← BenchBrawl

Privacy & Cookie Policy

Last updated: June 10, 2026

This Privacy Policy for BenchBrawl, operated by EZ Street LLC ("Company", "we", "us", "our"), describes how we collect, use and disclose information about users of the Company's website (benchbrawl.com), the Company app ("App"), services, tools and features (collectively, the "Services"). Our Services are strictly for individuals 18 years of age or older. For the purposes of this Privacy Policy, "you" and "your" means you as the user of the Services.

Please read this Privacy Policy carefully. By using, accessing, or downloading any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree, you may not use, access, or download any of the Services.

Key points of our privacy policy

  • Data collection: We collect personal information such as name, email, age, location, identity-verification data, and usage data when you use our Services.
  • Purpose: Your data is used to provide and improve our Services, personalize your experience, verify eligibility, and comply with legal obligations.
  • Data sharing: We do not sell your personal information. We may share data with service providers and for legal compliance.
  • User rights: You have the right to access, correct, delete, and export your personal data. You can also opt out of certain data processing activities.
  • Security: We implement industry-standard security measures to protect your data.
  • Age restriction: Our Services are strictly for individuals 18 years of age or older.
  • Cookies: We use cookies and similar technologies to enhance your experience and analyze usage patterns.
  • Updates: We may update this policy periodically. Check back for the latest version.
  • Contact: For privacy-related inquiries, contact us at [email protected].

How we update this privacy policy

We may modify this Privacy Policy from time to time, in which case we will update the "Last updated" date at the top of this page. If we make material changes to the way we use information we collect, we will use reasonable efforts to notify you (such as by emailing you at the last email address you provided us, by posting notice on our website and/or the App, or by other means consistent with applicable law) and will take additional steps as required by applicable law. If you do not agree to any updates, please do not access or continue to use the Services.

Our collection and use of information

When you access or use the Services, we may collect certain categories of information about you from a variety of sources, including Personal Data (information that can identify you, like your name and email address) and Anonymous Data (information that cannot identify you, like general usage statistics). This Privacy Policy covers our use of Personal Data. We need to collect and use certain Personal Data to provide the Services and fulfill the promises we make to you in our Terms of Use.

Information you directly submit through our Services may include:

  • Accounts and registration. You may access the full Services only if you register an account with us. The Personal Data we collect as part of account creation includes your first and last name, email, username, information to confirm you are old enough to use the Services (including your attestation that you are 18 or older), and payment information for any purchases. You may also submit optional profile information such as usernames and preferences.
  • Identity verification. Before redeeming Cash prizes (and where otherwise required), we verify your identity through our verification provider (Sumsub), which collects your government-issued ID and a liveness check (including facial image data) on our behalf.
  • External account sign-on. You may sign in via a supported external single sign-on service. The Personal Data we collect depends on which external account you use, their privacy policy, and your privacy settings with those services — for example, your Google email address and an authentication token if you sign in with Google, or your Apple ID email (or private relay address) if you sign in with Apple.
  • Location of your device. We collect and use your device location as you use our Services. Our Services are limited by geographical location to allow us to confirm compliance with applicable laws. We identify your location using a variety of technologies, including GPS, WiFi access points, and IP geolocation.

We also collect and use your in-game or in-app actions and achievements, as well as certain information about your device (including device identifiers, OS, model, configuration, and settings), to operate the Services and personalize your experience. We generate an internal account ID to associate you with an account, and we use the information above to provide technical and customer support.

Legitimate interests

We use your Personal Data for the following purposes based on legitimate interests:

  • Usage data: collecting IP address, browser type, operating system, visited pages, time spent, clicks, device identifiers, in-app actions, settings, preferences, and purchases to understand user behavior and improve the Services;
  • Communication: using your email to provide technical and customer support;
  • User content: associating your username with content you submit;
  • Updates and news: sending updates and news via email or in-app notifications (opt-out available);
  • Personalized offers: analyzing use of our Services to show promotions or offers (opt-out available);
  • Live contests: displaying updated information and profiles during contests;
  • Anti-fraud measures: using device, location, and in-app data to prevent fraud, multi-accounting, and cheating;
  • Service improvement: enhancing and adding new features;
  • Legal compliance: making necessary legal or regulatory disclosures, including eligibility, sweepstakes, and tax compliance.

Consent-based usage

We may use your Personal Data for the following purposes only with your consent:

  • Marketing: sending marketing materials via email or in-app notifications (opt-out available);
  • Media access: accessing your device's media storage to upload content (opt-out available).

Other collection

  • Cookies and tracking technologies. We use cookies, web beacons, and similar technologies to collect information about your interactions with our website and App, as described in the Cookies section below.
  • Device information. We may collect information about the device you use to access our Services, including device type, operating system, and unique device identifiers.
  • Virtual currencies and rewards. We collect information to process virtual-currency balances, rewards, and prize redemptions and maintain records of your transactions.
  • Feedback. We collect and maintain records of customer service and other communications with users, including survey responses and questions or comments sent to us. This information may be used to improve the Services.
  • Outside sources. We may obtain information about you from outside sources (for example, payment processors and identity-verification providers). Any information we receive from outside sources is treated in accordance with this Privacy Policy. We are not responsible for the accuracy of information provided to us by third parties or for third parties' policies or practices.
  • Legal requirements. We may use any of the above information to comply with applicable legal obligations, enforce our Terms of Use, protect or defend the Services and the rights of our users or others, combat fraud, and otherwise operate our business. This Privacy Policy is integrated into and is expressly a part of our Terms of Use.

Account information

If you would like to review or change the information in your account, you can log into your account settings and update your profile. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information to prevent fraud, troubleshoot problems, assist with investigations, enforce our legal terms, and/or comply with applicable legal requirements.

Parties we may share your information with

We will not share Personal Data we have collected from or about you except as described below:

Service providers

We engage external service providers to administer and provide the Services. They have access to your Personal Data only to perform services on our behalf, in compliance with this Privacy Policy, and are contractually obliged not to disclose or use it for any other purpose. Our service providers help us to:

  • Run, operate, and maintain our Services through third-party platform and software tools;
  • Process payments, deposits, and prize redemptions (e.g., our payment provider);
  • Verify identity, age, and eligibility (e.g., our KYC provider, Sumsub);
  • Perform product and marketing analytics (e.g., PostHog);
  • Monitor errors and application performance;
  • Run email and mobile messaging campaigns;
  • Administer live contests, competitions, and promotions, including verifying eligibility and prize fulfillment;
  • Provide technical and customer support.

Some external service providers may also collect information directly from you (for example, a payment processor may request your billing and financial information) as a third-party service in accordance with their own privacy policy.

Other players or users

When you use the Services, we share certain Personal Data with other players: your in-app profile (such as your username and avatar), your picks once locked (where the contest displays them), your achievements, and your position on leaderboards.

Information shared publicly

Your username, in-app profile, achievements, and leaderboard standings may be visible on pages accessible to the public.

For our protection and the protection of others

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We share information about you with them only when we reasonably believe it necessary or appropriate: (a) to respond to claims and legal process (including subpoenas and warrants); (b) to protect our property, rights, and safety and the property, rights, and safety of third parties or the public; or (c) to investigate and stop activity that we consider illegal, unethical, or legally actionable.

Business transactions

If we are acquired by a third party as a result of a merger, acquisition, or asset sale — or if our assets are acquired in connection with bankruptcy — some or all of our assets, including your Personal Data, may be disclosed or transferred to the acquirer.

Other circumstances in which we may share information for legitimate purposes include:

  • With vendors or service providers, such as cloud storage providers, security vendors, data analytics vendors, banks and payment processors;
  • With our affiliates or otherwise within our corporate group;
  • When you request that we share certain information with third parties, such as through social media widgets or login integrations;
  • To comply with applicable law, including cooperation with law enforcement, judicial orders, and regulatory inquiries;
  • To enforce our Terms of Use and ensure the safety and security of our users;
  • With professional advisors, such as auditors, law firms, or accounting firms.

Cookies and other tracking technologies

Our Services use cookies — small text files placed on your computer or device by a web server when you access our Services. We may place and access "first party cookies"; cookies may also be placed and accessed by third parties ("third party cookies"). We use cookies and local storage to keep you signed in, monitor aggregate usage and web traffic, customize and improve our Services, and remember your preferences. We may also use web beacons (pixel tags) to track and measure the performance of our Services.

Types of cookies

  • Strictly necessary cookies: essential to enable you to use the Services (e.g., cookies that keep you logged in);
  • Performance cookies: collect information about how you and other visitors interact with our Services, used to improve how they work;
  • Functionality cookies: allow our Services to remember choices you have made (such as your login or region) and provide customized features;
  • Advertising cookies: used to deliver and measure advertisements that are more relevant to you.

Cookies may be "session cookies" (deleted when you log off or close your browser) or "persistent cookies" (which remain for a period of time afterward).

Third-party analytics and advertising

We use product analytics services (currently PostHog) to understand how the Services are used. We may also use advertising and measurement services, such as Google services and the Meta (Facebook) pixel, to measure the effectiveness of our advertising; these providers may process your data in the United States in accordance with their own policies. You can opt out of personalized advertising through your device settings or at the Digital Advertising Alliance or Your Online Choices opt-out pages.

Cookie settings and Do Not Track

Most browsers allow you to control cookies through their settings, including refusing or deleting cookies. If you don't accept cookies, you may not be able to access all features of the Services. Like many websites, our Services are not designed to respond to "Do Not Track" signals.

Data retention and deletion

We retain your personal information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. Our general retention practices:

  • Account information: retained for the duration of your active account. If you delete your account, we remove your personal information from active databases within 30 days, except where retention is required for legal or regulatory reasons;
  • Transaction data: financial transaction records retained for 7 years to comply with tax and accounting regulations;
  • Usage data: non-personally-identifiable usage data retained for up to 18 months;
  • Communication records: customer support communications kept for 2 years;
  • Legal hold: deletion may be suspended for data relevant to ongoing legal proceedings or investigations.

You can request deletion of your personal data at any time by contacting [email protected]. Upon verification, we will delete your data from active systems within 45 days, unless retention is required by law or for legitimate business purposes. Some information may remain in backups for a period after deletion from active databases; backups are securely deleted within 6 months.

Third-party websites and links

We may provide links to third-party websites or platforms. If you follow these links or interact with third-party features, review their privacy and security policies and terms. We do not guarantee and are not responsible for the privacy, security, accuracy, or reliability of third-party sites. Information you provide on public or semi-public venues, including third-party social platforms, may be viewable by others. Any information provided to a third-party service is subject to that service's privacy policy, not ours.

Age restriction and data collection

Our website and Services are strictly intended for individuals who are 18 years of age or older, or such higher age as required by applicable law. We do not knowingly collect, use, or disclose personal information from anyone under 18. By using our Services, you represent and warrant that you are at least 18 years of age. We employ reasonable efforts to verify the age of our users through our registration process and identity-verification measures. If we become aware that we have inadvertently collected personal information from an individual under 18, we will promptly delete it. If you believe we might have collected information from a person under 18, contact us immediately at [email protected].

Data security

We implement and maintain reasonable security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction, including encryption in transit (SSL/TLS) and at rest, strict access controls limiting employee access to user data, network protections, security reviews of our systems and applications, regular backups stored securely, and an incident response plan. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but are committed to implementing reasonable and appropriate measures.

Specific disclosures for California residents

The following disclosures are made pursuant to the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 ("CCPA"). Note that the Services are not currently offered to users located in California; these disclosures apply to any Personal Data of California residents we hold.

In the preceding 12 months, we have collected the following categories of Personal Data: identifiers; customer-records categories (such as name and financial information); commercial information; biometric data (facial image data collected during identity verification); Internet or other electronic network activity information; geolocation data; audio/visual data; and inferences drawn from other Personal Data. We collect these from you directly, from activity on our websites and applications, and from third parties that interact with us in connection with the Services. We use and disclose them for the business purposes described in this Policy. We do not sell or share your Personal Data as those terms are defined under the CCPA, and we have no actual knowledge of selling or sharing Personal Data of minors under 16.

Under the CCPA, California residents have the right to:

  • Know and access the categories and specific pieces of Personal Data we have collected;
  • Delete Personal Data, subject to certain exceptions;
  • Correct inaccurate Personal Data;
  • Non-discrimination for exercising CCPA rights.

To exercise these rights, submit a verifiable consumer request to [email protected]. You may use an authorized agent with written permission. We will verify your identity before responding, endeavor to respond within 45 days (extendable to 90 with notice), and will not charge a fee unless the request is excessive, repetitive, or manifestly unfounded.

Your rights under the GDPR

If the GDPR applies to you, you have the right to: access a copy of your Personal Data; rectification of mistakes; erasure ("right to be forgotten") in certain situations; restriction of processing in certain circumstances; data portability; objection to processing (including at any time for direct marketing); and the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. If you believe we have not complied with data protection laws, you can complain to your local supervisory authority — though we would appreciate the chance to address your concerns directly first.

Transferring your personal data

Your Personal Data will likely be transferred to and stored in the United States for the purposes outlined in this Privacy Policy, to the extent permitted by applicable laws. The data protection laws of the United States may not be the same as those in your home country. Where we transfer Personal Data from the UK or EEA, we ensure a similar degree of protection by transferring only to countries deemed adequate or under contracts approved by the European Commission (or the UK ICO, as applicable).

Your rights, choices, and how to contact us

Should you have any questions about our privacy practices or this Privacy Policy, email us at [email protected] or write to EZ Street LLC, PO Box 530, East Berlin, Connecticut 06023, United States of America. You can:

  • Request access to the Personal Data we hold about you;
  • Delete or correct your Personal Data — the easiest way to update account information is via your in-app settings;
  • Ask us to stop processing your Personal Data, including for direct marketing and promotional purposes (note that we sometimes need your Personal Data to provide the Services);
  • Opt out of periodic informational emails by following the opt-out instructions contained in the email — we may still send you emails about Services you have requested.

The law provides exceptions to these rights in certain circumstances; where an exception prevents us from fulfilling a request, we will explain why. After you contact us, you may receive an email to verify your request. We aim to respond within 30 days, or any shorter period required by the laws of your jurisdiction.

Data Protection Officer contact: [email protected]