. Information we collect
3.1 · Information collected from account-holder parents
When you create and use an account, we collect:
- Your full name;
- Your email address;
- Your mobile phone number;
- Authentication credentials (handled by our authentication provider; we do not store passwords in plain text);
- Information you provide about each minor or young adult you add, including their first name, age, pronouns (optional), and mobile phone number;
- Information you submit through feedback, support requests, or communications with us;
- Payment information when you subscribe to paid features (processed by our payment processor; we do not store complete payment card information).
3.2 · Information collected from monitored minors and young adults
When a minor or young adult signs in and uses the Service, we collect:
- Authentication credentials (handled by our authentication provider; we do not store passwords in plain text);
- Their interactions with educational and self-guided features within the Service;
- Records of their consent to monitoring (for monitored young adults aged 18–22);
- Audit records of meaningful actions taken in the app.
3.3 · Information collected through bank account connections
When a bank account is connected through our integration with Plaid Inc. (“Plaid”), we collect, as permitted by the authorization granted at the time of connection:
- Bank and financial institution metadata (institution name, masked account numbers, account type, balances);
- Transaction history dating back up to 24 months, refreshed as new transactions occur;
- Merchant and counterparty information associated with transactions;
- Transaction memos and descriptions provided by the financial institution.
Plaid’s collection and use of information are governed by Plaid’s privacy policy (plaid.com/legal), which is presented at the time the connection is initiated.
3.4 · Information collected automatically
When anyone uses the Service, we automatically collect:
- Device and operating system information (device type, OS version, app version);
- Approximate geographic information derived from IP address (city or region level, not precise location);
- Error events and diagnostic data, with personal information automatically redacted before transmission to our error-monitoring provider;
- Audit records of significant account actions.
We do not use session replay or screen recording technologies. For the cookies, analytics, and advertising technologies used on this website — including the Meta (Facebook) Pixel, the Reddit Pixel, and Vercel Analytics — see “Cookies, tracking & advertising” below and “Your Privacy Choices” in Section 9.
3.5 · Information we do not collect
We do not collect: precise geolocation; biometric identifiers (except as used locally on your device for authentication, which is not transmitted to us); content of your communications with people outside the Service; information from sources other than those described above.
3.6 · Information we collect through this website
Separately from the Detect The Bet Guardian app — and whether or not you ever create an app account — we collect information when you interact with the detecthebet.com website:
- Newsletter: the email address (and any name) you provide when you subscribe to updates;
- Petition: the name, email address, and any state/ZIP code you provide when you sign a petition or take an advocacy action;
- Surveys and parent check-ins: the responses you submit to surveys, polls, quizzes, or check-in prompts;
- Stories and messages: anything you choose to submit through a story-sharing or contact form;
- Collected automatically: IP address, approximate (city/region) location derived from it, device and browser information, pages viewed, referring links, UTM/campaign tags, and actions taken on the site (such as subscribing or signing a petition).
3.7 · Cookies, tracking & advertising
We use cookies and similar technologies on this website for (1) essential site functionality, (2) analytics, and (3) advertising and measurement. The analytics and advertising technologies we use include:
| Technology | Purpose | More information |
|---|---|---|
| Meta (Facebook) Pixel | Measure and target advertising, including retargeting and lookalike audiences | facebook.com/privacy/policy |
| Reddit Pixel | Measure and target advertising on Reddit | reddit.com/policies/privacy-policy |
| Vercel Analytics | Aggregate website analytics (traffic and performance) | vercel.com/legal/privacy-policy |
| Resend | Newsletter and email delivery, including open/click measurement | resend.com/legal/privacy-policy |
These technologies may set cookies and share information — such as device identifiers, IP address, pages viewed, and actions like newsletter signups or petition signatures — with Meta and Reddit to measure and target advertising, including retargeting and building lookalike audiences. You can control non-essential cookies through your browser settings and through the choices described in “Your Privacy Choices” (Section 9).
4. How we use information
We use the information we collect to:
- Provide the Service, including running our detection algorithm on transaction data to identify patterns that may indicate gambling activity;
- Surface signals to the account-holder parent regarding patterns identified by the algorithm;
- Provide monitored minors and young adults with their own view of their financial activity and educational features designed to support financial and behavioral awareness;
- Send notifications about activity flagged by our detection algorithm;
- Send transactional communications related to accounts (verifications, password resets, account changes, and similar);
- Provide customer support and respond to inquiries;
- Process payments and manage subscriptions when applicable;
- Detect, investigate, and prevent fraud, abuse, security incidents, and violations of our Terms of Service;
- Comply with legal obligations, respond to legal process, and enforce our Terms of Service;
- Improve, debug, and maintain the Service through aggregated and de-identified analysis of usage and errors;
- Communicate about material changes to the Service or to this Privacy Policy.
- Send our newsletter, advocacy updates, and related communications to people who subscribe through this website;
- Record petition and advocacy-action signatures and relay them, in aggregate or as submitted, to relevant policymakers and to support the campaign;
- Operate, secure, measure, and improve this website;
- Measure, attribute, and target advertising for this awareness campaign — including retargeting and lookalike audiences through the Meta and Reddit Pixels — and understand which channels bring people to the movement.
We do not use personal information to train artificial intelligence models.
5. Detection algorithm and AI processing
Our detection algorithm uses a combination of rule-based logic and large language model analysis to identify patterns in transaction data that may indicate gambling activity. For certain transactions, we send sanitized transaction summaries (without directly identifying information about the family or the individual) to Anthropic, PBC (“Anthropic”) for analysis using their Claude API.
Anthropic’s standard API policy provides that data submitted is retained for up to thirty (30) days. We are in the process of obtaining enrollment in Anthropic’s Zero Data Retention tier, after which Anthropic will not retain data from our requests. We will update this Privacy Policy when that enrollment is complete.
The detection algorithm provides informational signals only. The Service does not provide, and is not a substitute for, professional medical, psychological, addiction counseling, legal, financial, or other professional advice. Signals are not diagnoses. Decisions about how to respond to signals, including any conversation with a monitored individual, any medical or psychological evaluation, or any modification of access to financial accounts, are entirely the responsibility of the account-holder parent.
6. How we share information
We share information only as described below:
6.1 · Within the family account
Information collected through the Service is shared between the account-holder parent and the monitored minor or young adult to the extent appropriate to their respective roles. Account-holder parents can see their monitored individuals’ financial activity, signals, and account information. Monitored individuals can see their own financial activity, signals associated with their accounts, and educational content provided through the Service.
6.2 · Service providers
We engage trusted third-party vendors to operate the Service. Each vendor processes information only on our behalf, only for the purposes we direct, and is bound by a data processing agreement.
| Vendor | Purpose | Categories of data processed |
|---|---|---|
| Supabase, Inc. | Database, authentication, server infrastructure | All categories of personal information |
| Plaid Inc. | Bank account connections and transaction data retrieval | Bank credentials, transaction data |
| Anthropic, PBC | AI analysis of transaction patterns via Claude API | Sanitized transaction summaries (no direct identifiers) |
| Resend, Inc. | Transactional email delivery | Email addresses and message contents |
| Twilio Inc. | SMS delivery for verification and invitations | Mobile phone numbers and message contents |
| Sentry | Error monitoring | Error events with PII redacted; IPs not stored |
| Vercel Inc. | Hosting of detectthebet.com | Standard web server logs |
| Apple Inc. | App distribution; push notifications | Info to Apple and APNs device identifiers |
| Stripe, Inc. | Payment processing | Payment card and billing information |
6.3 · Legal compliance and protection
We may disclose information when we believe in good faith that disclosure is necessary to:
- Comply with applicable law, legal process, court order, governmental request, or regulatory requirement;
- Enforce our Terms of Service, including investigation of potential violations;
- Detect, prevent, or otherwise address fraud, security, or technical issues;
- Protect the rights, property, or safety of KidsPref, our users, or others;
- Respond to claims that any content violates the rights of third parties.
6.4 · Business transfers
If KidsPref is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or any portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any material changes to how your information is handled.
6.5 · With consent
We may share information with third parties for purposes not described above with the explicit consent of the account-holder parent (and the monitored individual, where applicable).
7. Data retention
We retain personal information for the periods described below, subject to longer retention where required by law or for legitimate business purposes such as security, fraud prevention, or dispute resolution.
| Category | Retention period |
|---|---|
| Account information (name, email, phone) | While account is active; deleted within 30 days of account deletion |
| Bank transaction data | Up to 90 days; older transactions automatically deleted |
| Detection signals and analyses | While account is active; deleted upon account deletion |
| Audit records | While active; records for deleted accounts retained up to 90 days, then deleted |
| Invitations to minors and young adults | Up to 30 days after invitation expiration or redemption |
| Operational cost records | While active; after deletion, retained without personal identifiers |
| Error events | Up to 90 days; PII redacted before transmission |
| Rate limiting records | Up to 30 days |
| Bank account access credentials | Encrypted while active; revoked on account deletion or removal |
| Consent records | While account is active; deletion matches the underlying account record |
Following account deletion, we may retain certain records as required for legal, regulatory, accounting, or security purposes, including records of the deletion itself, but these records do not include directly identifying information about the family.
8. Your rights and choices
Account-holder parents and monitored individuals 18 or older may exercise the following rights with respect to their own personal information. For monitored minors aged 13–17, rights are exercised by the parent or legal guardian on the minor’s behalf, except where applicable law gives the minor a separate right of access.
8.1 · Access, correction, deletion, and portability
You may exercise the following rights at any time:
- Access: Request a copy of personal information we hold about you;
- Correction: Request that we correct inaccurate or incomplete personal information;
- Deletion: Account-holder parents may delete the family account through Settings → Delete account. Monitored individuals may request that the parent remove them from the account, or, where applicable law provides an independent right, may contact us directly to request deletion of their own information;
- Portability: Request a copy of personal information in a structured, machine-readable format.
To exercise any of these rights, use the in-app controls where available, or contact us at alex@detecthebet.com. We will respond within thirty (30) days of receiving a verifiable request, with extensions where permitted by law.
8.2 · Remove a monitored individual
The account-holder parent may remove any monitored individual from the account at any time through Settings → Family members → Remove. Removal revokes the individual’s bank connection at the financial institution. Records associated with the removed individual are retained in a deactivated state to preserve historical signal information and audit logs.
8.3 · Withdrawal of consent by monitored young adults aged 18–22
A monitored young adult aged 18–22 who has previously consented to monitoring may withdraw that consent at any time by contacting us at alex@detecthebet.com or by using in-app controls when available. Upon withdrawal of consent, the individual will be removed from the account and their bank connection revoked. The account-holder parent will be notified of the removal.
8.4 · Communication preferences
You may opt out of non-transactional communications at any time using the unsubscribe link in our emails or by contacting us. We will continue to send transactional communications necessary to operate the Service.
8.5 · Sign out remotely
You may invalidate all of your active sessions across devices using Settings → Sign out → Sign out on all devices.
9. State-specific privacy rights
9.1 · California Consumer Privacy Act
California residents have the rights described in Section 8 above. In addition, California residents have:
- The right to know the categories and specific pieces of personal information we have collected;
- The right to know the categories of sources from which personal information is collected;
- The right to know the business or commercial purpose for collecting personal information;
- The right to know the categories of third parties with whom we share personal information;
- The right to non-discrimination for exercising any of these rights;
- The right to opt out of the “sale” or “sharing” of personal information for cross-context behavioral advertising.
To exercise California rights, contact alex@detecthebet.com. You may also designate an authorized agent to make a request on your behalf, subject to verification.
9.2 · Other state privacy laws
If you reside in Colorado, Connecticut, Delaware, Iowa, Indiana, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, or another state with comprehensive privacy legislation that grants you rights, you may exercise those rights by contacting us at alex@detecthebet.com. Specific rights vary by state but generally include rights to access, correct, delete, and obtain a portable copy of personal information, and rights to opt out of targeted advertising, the sale or sharing of personal data, and certain forms of profiling.
If we deny your request, you may appeal by replying to our denial with the basis for your appeal. We will respond to appeals within the period required by your state’s law.
9.3 · Your Privacy Choices — Do Not Sell or Share My Personal Information
We do not sell your personal information for money. However, our use of advertising technologies such as the Meta and Reddit Pixels (described in Section 3.7) may constitute “sharing” or “targeted advertising” under U.S. state privacy laws, including the California Consumer Privacy Act as amended by the CPRA. You may opt out of this sharing and targeted advertising at any time by any of the following:
- Using the “Your Privacy Choices / Do Not Sell or Share My Personal Information” link in our website footer, which brings you to this section;
- Enabling a Global Privacy Control (GPC) signal in your browser, which we treat as a valid opt-out request for the browser that sends it;
- Emailing alex@detecthebet.com with the subject line “Privacy Opt-Out.”
We will not discriminate against you for exercising any of these rights. You may also designate an authorized agent to submit an opt-out request on your behalf, subject to verification.
Sensitive information. We do not sell or share sensitive personal information for cross-context behavioral advertising. Because our content concerns gambling-related behavior, we treat related inferences with heightened care and do not knowingly use them to target advertising to identified individuals.
10. Children’s privacy
The Service is not directed to children under 13. We do not knowingly collect personal information from anyone under 13.
For monitored minors between the ages of 13 and 17, the account-holder parent who creates the account is the contracting party with KidsPref and is responsible for the minor’s use of the Service. The parent represents and warrants that they have authority to consent on the minor’s behalf to the collection and processing of information described in this Privacy Policy, and that they will inform the minor that their financial activity is monitored through the Service to the extent appropriate to the minor’s age and developmental capacity.
For monitored young adults between the ages of 18 and 22, the individual personally consents to monitoring at first sign-in. The individual may withdraw consent at any time as described in Section 8.3.
If you are a parent or guardian and you believe your minor child under 13 has provided us with personal information, please contact us at alex@detecthebet.com so we can delete the information.
11. Data security
We implement reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of bank credentials in a secure vault;
- Encryption of data in transit using industry-standard protocols;
- Row-level security to isolate each family’s data from other families;
- Audit logging of significant account actions;
- Rate limiting on backend services;
- Automated redaction of personal information from error reports;
- Cryptographic verification of webhooks from third-party services;
- Regular review of access controls and security configurations.
No method of transmission or storage is completely secure. While we strive to use reasonable means to protect personal information, we cannot guarantee absolute security. In the event of a data breach affecting personal information, we will notify affected individuals and applicable regulators as required by law.
12. International users
The Service is operated from the United States. Personal information is collected and processed in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, which may not provide the same level of data protection as your country of residence.
The Service is currently intended for use by individuals in the United States. The Service is not designed for compliance with non-U.S. data protection laws such as the European Union’s General Data Protection Regulation. If you are located outside the United States, do not use the Service.
13. Third-party services and links
The Service may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third party before providing information to them.
14. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top. If we make material changes, we will provide notice through the Service, by email, or by other reasonable means before the changes take effect. Continued use of the Service after the effective date of any update constitutes acceptance of the updated Privacy Policy.
15. Limitation of liability
The disclaimers and limitations of liability set forth in our Terms of Service apply to and are incorporated by reference into this Privacy Policy.
Questions about this policy?
Privacy questions, requests to access or delete information, and legal notices can be sent to alex@detecthebet.com. We respond within 30 days of a verifiable request.“No panic. No blame. No shame. Just clarity.”
Effective June 18, 2026 · Last updated June 18, 2026 · Version 1.1
© 2026 KidsPref LLC