The Value Betting Blog

The Simple Science of Profitable Betting

Join the Value Betting Community
New Articles, Betting Resources, Exclusive Offers and More


GDPR Notice
The purpose of this form is to subscribe you to our newsletter. We inform you that our mailing list is hosted and 100% protected with Getresponse ; and that your rights of access, rectification, limitation and deletion are guaranteed as specified in our privacy policy.

How To Get Your Betting Account Unrestricted

How To Get Your Betting Account Unrestricted

Having your profitable betting account restricted is demoralising. In my view, it’s also unethical. Well, we found a loophole, check this out…

Now, this article is specifically about beating the system; a how-to article on how our own @Miguel_Figueres was able to get unrestricted.

For methods to sidestep getting restricted at all, check this out – 6 Ways To Beat Bookmaker Betting Limits

For my rant and explanation of the possible illegality of account restrictions, go here – Are Betting Account Limits Illegal?

But now, let’s get into how we got unrestricted, step by step:

Summary

The Method

You give quite a bit of information about yourself by just joining a betting site. Information used to categorise, monitor, and ultimately – limit you.

But, thanks to legislation brought about in the European Union, you now also have the ‘right to be forgotten’. Thanks to this wide-ranging piece of legislature called the GDPR, privacy for consumers has become more secure, information has become more accessible and most importantly for us: It must be erased at our request.

The theory is simple. We get limited, due to being seen as a problem, they do this by identifying you as profitable and categorising you. But, if that identification were to be ‘forgotten’, why couldn’t we just sign up again? A clean slate, they legally can not have us on their file.

It all sounds a bit wishy-washy, but it’s not, they aren’t going to breach Europe-wide and binding legislation just to keep you on file and avoid you taking their money; you, a single profitable bettor.

Here’s how we did it; a 100% success rate so far:

Step 1 – Get Clarification (Well.. Try)

First, we just wanted to understand why we were limited.

Ask for their justification within the terms and conditions (preferably by email). Why did they limit you?

Take screenshots or save the emails of their reasoning, maybe they’ll scare into lifting those limits, maybe they’ll slip up and give you grounds to argue. Probably not, but get what you can out of them. This is just doing your due diligence.

Step 2 – Close Your Account

Your account is limited and unusable. You have asked for and received their vague and sketchy justification. First, withdraw any money you have in your account, then get out of there!

You can either close your account via chat or email, we suggest email. It keeps everything on file.

Step 3 – Request Deletion Of Details

Here is where the GDPR legislation comes in. We can now exercise our ‘right to be forgotten’, they then have 30 days to respond.

Here is the message Miguel sent:

“Good morning,

I want to exercise my right to cancel and forget my Personal Data in accordance with the RGPD.

I indicate my data:

Name: Miguel
Surname: Figueres Moreno
National Identity Card Number: XX.XXX.XXX-X

I would appreciate it if you could let me know when my right to be forgotten becomes effective.

Thank you.

Greetings”

Attached to this email will be your ID, if it’s not there they will request it.

The response came swiftly:

“Good morning Miguel,

I acknowledge receipt of your request for deletion and destruction of your personal data existing in the Bookmaker System.

Your account in the Bookmaker system (ID XXXXXXX) was cancelled on October X, 2018 at XX:XX: XXpm, so neither you nor anyone else will ever be able to access your account again.

Regarding the destruction and elimination of your data, I inform you that the necessary measures established by law have been taken to cease the processing of your Personal Data given the termination of the contractual relationship between both parties. Therefore, you have been eliminated as the recipient of any communication from us or from companies of the (bookmaker) Group. Likewise, I inform you that the information we keep about you in the (bookmaker) System cannot be deleted based on the legal requirements that oblige us to keep it for the legally established period of time. Once this period of time has expired, all information regarding the account you created in (bookmaker) will be deleted.

If you have any further questions please review our Privacy Policy on our website

www.(bookmaker).es

or contact us.

I take this opportunity to send you a cordial greeting.”

That easy.

Step 4 – Request Access To Information

Next, we sought clarity from the bookie, we used another clause in the GDPR, asking for access to any and all information they are required to keep. They again have 30 days to respond.

Here’s Miguel’s message:

“Hello, I wish to exercise my right of access, according to the RGPD, to the personal data that they continue to store, as well as to be told the period during which they will be stored.

I indicate my data:

Name: Miguel
Surname: Figueres Moreno
National Identity Card Number: XX.XXX.XXX-X

I hope you will send me complete information, that is, ALL the data of mine or relating to my person or user that you continue to save and the period during which you will save it and the purpose of keeping that data.

Thank you very much.”

(Attach your ID card again).

Then we received this email in reply:

“Good morning Miguel,

Regarding the complete list of Personal Data in our records regarding account XXXXXXX, I inform you that they are the following:

Name and Surname
DNI
Date of Birth
Sex
Nationality
Residence
Country
Province
Location
Address
CP
Phone
Email account and newsletter account
IP Access to our bookie

As for the account that you kept on our (Bookmaker), I inform you that it has been cancelled so that it will no longer be accessible by you or anyone else.

In addition, I inform you that regarding your request for destruction and deletion of your data, the necessary measures established by law were taken to cease the processing of your Personal Data given the termination of the contractual relationship between both parties. Therefore, you have been eliminated as the recipient of any communication from us or from companies of the (Bookmaker) Group. Likewise, I inform you that the information we keep about you in the (Bookmaker) System cannot be deleted based on the legal requirements that oblige us to keep it for the legally established period (5 years from the cancellation of the account). After this period has expired, all information regarding the account you created on (bookmaker) will be deleted.”

So.. they are required to keep a lot. It’s unclear why they hold onto our IP, but it is simple to use an alternate one.

But, in the nature of the legislation and the reasoning they provided for keeping the information, the information kept is not to be used for any reason other than to comply with legal procedures. The information is not theirs to use, they may only store it, in compliance with Art.17, 3.b:

for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

After completing all these steps, having all information recorded, and seemingly being free from identification – it was time to test if that was in fact true…

Step 5 – Open A New Account

It seems a bit brazen, doesn’t it? We don’t mind.

Open a new account, with a new username, different email, and preferably using a different IP address. Of course, you are again providing them with the same identity, ID Card number, address, etc… but they have no right to use that information to identify you as a “problem” again. That information was ‘forgotten’.

Any means they have for matching you against their usable records should be void, they have no information regarding you that is able to be acted upon.

Right now, using this method, we are 1/1. This worked perfectly, a new account for a seemingly new user, no limits and free to bet once again, for now…

And this year we are trying the same with another bookie, one that said that they would never limit profitable bettors

Final Word

This is just one method we have used to get our betting account unrestricted, there are other legal avenues and more people pushing back against bookmaker methods. We will continue to update you all on any other methods we find.

So, just five steps:

  1. Get clarification
  2. Close account
  3. Request deletion of details
  4. Request access to information
  5. Open a new account

We did it in this order, but there is a case that you should swap step 3 and 4, here’s why:

You may want to exercise your ‘right to access’ before asking for deletion of all the data. If they have processed your data and categorised you as “profitable bettor”, perhaps you will receive that info. From Article 15.1:

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:

a. the purposes of the processing;

b. the categories of personal data concerned;

c. the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;

d. where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

There is quite a bit of nuance when dealing with the GDPR, it is still a relatively new piece of legislation.

The GDPR is only applicable in the European Union, but, as the UK has decided to exit the EU they have drafted up their own legislation that mirrors the GDPR, which is very creatively called the UK-GDPR…

While the GDPR may not have international application yet, it has certainly broken new ground and will affect the privacy laws of other nations. As for current privacy legislation in places like the US, Australia, Canada, etc – I’ll go through that in a future article, subscribe to the newsletter to be notified!

The GDPR, for us, has yielded only positive results. Let’s hope it’s enforced and sets a new standard for international privacy.

Test The Method For Yourself

I would be fascinated to hear how the rest of you go using this method.

Will bookmakers find a way to plug this loop-hole?
Will the GDPR scare them too much?
Do bookmakers ‘remember’ your details and quickly re-limit you?

It’s in the early stages but please give it a go, let us know how it goes and hopefully, you can get the same results we did!

As Always, Happy (Value) Betting

Comentarios
  1. Hey,

    I tried this technique with Bet365 yesterday and thought would be worth sharing what they told me! This is what they said when I requested for my details to be deleted after I had deactivated my account (as per step 3):

    ‘We understand that customers have genuine concerns about how their data is kept and also if their data is wrongly disclosed, improperly used, inaccurate or held for an indefinite period.

    In order to comply with bet365’s legal and regulatory requirements and our own internal risk management procedures, we are unable to delete your personal information. For details on how this information will be used by bet365, please refer to our Privacy Policy which can be found by scrolling to the bottom of the site and selecting Privacy Policy.

    We will keep your data for the period that you are a customer of bet365 and we will ensure that it is appropriately protected and only used for acceptable purposes. If you are no longer a customer of bet365, we will retain your data for a period as required by the relevant legal and regulatory requirements at the time. For details on why we process your Personal Data and our legitimate interests in doing so, please refer to our Privacy Policy which can be found by scrolling to the bottom of the site and selecting Privacy Policy.

    If you are concerned that any data we have about you may be incorrect, please do contact us and let us know what you believe is wrong with your information and what you think we need to do to correct it.’

    The key bit I took away from this vague response is ‘If you are no longer a customer of bet365, we will retain your data for a period as required by the relevant legal and regulatory requirements at the time.’ I decided to jump onto the live chat to see if I could get further clarification on this ‘period as required’ and they told me it is a minimum of 5 years. 5 years! Unsure what to do next, wonder if anyone else has had the same experience with Bet365 here in the UK.

    Regards,

    Tom

    1. Jake Windram-Ashby

      Hey Tom,

      Yeah I think it is still a real grey area.

      yes, they have the right and obligation to keep the data, but they must “block” that data. Only authorities can use it.
      According to Article 17.3, they can keep the data only:

      (b) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

      So, theoretically you could still create a new account and shouldn’t be identified by the data they ‘keep’.

      Have you tried reopening an account?

Leave a Reply