Privacy Policy

1. Who We Are

Zexabit (“we,” “us,” or “our”) is a B2B software development company specializing in white-label gaming platforms, betting exchanges, casino solutions, and custom software for business partners worldwide. This Privacy Policy explains how we collect, use, store, and protect information when you interact with us through our website (zexabit.com), contact forms, email communications, or any of our services.

2. Information We Collect

2.1 Information You Provide Directly

When you submit a quote request, contact us, or engage with our services, we may collect:

• Full name and job title
• Business email address and phone number
• Company name and website URL
• Project details, budget range, and timeline preferences
• Any additional information you include in messages or project briefs

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical data through cookies and similar technologies:

• IP address (anonymized where required by law)
• Browser type, version, and operating system
• Pages visited, referral source, and session duration
• Device type and screen resolution

2.3 Information from Third Parties

We may receive business contact information from industry directories, partner referrals, or publicly available professional profiles such as LinkedIn when engaging in legitimate B2B outreach.

3. How We Use Your Information

4. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area (EEA) and the United Kingdom, we process personal data under the following legal bases:

• Consent — When you submit a quote form or opt in to communications.
• Contractual necessity — To fulfill our obligations under service agreements.
• Legitimate interests — For B2B marketing, website analytics, and business development, provided these do not override your fundamental rights.
• Legal obligation — To comply with tax, accounting, and regulatory requirements.

5. Data Sharing & Third Parties

We do not sell, rent, or trade your personal data. We may share information with the following categories of third parties only as necessary:

• Cloud infrastructure providers (e.g., AWS, Google Cloud, Cloudflare) for hosting and content delivery
• Analytics services (e.g., Google Analytics with IP anonymization) for website improvement
• Payment processors for invoicing and payment collection
• Professional advisors including legal, accounting, and auditing firms
• Regulatory bodies when required by law or legal process

All third-party processors are contractually bound to handle your data securely and in accordance with applicable privacy laws.

6. International Data Transfers

As a remote-first company serving global clients, your data may be transferred to and processed in countries outside your country of residence. When we transfer data outside the EEA or UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on adequacy decisions where applicable.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy. Specifically:

• Quote requests: 24 months from the date of submission, unless a business relationship is established
• Client project data: Duration of the engagement plus 5 years for legal and contractual obligations
• Analytics data: 14 months (anonymized)
• Financial records: As required by applicable tax and accounting regulations

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — Request a copy of the personal data we hold about you
• Rectification — Request correction of inaccurate or incomplete data
• Erasure — Request deletion of your data (subject to legal retention requirements)
• Restriction — Request that we limit processing of your data
• Portability — Receive your data in a structured, machine-readable format
• Objection — Object to processing based on legitimate interests or direct marketing
• Withdraw consent — Where processing is based on consent, withdraw at any time

To exercise any of these rights, contact us at dpo@zexabit.com. We will respond within 30 days.

9. Security Measures

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.3) and at rest, access controls and role-based permissions, regular security audits and vulnerability assessments, DDoS protection via Cloudflare, and secure development practices aligned with OWASP guidelines. While no system is completely impervious to risk, we are committed to maintaining the highest practical standard of data protection.

10. Children’s Privacy

Our services are B2B in nature and are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a minor has provided us with personal data, please contact us immediately and we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify you via email.

12. Data Protection Officer

Zexabit has appointed a Data Protection Officer (DPO) responsible for overseeing our data protection strategy and compliance. You may contact the DPO for any data-related inquiries:

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.

13. Contact Us

For general questions about this Privacy Policy or our services:

Zexabit Gaming Solutions
Email: contact@zexabit.com
Website: zexabit.com