Privacy Policy | The Cover

The Cover (“we”, “us”) operates thecover.bet and a small set of subdomains used for editorial and admin work. This policy explains what data we collect, how we use it, and the choices you have. We try to keep it short and human-readable.

What we collect

We collect only what we need to run the site:

Newsletter sign-ups. If you subscribe, we store your email address and basic engagement metadata (when you confirmed, when we last emailed you, opens/clicks if tracked). Unsubscribe at any time using the link in any email we send.
Push notification subscriptions. If you enable browser push notifications, your browser gives us an endpoint URL and a pair of cryptographic keys. We store those so we can deliver notifications. We don’t learn your name, email, or location from this.
Comments. If you leave a comment, we store the text, the display name and email you provided, and a session identifier. Email isn’t shown publicly.
Editorial accounts. Writers and editors have accounts with name, email, password hash, role, bio, and social handles. Most of that is shown publicly on author pages.
Server logs. Our servers record IP addresses, user agents, requested URLs, and timestamps for the standard reasons (security, abuse prevention, debugging). These rotate and are not used for advertising.

We do not sell personal data. We do not run third-party advertising trackers on the site.

Cookies and similar tech

Authentication cookie (payload-token): set when an editor logs in to the admin panel. Scoped to .thecover.bet so the same login works across admin/press/seo subdomains. Expires after seven days of inactivity.
No analytics cookies by default. If we add a privacy-respecting analytics tool later, we’ll list it here.

Third parties we use

Resend — sends our newsletter and confirmation emails. Receives the recipient’s email address.
Akismet (when enabled) — checks comments for spam. Receives the comment text, your IP, and user agent.
hCaptcha (when enabled) — protects sign-up forms from bots. Receives standard browser challenge data.
ZeroSSL — issues our TLS certificates. Doesn’t see request data.
Browser push services (Apple/Google/Mozilla) — deliver notifications you’ve subscribed to.

Each has its own privacy policy. We pass them only the minimum data they need to do their job.

How long we keep things

Subscribers: until you unsubscribe, plus a short suppression record so we don’t accidentally re-email you.
Push subscriptions: until your browser revokes them or until they fail to deliver (we auto-prune dead endpoints).
Comments: until you ask us to delete them.
Server logs: rotated within 30 days.

Your choices

Unsubscribe from email at any time using the link in any newsletter we send, or by emailing us.
Disable push from your browser settings or the “Notifications: ON” toggle in our header.
Request deletion of your subscriber, comment, or account data by contacting us. We’ll act within 30 days.
Request a copy of the data tied to your email or account by contacting us.

Children

The Cover covers sports betting analysis and is intended for an audience of legal age in their jurisdiction (21+ in the U.S. for any betting context). We do not knowingly collect data from children under 13. If you believe a child has interacted with the site, contact us and we’ll remove anything we can identify.

Security

We protect data with TLS in transit, hashed passwords, scoped admin cookies, role-based access control, and short retention windows. We do not store credit-card information. No system is perfect; if you find a vulnerability, please tell us at the email below before disclosing publicly.

Changes

We’ll update this page when our practices change. The “Last updated” date at the top reflects the most recent change. Material changes will also be announced in the newsletter.

Contact

Questions, concerns, deletion requests, or just want to chat about it? Get in touch.