Last updated: April 27, 2026
RaffleDrop ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect information about you when you use our Platform. This Policy is designed to comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), and TΓΌrkiye's Personal Data Protection Law (KVKK).
The data controller responsible for your personal data is RaffleDrop. For all data-related inquiries, contact us at rafff101@outlook.com.
Account Information: Name, username, email address, date of birth (used for age verification), encrypted password.
Usage Information: Raffles you create or enter, comments, ratings, favorites, notification status.
Payment Information: Bitcoin transaction hashes (TX hash) and sending wallet addresses, for the sole purpose of manual payment verification. We do not collect or store credit card numbers, bank details, or other traditional financial data.
Technical Information: IP address, browser type, device type, cookie identifiers, and approximate location (country level only).
We process your data based on the following lawful bases:
(a) Contract performance β to operate your account, process raffle entries, and verify Bitcoin payments.
(b) Legal obligation β to comply with anti-money-laundering, tax, and consumer protection laws.
(c) Legitimate interest β to maintain Platform security, prevent fraud, and improve the Service.
(d) Consent β for any marketing communications (currently not active; will be requested if introduced).
We do not sell your personal data. We share data only in these limited cases:
β’ Service providers: Supabase Inc. (database and authentication infrastructure, located in the United States with EU data centers).
β’ Legal requirements: when required by law, court order, or to protect rights and safety.
β’ With your explicit consent: for any other sharing not described in this Policy.
Your data may be transferred to and processed in countries outside your residence, including the United States and the European Union. When transferring data internationally, we use Standard Contractual Clauses (SCCs) approved by the European Commission and ensure equivalent levels of data protection.
We retain your personal data for as long as your account is active. After account closure, we retain certain records (transaction history, identity verification) for up to 10 years to comply with legal obligations such as tax law and anti-money-laundering regulations. Other data is deleted within 30 days of account closure.
Subject to applicable law, you have the following rights regarding your personal data:
β’ Right of access β to know what data we hold about you
β’ Right to rectification β to correct inaccurate data
β’ Right to erasure ("right to be forgotten") β to request deletion of your data
β’ Right to restrict processing β to limit how we use your data
β’ Right to data portability β to receive your data in a portable format
β’ Right to object β to processing based on legitimate interest
β’ Right to withdraw consent β at any time, where processing is based on consent
β’ Right to lodge a complaint β with your local data protection authority
For California residents (CCPA): you also have the right to know what personal information is collected, used, shared, or sold; the right to delete personal information; and the right to opt-out of the sale of personal information (note: we do not sell personal information).
To exercise any of these rights, email us at rafff101@outlook.com from your registered email address. We will respond within 30 days.
We implement industry-standard security measures including:
β’ HTTPS encryption for all data transmission
β’ One-way password hashing (bcrypt)
β’ Row-Level Security (RLS) policies in our database
β’ Regular security reviews and updates
However, no method of transmission or storage over the internet is 100% secure. We cannot guarantee absolute security.
For details on our use of cookies, see our Cookie Policy.
The Platform is not directed at individuals under 18 years of age. We do not knowingly collect data from children under 18. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.
We may update this Privacy Policy periodically. Material changes will be communicated via email or in-app notification. Continued use after such changes signifies acceptance.
For privacy-related inquiries: rafff101@outlook.com