Hot Offer
Register on Melbet & get up to 130% Welcome Bonus on your first deposit!
Claim Bonus

Privacy Policy

We are committed to protecting your personal data. This policy explains how we collect, process, store, and safeguard your information.

Melbet Bonus
Sponsored

Privacy & Data Protection Policy

How SlipConverter collects, uses, and protects your personal information

Last Updated: July 7, 2026
We never sell your data SSL encrypted in transit You can delete your account anytime Minimal data collected No banking or payment data stored

Who We Are

Data controller information

SlipConverter (operated by Hashback Solutions) is a bet-slip conversion utility that allows users to transform betting codes between bookmakers. We are the data controller for personal data processed through this platform.

Scope: This policy applies to all users of the SlipConverter website, mobile app integrations, Telegram bot, and any related services. By using our platform you agree to the practices described here.

Data We Collect

What personal information we hold and why

Category Examples Source Required?
Account identifiers Username, email address, password hash You (registration) Yes
Telegram identity Telegram ID, Telegram username, first/last name Telegram OAuth If using Telegram login
Subscription data Plan type, expiry date, transaction reference You (purchase) If subscribing
Usage data Conversion history, slip codes, bookmaker preferences Platform activity Automatic
Technical data IP address, browser type, device, session tokens Automatic Automatic
Communication data Support emails, contact-form messages You Optional

What We Do NOT Collect

  • Banking details, card numbers, or account credentials
  • Bookmaker login credentials
  • Government-issued ID or biometric data
  • Health, racial, or political data

How We Use Your Data

Purposes and legal bases for processing

Purpose Legal Basis Data Used
Provide bet-slip conversion services Contract performance Account info, usage data
Authenticate and secure your account Contract & Legitimate interest Email, password hash, session tokens
Process subscriptions & payments Contract performance Subscription & transaction data
Send OTP & verification emails Contract performance Email, OTP code
Send password-reset emails Contract performance Email, reset token
Prevent fraud & abuse Legitimate interest IP address, usage patterns
Improve platform features Legitimate interest Anonymised usage data
Send service notifications Legitimate interest / Consent Email, Telegram ID
Comply with legal obligations Legal obligation As required by law

Data Processing

How and where your data is processed

Processing Principles

We process personal data in accordance with the following principles:

  • Lawfulness, fairness & transparency — we process data only on a valid legal basis and inform you openly.
  • Purpose limitation — data collected for one purpose is not repurposed without notice or consent.
  • Data minimisation — we collect only what is strictly necessary.
  • Accuracy — we take reasonable steps to keep data accurate and up-to-date.
  • Storage limitation — data is not kept longer than necessary (see Retention section).
  • Integrity & confidentiality — appropriate technical and organisational measures are applied.

Automated Processing

Our platform performs automated processing for:

  • Bet-slip conversion algorithms (matching odds, bookmaker codes)
  • Fraud detection and rate-limiting (based on IP and usage patterns)
  • Email queue processing — OTP codes and password-reset links are generated automatically and dispatched via a scheduled background job
No profiling for marketing: We do not use automated profiling or decision-making that produces legal or similarly significant effects on users.

Email Queue & OTP Processing

When you register or request a password reset, we:

  • Generate a time-limited OTP or token (expires within 10–60 minutes)
  • Queue the email in our internal email_queue table with status tracking
  • Send the email via our SMTP provider (Gmail / G Suite)
  • Purge expired OTPs and tokens automatically

International Transfers

Your data may be processed by sub-processors outside Kenya (e.g., Google SMTP servers). Where transfers occur, we rely on standard contractual clauses or equivalent safeguards to protect your data.

Data Sharing & Third Parties

Who we share your data with and why

We share personal data only in the circumstances below:

Service Providers (Processors)

ProviderPurposeData Shared
Google (Gmail SMTP) Transactional email delivery (OTP, password reset) Email address, message content
Telegram Bot authentication & notifications Telegram ID, username
Paystack / M-Pesa Payment processing Transaction reference (no card data stored by us)

Other Disclosures

  • Legal requirement: We may disclose data to comply with a court order, subpoena, or applicable law.
  • Protection of rights: We may share data to protect the rights, safety, or property of SlipConverter, our users, or the public.
  • Business transfer: If SlipConverter is acquired or merged, user data may transfer as part of that transaction. You will be notified.
We never sell, rent, or trade your personal data to third parties for marketing purposes.

Data Retention & Deletion

How long we keep your data

Data TypeRetention PeriodReason
Account data Until account deletion + 30 days Service delivery
OTP codes 10–60 minutes after generation Security (auto-expired)
Password-reset tokens 1 hour after generation Security (auto-expired)
Email queue records 30 days after sending Audit / troubleshooting
Conversion history Duration of account + 90 days Service history
Transaction logs 7 years Legal & financial compliance
Audit / security logs 12 months Fraud prevention
Support communications 2 years Dispute resolution

When retention periods expire, data is securely deleted or irreversibly anonymised. You may request earlier deletion — see Your Rights below.

Security Measures

How we protect your data

Technical Safeguards

  • All data in transit is encrypted via TLS/SSL (HTTPS enforced)
  • Passwords are stored as hashed values (bcrypt) — never in plain text
  • OTP codes and reset tokens are cryptographically random and time-limited
  • Session tokens are rotated on authentication and stored securely
  • Rate-limiting and brute-force protection on authentication endpoints
  • Database access restricted to application layer; no public DB exposure

Organisational Safeguards

  • Access to production data limited to authorised personnel only
  • Regular review of third-party service provider security practices
  • Incident response plan in place for data breaches

Important

No online platform can guarantee absolute security. If you suspect your account has been compromised, change your password immediately and contact us at support@slipconverter.com.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users within 72 hours of becoming aware of the breach, in line with applicable data protection regulations.

Your Rights

Control over your personal data

Right to Access

Request a copy of the personal data we hold about you.

Right to Rectification

Ask us to correct inaccurate or incomplete data.

Right to Erasure

Request deletion of your data ("right to be forgotten") where no legal obligation requires retention.

Right to Restriction

Ask us to limit how we process your data in certain circumstances.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests, including direct marketing.

Right to Withdraw Consent

Where processing is based on consent, withdraw it at any time without affecting prior processing.

Right to Complain

Lodge a complaint with the relevant data protection authority in your jurisdiction.

To exercise any of these rights, email us at support@slipconverter.com with the subject line "Data Rights Request". We will respond within 30 days. We may need to verify your identity before processing the request.

Cookies & Tracking

Small files that help us deliver the service

Cookie TypePurposeCan Be Disabled?
Essential / Session Keep you logged in, maintain session state, CSRF protection No — required for the site to work
Preference Remember your bookmaker selections and UI preferences Yes
Analytics Understand aggregate usage patterns to improve features Yes
Security Detect suspicious login attempts, rate-limit bots No — required for account security

You can manage cookies via your browser settings. Disabling essential cookies will affect core functionality. For more detail see our full Cookies Policy.

Contact & Data Protection Officer

How to reach us about privacy matters

Governing Law

This policy is governed by the laws of Kenya, including the Kenya Data Protection Act, 2019. Where users are located in other jurisdictions, we also endeavour to comply with applicable regional laws (including GDPR principles for EU residents).

Changes to This Policy

We may update this policy from time to time. We will:

  • Post the updated policy on this page with a revised "Last Updated" date
  • Notify registered users by email of material changes at least 14 days in advance
  • Obtain fresh consent where required by law

Continued use of SlipConverter after a policy update constitutes acceptance of the revised terms.

Privacy Questions?

We're happy to help with any data privacy concerns.

support@slipconverter.com

@slipcodeconverter

Subject line: Data Rights Request — we respond within 30 days.

Melbet Bonus
Sponsored