How It Works Promo HQ Play For Charity Contact Download Rabbet

Privacy Policy

Last Updated: April 21, 2026

1. Introduction and Scope

1.1 Who We Are. Rabbet Gaming, LLC ("Rabbet," "we," "us," or "our") is a Delaware limited liability company with its principal place of business at 437 West Division St. #403, Chicago, IL 60160. Rabbet operates a peer-to-peer social sweepstakes mobile application available on iOS and Android, and the associated website at www.rabbetgaming.com (together, the "Service").

1.2 What This Policy Covers. This Privacy Policy (the "Policy") describes how we collect, use, disclose, retain, and protect personal information in connection with the Service. This Policy applies to information we collect from Users ("you" or "User"), from people who visit our website or interact with us in other ways, and through the technologies described in Section 4.

1.3 Relationship to Other Documents. This Policy should be read in conjunction with our Terms of Use, our Master Sweepstakes Rules, and our Player Responsible Play Policy. In the event of a direct conflict between this Policy and any of those documents as to the handling of personal information, this Policy controls as to privacy-specific matters.

1.4 Your Agreement. By accessing or using the Service, you agree that your personal information will be handled as described in this Policy. If you do not agree, please do not access or use the Service.

2. Information We Collect

We collect the following categories of personal information:

2.1 Information You Provide Directly

  • Account registration information: your full legal name, email address, mobile phone number, date of birth, residential address, and password.
  • Profile information: username, profile photo (if you upload one), Friends List, and any preferences you choose to enter.
  • Payment information: when you make an optional purchase of Rabbet Karrots or request a redemption of Rabbet Cash, our third-party payment processors collect the payment instrument details needed to process the transaction. Rabbet itself does not store full credit card numbers; we retain only the tokenized or masked information needed to reference the transaction.
  • Communications: the content of messages you send us through support, surveys, in-app communications, or social media channels.
  • User-generated content: anything you post, upload, or otherwise submit to the Service, including Offers, comments, and reactions.

2.2 Information Collected for Identity Verification and Compliance

Before we process a redemption of Rabbet Cash for U.S. dollars, and in certain other circumstances required by law or by our compliance program, we (directly or through our third-party identity-verification providers) collect:

  • Government-issued photo identification (U.S. driver's license, state ID, or passport);
  • Proof of address;
  • Information necessary to match your verified identity against the destination payment instrument;
  • Tax-related information where required for prize-payment reporting; and
  • Such other information as is required for identity verification, sanctions screening, or anti-money-laundering purposes under applicable law.

Providing this information, when requested, is a mandatory condition of using certain features of the Service. If you decline to provide it, you may be unable to redeem Rabbet Cash.

2.3 Information Collected Automatically

When you use the Service, we automatically collect certain information through cookies, pixels, software development kits ("SDKs"), and similar technologies. This information includes:

  • Device information: device type, operating system, unique device identifiers (including Apple IDFA and Google Advertising ID where permitted), mobile network information, and browser type.
  • Usage information: the features you use, the Offers you create or accept, the time and duration of your sessions, the pages or screens you view, the order in which you view them, and your interactions with the Service.
  • Log data: IP address, server logs, date and time of requests, referring URLs, and error information.
  • Location information: we collect geolocation data to verify that you are not accessing the Service from a Restricted Territory (as defined in our Terms of Use). You must enable Location Services to use the Service. We do not collect precise location beyond what is necessary to verify operating-state compliance.
  • Cookies and similar technologies: as described in Section 4.

2.4 Information from Third Parties

We receive information about you from:

  • Identity-verification and anti-fraud service providers;
  • Payment processors;
  • Advertising and analytics partners;
  • Social media platforms, if you link an account or authenticate through Facebook, Google, or Apple (see Section 2.5);
  • Public records and data sources, for identity verification and anti-fraud purposes; and
  • Other Users, for example when another User invites you to the Service or tags you in content.

2.5 Third-Party Sign-In

If you elect to sign in to the Service using a third-party account (such as Facebook, Google, or Apple), the third party may share certain information with us, including your name, email address, and profile picture. Your use of the third-party sign-in is governed by the third party's terms and privacy policy, not ours.

3. Biometric Information

Several states, including Illinois under the Biometric Information Privacy Act (740 ILCS 14/), regulate the collection and use of biometric identifiers such as fingerprints, voiceprints, facial geometry scans, and retinal scans. As of the date of this Policy, Rabbet does not collect biometric identifiers or biometric information from Users. Our current identity-verification process relies on documentary review, payment-instrument matching, and data-based verification, not on facial recognition, liveness detection, voice matching, or other biometric processing.

If Rabbet's identity-verification process or any other feature of the Service changes in the future to include the collection or use of biometric identifiers or biometric information, we will update this Policy, provide specific notice to affected Users, and obtain written consent where required by applicable law (including, where applicable, Illinois BIPA). We will not collect or use biometric identifiers from any User without that notice and consent.

4. Cookies, Pixels, and Similar Technologies

4.1 What We Use

We and our service providers use the following categories of technologies on the Service:

  • Strictly necessary cookies: required to operate the Service, maintain your session, authenticate you, and process transactions. These cannot be disabled without breaking core functionality.
  • Functional cookies: remember your preferences (such as language, interface settings) and improve your experience.
  • Analytics cookies and SDKs: help us understand how Users interact with the Service so we can improve it. These may be provided by third-party analytics companies (such as Google Analytics or equivalent tools).
  • Advertising and targeting cookies and pixels: used by us and our advertising partners to deliver advertising that may be relevant to you, to measure the effectiveness of advertising campaigns, and to attribute conversions. These may include the Meta Pixel, Google Ads tags, TikTok Pixel, and similar technologies.

4.2 Your Choices

You can control cookies and similar technologies through:

  • Your device settings (for example, Apple's App Tracking Transparency framework and Google's Advertising ID controls);
  • Your browser settings (most browsers let you refuse cookies, delete existing cookies, or notify you when cookies are being set);
  • Industry opt-out tools at aboutads.info/choices (for desktop) and the AppChoices app (for mobile);
  • The Global Privacy Control (GPC) signal, which we honor as a valid opt-out of sale/sharing for residents of states that recognize GPC; and
  • Our cookie preference center, available within the Service.

Disabling cookies or similar technologies may limit the functionality of the Service.

4.3 Do Not Track

Some browsers send a "Do Not Track" (DNT) signal. Because there is no industry consensus on how to interpret DNT, Rabbet does not currently respond to DNT signals differently than it responds to the absence of such signals. We do, however, respond to Global Privacy Control (GPC) signals as described in Section 8.

5. How We Use Your Information

We use personal information for the following purposes:

  • Providing the Service: creating and maintaining your User Account; operating Offers, Sponsored Offers, and Promo Offers; processing purchases and redemptions; and providing customer support.
  • Verification and compliance: verifying your identity, age, and geographic location; screening against U.S. government sanctions lists; preventing fraud and account takeover; detecting collusion, bots, and other prohibited conduct; and complying with legal, regulatory, and risk-management obligations.
  • Responsible play: administering the Player Limits, Cool-Off Period, and Self-Exclusion tools described in the Player Responsible Play Policy, and identifying patterns that may warrant a welfare outreach.
  • Communications: sending you service-related messages (for example, transaction confirmations, security alerts, policy updates), and, where you have not opted out, marketing messages about the Service, our products, and products of partners that may interest you.
  • Product improvement: analyzing usage patterns, measuring feature performance, and developing new features.
  • Advertising: delivering advertising on the Service and on third-party sites and apps, and measuring the effectiveness of our advertising.
  • Legal and protective purposes: enforcing our Terms of Use, protecting the rights, property, and safety of Rabbet, our Users, and others, responding to legal process, and addressing claims or disputes.

6. How We Share Your Information

We share personal information in the following circumstances:

  • Service providers: we share information with third parties that perform services on our behalf, including hosting, analytics, payment processing, identity verification, anti-fraud, customer support, email and push-notification delivery, and marketing operations. These service providers are contractually required to use the information only to perform services for Rabbet and to protect the information consistent with this Policy.
  • Advertising partners: as described in Section 7, we share limited information with advertising and analytics partners to deliver and measure advertising.
  • Other Users: your profile information (username, profile photo, and public statistics about your Offer activity) is visible to other Users on the Service. Content you post to public areas of the Service will be publicly available.
  • Legal and protective disclosures: we may disclose information when we believe in good faith that disclosure is required by law, necessary to comply with legal process (including subpoenas, court orders, and government investigations), necessary to enforce our Terms of Use, or necessary to protect the rights, property, or safety of Rabbet, our Users, or others.
  • Business transfers: if Rabbet is involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of all or substantially all of its assets, or other change of control, personal information may be transferred to the acquiring or successor entity. We will provide notice if your information becomes subject to a materially different privacy policy as a result.
  • With your consent: we may share information with other parties where you have given us consent to do so.

7. Advertising and Analytics

Rabbet uses advertising and analytics partners to deliver advertising across the Service and across other sites and apps. These partners use cookies, pixels, mobile identifiers, and similar technologies to collect information about your interactions with advertising and with the Service. This allows the partners to deliver advertising that may be more relevant to you, to measure campaign performance, and to attribute conversions.

You can opt out of interest-based advertising through:

  • The Digital Advertising Alliance's opt-out tool at aboutads.info/choices;
  • The Network Advertising Initiative opt-out tool at networkadvertising.org/choices;
  • The AppChoices app for mobile devices;
  • Your device's ad-tracking settings (iOS App Tracking Transparency, Google Advertising ID reset and opt-out); and
  • The Global Privacy Control (GPC) signal (recognized as an opt-out of sale/sharing for state-law purposes).

Opting out does not eliminate advertising on the Service; it reduces the extent to which advertising is personalized to you based on your prior activity.

8. Your Privacy Rights

Depending on where you reside, you may have specific privacy rights under state or federal law. The rights described in this Section 8 apply to residents of states that have comprehensive consumer privacy laws, and any specific state's unique requirements are addressed in Section 9.

8.1 Rights You May Have

Subject to verification and to exceptions set forth in applicable law, you may have the following rights:

  • Right to Know / Right of Access. You may request a list of the categories of personal information we have collected about you, the categories of sources from which the information was collected, the business or commercial purposes for which the information was collected, the categories of third parties with whom we have shared your information, and, where applicable, the specific pieces of personal information we hold about you.
  • Right to Delete. You may request that we delete personal information we have collected from you. This right is subject to exceptions, including information we must retain to complete a transaction, detect and prevent fraud, comply with legal obligations, exercise legal rights, or for other legitimate purposes permitted by law.
  • Right to Correct. You may request that we correct inaccurate personal information we maintain about you.
  • Right to Data Portability. You may request a copy of the personal information you have provided to us in a structured, commonly-used, machine-readable format.
  • Right to Opt Out of Sale or Sharing for Targeted Advertising. You may request that we stop "selling" or "sharing" your personal information (each as defined by applicable state law) and that we stop processing your information for purposes of cross-context behavioral advertising or targeted advertising. Rabbet does not sell personal information in the traditional sense, but certain advertising-cookie activity may constitute a "sale" or "share" under some state laws.
  • Right to Limit Use of Sensitive Personal Information. California residents may request that we limit the use of sensitive personal information (such as government ID numbers or precise geolocation) to those purposes strictly necessary to perform the services you have requested.
  • Right to Opt Out of Profiling. In certain states, you may opt out of profiling that produces legal or similarly significant effects on you. Rabbet does not currently engage in automated decision-making of this kind that produces such effects.
  • Right to Non-Discrimination. We will not discriminate against you for exercising any of these rights.
  • Right to Appeal. If we deny your request, you may appeal our decision by contacting us at support@rabbetgaming.com. We will respond to your appeal within the time period required by applicable state law.

8.2 How to Exercise Your Rights

To exercise any of the rights described above, please:

  • Email us at support@rabbetgaming.com; or
  • Mail a written request to: Rabbet Gaming, LLC, Attn: Privacy Request, 437 West Division St. #403, Chicago, IL 60160.

We will acknowledge your request and respond within the time period required by applicable law (generally 45 days for state-law rights, with the possibility of one extension where permitted). We will need to verify your identity before fulfilling certain requests; this typically involves confirming information you have previously provided to us. You may designate an authorized agent to make a request on your behalf, subject to our verification of the agent's authority.

8.3 Global Privacy Control (GPC)

Rabbet recognizes the Global Privacy Control (GPC) as a valid opt-out of sale and sharing of personal information for residents of states whose laws recognize GPC. When we receive a GPC signal from your browser, we will treat it as an opt-out request for that browser.

9. State-Specific Privacy Rights

This Section 9 summarizes the state-specific privacy laws currently in effect that apply to Rabbet's operations. Section 8 describes the rights available under these laws. Section 9 identifies the states in which those rights apply and any state-specific requirements.

9.1 California (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (collectively, the "CCPA"), provides the privacy rights described in Section 8. In addition:

  • Categories of Personal Information. In the twelve months preceding the date of this Policy, we have collected the following categories of personal information as defined in Cal. Civ. Code § 1798.140: identifiers (name, email, account ID, IP address); customer records information (contact details, payment information); characteristics of protected classifications (age); commercial information (purchase history); internet or network activity (usage data); geolocation data; professional information (where provided); and inferences drawn from the foregoing. We collect sensitive personal information, including government-issued identification numbers, precise geolocation (where necessary to verify operating-state compliance), and account login credentials.
  • Sale/Sharing Disclosure. Rabbet does not sell personal information for monetary consideration. Certain of Rabbet's advertising-cookie activity may constitute a "sale" or "share" under the CCPA's broader definitions of those terms. You may opt out of this activity as described in Section 8.
  • Retention. See Section 11 for our general retention policy. Retention periods for specific categories of personal information vary based on the purposes for which the information is used and applicable legal requirements.
  • California "Shine the Light" Law. California residents may request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes under Cal. Civ. Code § 1798.83. To make such a request, please email support@rabbetgaming.com.
  • Notice for California Users Under Civil Code Section 1789.3. The Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 1625 N. Market Blvd., Suite N-112, Sacramento, CA 95834, or by telephone at 1-800-952-5210.

9.2 Other States with Comprehensive Privacy Laws

The following states in which Rabbet currently operates have comprehensive consumer privacy laws in effect as of the date of this Policy. Residents of these states have the rights described in Section 8, subject to the terms of each state's law:

  • Virginia (Virginia Consumer Data Protection Act);
  • Iowa (Iowa Consumer Data Protection Act);
  • Texas (Texas Data Privacy and Security Act);
  • Tennessee (Tennessee Information Protection Act);
  • Minnesota (Minnesota Consumer Data Privacy Act);
  • Oregon (Oregon Consumer Privacy Act);
  • New Jersey (New Jersey Data Protection Act);
  • New Hampshire (New Hampshire Consumer Privacy Act);
  • Indiana (Indiana Consumer Data Protection Act, effective January 1, 2026);
  • Maryland (Maryland Online Data Privacy Act, with enforcement beginning October 1, 2026);
  • Rhode Island (Rhode Island Data Transparency and Privacy Protection Act, effective January 1, 2026).

Each of these laws provides rights generally consistent with those described in Section 8, subject to state-specific thresholds, exemptions, and procedures. To exercise rights under any of these laws, please contact us as described in Section 8.2. If we deny a rights request from a resident of a state with a comprehensive privacy law, you have the right to appeal our decision within 45 days of receipt of our denial.

9.3 Other States

If you reside in a state not listed in Section 9.1 or 9.2, you may still contact us to request access to, correction of, or deletion of your personal information. We will consider your request in good faith and respond as appropriate under applicable law and Rabbet's policies.

10. Children's Privacy

The Service is intended for adults aged twenty-one (21) or older. We do not knowingly collect personal information from children under the age of thirteen (13), and we do not knowingly collect personal information from anyone under the age of twenty-one (21). If we discover that we have inadvertently collected personal information from a child under thirteen, we will delete that information in accordance with the Children's Online Privacy Protection Act ("COPPA"). If you believe a child under thirteen has provided personal information to us, please contact support@rabbetgaming.com immediately.

11. How Long We Keep Your Information

We retain personal information for as long as necessary to provide the Service, comply with our legal and regulatory obligations, resolve disputes, enforce our agreements, and protect our legal rights. Specific retention periods depend on the category of information and the purpose for which it was collected. At minimum:

  • Account information: retained for the duration of your User Account and for at least five (5) years after account closure for recordkeeping, fraud prevention, and legal compliance purposes.
  • Transaction and verification records: retained for at least five (5) years from the date of creation, or longer as required by applicable law.
  • Communications: retained for a reasonable period, typically not exceeding three (3) years unless required to be retained longer.
  • Marketing opt-outs: retained indefinitely to ensure we honor your preference.
  • Backups: retained for business continuity purposes and purged in accordance with our backup rotation schedule.

When personal information is no longer needed for any lawful purpose, we delete or anonymize it in accordance with our internal deletion procedures.

12. Information Security

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, disclosure, alteration, and destruction. These safeguards include encryption of personal information in transit and at rest, access controls limiting access to personnel with a documented need to know, vendor due diligence, and periodic security review.

No method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your password and for any activity that occurs under your User Account. If you believe your User Account has been compromised, please contact us immediately at support@rabbetgaming.com.

13. International Users and Data Transfers

Rabbet operates in the United States, and the Service is intended for use only by residents of the United States who are physically located in an Eligible State (as defined in our Terms of Use). Personal information we collect is processed and stored in the United States. If you are located outside the United States, please do not use the Service. Rabbet does not knowingly provide the Service to, and does not knowingly collect personal information from, persons located outside the United States.

14. Third-Party Services and Links

The Service may contain links to third-party websites, applications, and services, and may allow you to interact with third-party platforms (such as Facebook, Google, Apple, and social media networks). This Policy does not apply to any third-party service. We are not responsible for the privacy practices of third parties, and we encourage you to review the privacy policies of any third-party service before providing it with personal information.

15. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, in applicable law, or in the Service. When we make a material change, we will update the "Last Updated" date at the top of this Policy and, where required by applicable law, provide additional notice (such as an email to the address associated with your User Account or an in-app notification). Your continued use of the Service following notice of a change constitutes your acceptance of the updated Policy.

16. Contact Us

For privacy-specific questions, concerns, rights requests, or complaints:

Email: support@rabbetgaming.com

Mail: Rabbet Gaming, LLC, 437 West Division St. #403, Chicago, IL 60160

You also have the right to file a complaint with your state attorney general, the Federal Trade Commission, or (for California residents) the California Privacy Protection Agency. We encourage you to contact us first so that we have the opportunity to address your concern directly.