Oakridge Interactive LLC, doing business as Eazy6 (“Eazy6,” “we,” “our,” or “us”), respects your privacy and is committed to protecting it. This Privacy Policy (“Policy”) explains how we collect, use, disclose, and safeguard your personal information when you use the Eazy6 mobile application (the “App”) and visit our website at www.eazy6.com (the “Site,” collectively the “Services”). By using our Services, you agree to this Policy.
Privacy Principles
Transparency – clear disclosures about what we collect, why, and with whom we share it.
Fairness & Lawfulness – we process data for legitimate purposes and in accordance with applicable laws.
Security – administrative, technical, and physical safeguards proportionate to risk.
Data Minimization – we collect only what we need for the stated purposes.
Accountability – contracts and oversight of our service providers/processors.
Privacy by Design & Default – privacy embedded throughout our product lifecycle.
1. Scope of This Policy
Players and visitors who register, enter skill-based contests, make deposits/withdrawals, or otherwise use the App or Site.
Individuals who contact us (e.g., customer support, feedback).
Business partners, vendors, and service providers to the extent we process their personnel’s data in operating the Services.
This Policy does not govern our HR/employment data except as noted in the GDPR/UK Appendix.
2. Notice at Collection (Summary for U.S. State Privacy Laws)
The table below summarizes the categories of personal information we collect, the purposes for which we use it, sources, whether it may be considered “sensitive,” whether it is “sold” or “shared” (as defined by certain state laws), typical recipients, and indicative retention periods.
Category | Examples | Purposes | Sources | Sensitive? | Sold/Shared? | Recipients | Retention |
Identifiers | Name, username, mobile number, email, IP address, device IDs (IDFA/AAID). | Account creation; OTP login; communications; security; fraud prevention; deposits/withdrawals. | You; your devices; service providers. | No (but mobile number may be sensitive in some states). | Not sold. May be “shared” for cross-context behavioral advertising only if you opt in; otherwise limited to service providers. | Service providers (OTP/SMS, auth, fraud, payments); analytics vendors. | Account life + legal/AML requirements. |
Protected classifications / Age | Date of birth; age eligibility. | Age verification; eligibility; compliance. | You; KYC provider. | Yes (sensitive personal data in some states). | Not sold or shared. | KYC provider; compliance partners. | As required by law (e.g., AML). |
Financial Information | Payment method tokens, transaction history (deposits, withdrawals, entry fees, winnings). | Process transactions; prevent fraud; comply with network rules and law. | You; payment processors; banking partners. | Yes (sensitive). | Not sold or shared for advertising. | Payment processors; banks; auditors; tax authorities as required. | Legal/accounting retention periods. |
Geolocation Data | Precise device location (GPS/Wi‑Fi/IP) via geolocation and/or anti-fraud provider(s). | Determine contest eligibility; geofence prohibited jurisdictions; fraud/abuse prevention; legal compliance. | Your device; geolocation provider. | Yes (precise geolocation). | Not sold or shared for advertising; disclosed to service providers only. | Geolocation provider; compliance partners as needed. | As necessary for compliance/fraud; then minimized/anonymized. |
Biometric / Verification Data | ID images, selfies; face-matching/liveness signals processed by KYC vendor. | KYC/AML; age/identity verification; sanctions screening; fraud prevention. | You; KYC provider. | Yes (biometric/sensitive). | Not sold or shared for advertising. | KYC provider; regulators/law enforcement if required. | Per law and vendor policy; we do not retain biometric templates ourselves. |
Internet/Network Activity | App events, session logs, crash reports, performance metrics, referral URLs. | App functionality; security monitoring; analytics; improvement. | Your device; analytics SDKs. | No. | May be “shared” for cross‑context ads only if you opt in; otherwise service providers only. | Analytics providers; anti‑fraud tools. | Operational needs + analytics windows. |
Communications | Support emails/chats/call recordings; feedback and surveys. | Customer support; quality assurance; training; dispute resolution. | You; communications vendors. | May include sensitive content incidentally. | Not sold or shared for advertising. | Support tooling providers; dispute resolution services. | As needed for support, disputes, and legal holds. |
Public Profile/Leaderboards | Display name, entries, rank/standing, pick data visible to other users in the same contest. | Core gameplay features; community transparency. | You; game systems. | No. | Public to participants; not sold. | Other users in the same contest; moderation tools. | While the contest/feature is available + audit window. |
For additional disclosures required by California and other states (including rights to access, delete, correct, opt out of “sale” or “sharing,” and limit use of sensitive personal information), see Section 11.
3. Information We Collect and Process (Detailed)
A. Visitors, Registrants, Purchasers, and Users of Our Services
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity & contact (name, username, mobile, email, DOB); account security (OTP status, backup email/password); profile image (optional). | You directly via App or Site; device OS account frameworks. | Account creation; secure OTP login; communications; account recovery; withdrawal eligibility (backup email verification). | Contract; legitimate interests; legal obligations (eligibility, AML). | Auth/OTP providers; email service; fraud/abuse tools. |
Financial/transaction (deposit/withdrawal details, history); PSP tokens. | You; payment processors/banks. | Process payments; tax/reporting; dispute resolution; AML. | Contract; legal obligations; legitimate interests (fraud prevention). | Payment processors; banks; auditors; tax authorities as required. |
Geolocation (precise device location); IP-based location. | Your device; geolocation and/or anti-fraud provider(s). | Eligibility/geofencing; regulatory compliance; fraud prevention. | Legitimate interests; legal obligations. | Geolocation provider; compliance partners. |
KYC/Verification (ID images, selfies; liveness; sanctions screening results). | You; KYC/ID vendor. | Age/identity verification; AML/sanctions; anti‑fraud; account integrity. | Legal obligations; legitimate interests. | KYC vendor; regulators/law enforcement if required. |
Device & technical (IDFA/AAID; IP; OS; app usage; crash logs). | Your device; analytics/crash SDKs. | Security monitoring; debugging; analytics and improvement. | Legitimate interests; consent where required for ads. | Analytics providers; anti‑fraud vendors. |
Public content (display name, standings, picks visible in leaderboards). | You; game systems. | Core gameplay; transparency; community features. | Contract; legitimate interests. | Other users in the contest; moderation tooling. |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
B. Persons Who Communicate with Us
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity/contact; communications content; metadata; call recordings (where permitted). | You; comms providers; in-app support. | Respond to inquiries; QA/training; legal holds. | Legitimate interests; legal obligations (record retention). | Support platforms; transcription tools (where used). |
Technical data (IP, device, time, headers). | Your device; comms tooling. | Security and abuse prevention; rate limiting. | Legitimate interests. | Security tooling providers. |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
C. Employment and Apprenticeship Candidates (if applicable)
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity/contact; CV/resume; education; work history; certifications; references. | You; recruiters; references; background check vendors (where permitted). | Evaluate candidacy; schedule interviews; onboarding. | Contract; legitimate interests; legal obligations. | HR platforms; background-screening vendors (if used). |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
D. Business Partners and Their Personnel
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity/contact; role/title; company; correspondence. | You; your employer; conferences/intros. | Administer our relationship; compliance screening; payments. | Contract; legitimate interests; legal obligations. | Billing platforms; compliance screening vendors. |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
4. Geolocation, Eligibility, and KYC/AML Verification
**Geolocation & Geofencing.** We collect and use precise device location signals to verify that users are physically located within jurisdictions where Eazy6 contests are legally offered. This may include device-native location services (such as GPS), network-based location indicators, operating-system level device integrity and attestation checks, and supplemental fraud-prevention or network-risk signals to detect VPN usage, spoofing, or other attempts to circumvent geographic eligibility restrictions. Disabling required location or integrity checks will prevent participation in real-money contests in jurisdictions where location verification is required. We do not use precise location information for unrelated advertising purposes without your consent.
**Identity & Age Verification; AML & Sanctions Screening.** We may require users to complete Know-Your-Customer (KYC), age verification, and sanctions screening before permitting deposits, withdrawals, or continued access to certain features. These processes utilize third-party identity verification and screening services to validate government-issued identification, perform selfie or liveness checks, and screen users against applicable sanctions and restricted-party lists, including those administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”). Such service providers process personal information on our behalf under contractual safeguards and applicable data-protection laws.
**Biometric Information.** Where identity verification requires biometric processing (such as facial geometry used for liveness detection or face-matching), biometric identifiers or information are processed by our verification service providers on our behalf solely for identity verification, fraud prevention, and compliance purposes. We do not sell biometric information, do not use it for advertising, and do not retain biometric templates ourselves. Verification providers maintain retention and deletion schedules consistent with applicable law, and we instruct them to delete biometric data once verification is complete or after legally required retention periods.
Identity verification, sanctions screening, and related checks may be repeated on a risk-based basis, including in response to account activity, profile changes, payment behavior, or other compliance triggers.
5. Online Tracking, SDKs, and Marketing
We use SDKs and cookies on the Site/App for essential functions, analytics, crash reporting, performance, and—where permitted—advertising and measurement.
Mobile advertising identifiers (IDFA/AAID) may be used for attribution and measurement; you can reset/limit via OS settings.
We honor applicable opt‑out mechanisms (e.g., “Do Not Sell or Share,” GPC signals on web) where required by law.
Service emails (e.g., OTP codes, security alerts, transactional notices) are not marketing and will still be sent.
6. How We Share Personal Information
Service providers/processors (e.g., OTP/SMS, geolocation, KYC/AML, payments, analytics, support, hosting, security) under confidentiality and data‑protection agreements.
Affiliates and professional advisors (legal, auditors, insurers) for compliance and corporate governance.
Legal/regulatory and integrity monitoring—where required to comply with law, enforce terms, investigate fraud/cheating/abuse, or respond to lawful requests.
Business transfers—mergers, acquisitions, restructurings; personal information may be transferred as an asset as permitted by law.
With your consent or at your direction.
7. Security
We implement reasonable administrative, technical, and physical safeguards appropriate to the nature of the data and risk, including TLS encryption, secure OTP login, access controls, least‑privilege, monitoring, and regular testing. No method of transmission or storage is completely secure; you are responsible for maintaining the confidentiality of your account credentials.
8. Data Retention & Minimization
We retain personal information only for as long as needed for the purposes described in this Policy, including gameplay, customer support, security/fraud prevention, and legal/regulatory obligations (e.g., tax, AML).
When data is no longer needed, we will delete or de‑identify it, subject to legal holds or dispute resolution.
KYC/AML and transaction records may be retained for legally mandated periods.
9. Children’s Data
Eazy6 is intended for U.S. users aged 18+ (or the legal age in their jurisdiction). We do not knowingly collect personal information from children under 13 (or under 16 where applicable). If we learn we have collected such information without appropriate consent, we will delete it.
10. International Data Transfers
If you access the Services from outside the United States, your personal information may be transferred to, stored, and processed in the United States or other countries with different data‑protection laws. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for such transfers.
11. U.S. State Privacy Rights
Depending on your state of residence, you may have rights to access, correct, delete, or obtain a portable copy of your personal information; to opt out of sale, sharing for cross‑context behavioral advertising, and certain profiling; to limit use/disclosure of sensitive personal information; and to be free from discrimination. You may exercise these rights by emailing privacy@eazy6.com. We will verify requests and respond as required by law. We honor Global Privacy Control signals on the web where applicable.
12. Do Not Track and Global Privacy Control
Some browsers include a Do Not Track (“DNT”) setting. Our Site does not respond to DNT signals at this time. We do, however, recognize and honor Global Privacy Control (“GPC”) signals where required by applicable law.
13. Changes to This Policy
We may revise this Policy from time to time. The “Last Updated” date indicates the effective date. Material changes may be announced via the App or email. Your continued use of the Services after changes means you accept the updated Policy.
14. Contact Us
Eazy6 Privacy Team
Oakridge Interactive LLC
101 Crawfords Corner Road, Ste. 4116
Holmdel, NJ 07733
Email: privacy@eazy6.com
15. Player Safety and Integrity Monitoring
We use a combination of internal systems and third‑party tools to help maintain a fair, balanced, and responsible environment. This may include monitoring deposit and gameplay patterns for indicators of problematic play; detecting multi‑accounting, collusion, botting, tampering, or other integrity risks; and reaching out with resources for player safety where appropriate. We may also temporarily restrict accounts to review anomalies or compliance signals.
Automated risk signals are used to support security, fraud prevention, eligibility enforcement, and player safety, and are not used to make decisions producing legal or similarly significant effects without human review where required by law.
16. Prohibited Users and Eligibility Controls
Users located in jurisdictions where our contests are not legally offered (as determined via geolocation) are prohibited from real‑money play.
Individuals subject to anti‑money laundering or other watchlist restrictions may be prohibited.
Certain employees, contractors, vendors, and others with access to confidential or game‑integrity information are prohibited from competing where required by policy or law.
17. Combination of Data and Profiling
We may combine information collected across the App, the Site, and our service providers to improve accuracy, security, and your experience. We may also use automated decision‑making or profiling (e.g., risk scoring signals for fraud prevention or geolocation eligibility). Where required by law, we will provide meaningful information about the logic involved and the significance and potential consequences for you, as well as your rights related to such processing.
18. Notice of Financial Incentives (if applicable)
From time to time, we may provide referral bonuses, promotional credits, or loyalty rewards. Participation is voluntary. The material terms (including how to opt out) will be disclosed at the time of the offer. The value of your data is reasonably related to the value of the offer or the expenses associated with providing it. You may withdraw at any time by contacting us. We do not condition the provision of services on participation in such programs except where the incentive is integral to the promotion.
We do not currently offer programs that are “financial incentives” under some state laws. If that changes, we will update this section and provide the required notices.
19. Authorized Agents, Appeals, and Verification Process
You may designate an authorized agent to submit a privacy request on your behalf. We require a signed authorization and identity verification.
We verify requests by matching information you provide with our records. Certain requests may require stronger verification (e.g., government ID).
If we deny your request, you may appeal by replying to our decision notice with “Appeal” in the subject line. We will review and respond within the timeframe required by applicable law.
20. Sensitive Personal Information – Limitation
Where state law provides a right to limit use and disclosure of sensitive personal information (e.g., precise geolocation, government ID, or biometric data), we limit our use of such data to the purposes reasonably necessary to provide the Services, ensure security and integrity, prevent fraud, comply with laws, and other purposes permitted by those laws.
21. Authentication and Account Security
Primary sign‑in via mobile number + one‑time passcode (OTP).
Backup email strongly recommended and required before first withdrawal; email must be verified.
Optional backup password available (recommended).
Security notifications (email/SMS) sent on username, password, or mobile changes.
Rate limits and cooldowns for OTP requests; short OTP expiration windows; limited attempts.
Recovery paths include mobile OTP, verified backup email, and support‑assisted KYC re‑verification where necessary.
Appendix A – GDPR/UK Data Protection Addendum
If you are located in the EEA/UK, this Addendum applies in addition to the main Policy.
Category | Purpose of Processing | Legal Basis (GDPR Art. 6) |
Account & Contact (name, username, mobile, email, DOB) | Provide and manage account; OTP login; communications | Art. 6(1)(b) Contract; Art. 6(1)(f) Legitimate interests |
Payment & Transactions | Process deposits/withdrawals; compliance | Art. 6(1)(b) Contract; Art. 6(1)(c) Legal obligation |
Geolocation | Eligibility/geofencing; compliance; fraud prevention | Art. 6(1)(f) Legitimate interests; Art. 6(1)(c) Legal obligation |
KYC/Verification (including biometrics processed by vendor) | Identity/age verification; AML/sanctions; fraud prevention | Art. 6(1)(c) Legal obligation; Art. 6(1)(f) Legitimate interests; Art. 9(2)(g)/(f) where applicable |
Device/Usage/Analytics | Security; analytics; improvement | Art. 6(1)(f) Legitimate interests; Art. 6(1)(a) Consent (for ads where required) |
Marketing/Communications | Send offers and updates (where permitted) | Art. 6(1)(a) Consent; Art. 6(1)(f) Legitimate interests |
International transfers may occur to countries without an adequacy decision; we rely on appropriate safeguards (e.g., Standard Contractual Clauses). You have rights under GDPR (access, rectification, erasure, restriction, portability, objection) and may contact us to exercise them. You may lodge a complaint with your supervisory authority.
Appendix B – State Privacy Rights Summary (California and Other U.S. States)
Right to Know/Access, Correct, Delete, and Portability.
Right to Opt Out of Sale or Sharing and Targeted Advertising.
Right to Limit Use/Disclosure of Sensitive Personal Information (e.g., precise geolocation, government ID).
Non‑discrimination for exercising rights.
Authorized agent procedures; verification steps for requests.
Appendix C – Key Third‑Party Service Providers (Current)
Category | Provider(s) (Subject to Change) | Purpose / Notes |
Geolocation & Eligibility Controls | Device-native location services and third-party fraud/eligibility tools | Precise location verification; geofencing; detection of VPN usage, spoofing, or circumvention of jurisdictional restrictions; eligibility enforcement. |
Identity Verification / KYC & Sanctions Screening | Third-party identity verification providers | Government ID validation; selfie/liveness checks; age and identity verification; sanctions and AML screening; fraud prevention. |
OTP / Authentication Messaging | SMS, email, or push notification providers | Delivery of one-time passcodes, security alerts, and key account notifications. |
Payments & Banking | Payment processors and banking partners | Processing deposits and withdrawals; settlement; payment dispute handling; financial compliance. |
Analytics / Performance / Crash Reporting | Analytics and diagnostics providers | App performance monitoring; crash reporting; usage analytics; service improvement. |
Customer Support & Communications | Helpdesk, CRM, and communications platforms | Customer support, communications, quality assurance, and dispute resolution. |
Security, Fraud & Integrity Monitoring | Fraud-prevention and security service providers | Detection of account takeover, botting, collusion, abuse, and other integrity or security risks. |
Appendix D – Definitions
“Personal Information” or “Personal Data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
“Sensitive Personal Information” includes certain data such as precise geolocation, government IDs, and biometric information as defined by applicable law.
“Sale” or “Share” have the meanings given in applicable state privacy laws (e.g., CPRA).
“Processor/Service Provider” means a vendor that processes data on our behalf under contract.
Appendix E – California “Shine the Light” and Nevada Rights
California “Shine the Light” (Civ. Code § 1798.83): We do not disclose personal information to third parties for their direct marketing purposes without giving you a right to opt out.
Nevada residents: We do not “sell” covered information as defined by Nevada law. You may still submit a verified request directing us not to sell covered information by contacting privacy@eazy6.com.
Appendix F – Cookie and SDK Notice
We and our service providers use cookies and SDKs to operate the Site and App. You can control cookies via your browser and mobile OS settings. The categories below summarize typical technologies used.
Category | Examples | Purpose/Controls |
Essential | Authentication, session management, security tokens | Required to log in, route traffic, and keep your session secure; cannot be disabled. |
Functional | Preference cookies, in‑app settings | Remember choices (e.g., language, notification preferences). |
Analytics | SDKs such as Firebase/Google Analytics; crash reporters | Measure performance and usage; de‑identified or aggregated where possible; opt‑out via device settings where available. |
Advertising/Attribution | Mobile attribution SDKs; IDFA/AAID | Attribution and, where permitted, advertising measurement; control via OS settings and in‑app choices; opt‑out of “sale/share” where applicable. |
Appendix G – Biometric Information Policy (Vendor‑Processed)
Purpose: identity verification, age checks, liveness detection, and fraud prevention.
Collection: biometric identifiers/information (e.g., facial geometry) may be extracted from images you submit and processed by our verification vendor on our behalf.
Use & Disclosure: limited to verification and fraud/AML purposes; not used for advertising; not sold.
Retention & Deletion: we instruct vendors to retain only as long as necessary to complete verification or comply with legal obligations, then delete. We do not maintain biometric templates ourselves.
Security: vendors are required to apply industry‑standard safeguards and to comply with applicable biometric privacy laws.
Appendix H – California Privacy Addendum (CPRA)
This section supplements the Policy for California residents and describes our practices required by the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CPRA”).
CPRA Category | Examples | Collected | Sold/Shared | Disclosed for Business Purpose (Recipients) | Sensitive? / Right to Limit |
Identifiers | Name, username, mobile, email, device IDs, IP | Yes | No sale; sharing only if you opt in; otherwise service providers only | Auth/OTP, analytics, security, payments | Some identifiers may be sensitive under state law |
Customer Records | Account records, transaction history | Yes | No | Payment processors/banks; auditors | Yes (financial) |
Protected Classifications | Age (18+), date of birth | Yes | No | KYC vendor | Yes; right to limit applies to certain uses |
Geolocation | Precise device location | Yes | No sale/share for ads | Geolocation provider; compliance | Yes; right to limit applies |
Biometric Info | Facial geometry processed by KYC vendor | Yes (vendor‑processed) | No | KYC vendor; regulators if required | Yes; right to limit applies |
Internet Activity | App events, usage, crash logs | Yes | Shared for cross‑context ads only if you opt in | Analytics/crash providers | No |
Inferences | Risk signals for fraud/abuse | Yes | No | Security/fraud tools | May be sensitive depending on context |
California Rights: access/know, delete, correct, portability, opt‑out of sale/share and certain profiling, limit use/disclosure of sensitive personal information, and non‑discrimination. To exercise rights, email privacy@eazy6.com. We verify requests and honor Global Privacy Control signals on the Site where required.
Appendix I – Gaming Consumer Privacy Rights (State-Specific)
Certain U.S. states may prescribe additional consumer privacy disclosures and rights specific to regulated gaming or fantasy sports products. To the extent such state-specific gaming privacy rights apply to Eazy6 players, we will honor those rights and provide any required notices and mechanisms for exercising them. This may include additional disclosures about categories of personal information processed for gaming eligibility, integrity monitoring, self-exclusion, or player safety features, and contact methods for state gaming authorities.