SM88 Privacy Policy

This policy covers information handled through the web experience, mobile experience, and support. “Personal data” means information that can identify you. “Processing” means collecting, using, storing, sharing, and deleting data. “Device data” is technical info from your phone or browser that helps keep the service stable.

We collect what is needed to provide access, keep accounts safe, run core features, and improve reliability. Depending on how you use the service, we may handle:

• Account details: email/phone used for sign up and recovery, plus any basic profile details you submit.
• Login and security data: sign-in times, session IDs, and security signals used to spot unusual activity.
• Account activity: key account events (for example, verification events or preference changes) that help operate the service and solve disputes.
• Device and tech data: device type, OS, browser, language, app version, IP address, and error logs.
• Support messages: what you send to support, including files like screenshots. Please hide details you do not want to share.
• Cookies and similar IDs: small files and IDs that help keep you signed in, remember settings, and measure performance.

If you choose not to provide some information, certain features may not work well (for example, recovery or security checks).

We also try to keep data accurate. If your contact details change, update them as soon as you can so recovery and support work smoothly. Out-of-date details can slow down help because we may need extra steps to confirm ownership.

We use information to run the service and keep it safe:

• Access and accounts: sign-in, recovery, verification, sessions, and saved settings.
• Security: fraud checks, risk checks, and reviews of suspicious behavior.
• Reliability: finding errors, fixing crashes, and improving speed.
• Support: answering requests and troubleshooting when you share device/OS and the exact error text.
• Rules and law: meeting legal duties and enforcing rules where needed.

We do not sell personal data.

Where needed, we process data because: (a) you asked us to provide the service; (b) the law requires it; (c) we must protect users and prevent fraud; (d) we have a valid business need like security and service health; and (e) you gave consent for a specific feature. If you withdraw consent, that feature may stop working.

Cookies help keep sessions stable and protect accounts. We may use:

• Essential cookies: needed for login, security, and basic functions.
• Preference cookies: store choices like language and display settings.
• Performance cookies: help us see errors and slow pages so we can improve.

You can control cookies in your browser or device settings. If you block cookies, sign-in and security checks may not work as expected.

Some browsers offer “Do Not Track” or similar signals. There is no single industry standard for how to respond, so we treat these signals as preferences where possible, but key security and session functions may still require essential cookies.

We share data only in limited cases:

• Service partners: companies that help with hosting, security, and support. They must protect data and use it only for approved work.
• Legal and safety: if the law requires it, or to protect users, prevent fraud, or handle a security issue.
• Company changes: if there is a merger or asset transfer, where allowed and with safeguards.

We do not share data for third-party ads in a way that overrides your choices.

In some cases we may share reports that are grouped or summarized (for example, service health trends). These reports are not meant to identify you as an individual.

We keep data only as long as needed for security, support, legal needs, and service operations. Examples:

• Account data: kept while the account is active and for a reasonable time after, where needed for law and safety.
• Security logs: kept for a limited time to investigate abuse and protect accounts.
• Support records: kept to track fixes and reduce repeat issues.

When data is no longer needed, we delete it or make it anonymous. Some data may be kept longer if the law requires it or a dispute is open.

Backups and security copies may exist for a short time after deletion. We keep backups to protect service continuity and to recover from failures. When backups cycle out, older copies are removed under our normal retention process.

We use reasonable security controls to protect data, such as access limits, monitoring, and safe handling steps. You can also reduce risk with simple habits:

• Use a strong password and keep it private.
• Never share one-time codes.
• Sign out on shared devices.
• Keep your phone and browser updated.

If you think someone accessed your account, change your password and contact support quickly. If you message support, do not send passwords or one-time codes. Those are never needed to troubleshoot basic access issues.

If there is a major security issue that affects many users, we may post guidance to help users protect their accounts. Even then, the safest move is still the same: change your password, keep your device updated, and avoid risky shortcuts.

Depending on where you live, you may be able to ask for access, correction, deletion, or limits on how data is used. You may also object to some uses, or ask for a copy of certain data. We may verify your identity first to protect your account.

You also have practical controls you can use right now:

• Device controls: manage app permissions in your phone settings.
• Browser controls: clear cookies, block third-party storage, or use private mode (with the trade-off that sessions may not persist).
• Account safety: change your password if you suspect access from someone else.

To request help with privacy rights, submit a request via Contact and include: your request type, your country, the account identifier you used, and any helpful context (for example, the exact error text).

If you think a request was handled incorrectly, reply with the same ticket details so the case can be reviewed. Clear details help us avoid mixing requests between similar accounts.

If you use the service from different countries, data may be processed where our teams or service partners work. We use safeguards to protect data during cross-border processing, like contracts, security controls, and limited access.

The service is not meant for people under the age allowed in their area. If we learn that someone who should not have provided data did so, we will take steps to delete it where needed.

We may update this policy as the service changes or as the law changes. If the change is important, we will give notice in a reasonable way. If you keep using the service after an update, you accept the updated policy.

If you have privacy questions, contact support through Contact. For account rules and conditions, review Terms before you take actions that depend on eligibility or requirements.

This SM88 Privacy Policy is meant to be practical. If anything is unclear, pause and verify before sharing information.