Legal

Privacy Policy

What we collect, why we collect it, and what we never do with it.

⚠ DRAFT — pending review by qualified counsel. These terms will be updated.Last revised: 2026-05-24

01 Information We Collect

We collect only what we need to run your bot and your account:

  • Application data: name, contact (email, Telegram handle, or Discord tag), starting capital, trading experience, optional reason for applying, optional invite code.
  • Account data: chosen username and password hash, Telegram chat ID if you link notifications.
  • Wallet data: your USDC.e wallet address and — if you use a generated wallet — its encrypted private key.
  • Session data: IP address at login, session token, browser user-agent.
  • Trade data: every signal evaluated, every order placed, every settlement, fees accrued.

02 How We Use Information

We use your information to: operate the bot on your behalf, deliver trade notifications to your chosen contact, generate the tax ledger you can export, detect abuse and fraud, and improve the trading strategy across the user base in aggregate.

We do not use your data for advertising. We do not build behavioral profiles for resale.

03 Information Sharing

We share data only where the function of the Service requires it:

  • Polymarket: every trade your bot places is broadcast to the Polymarket CLOB and recorded on the Polygon blockchain. Your wallet address and trade history are publicly visible on-chain.
  • Telegram: if you connect Telegram notifications, the messages we send you pass through Telegram's servers under their privacy terms.
  • Infrastructure providers: our hosting provider stores encrypted account data on our behalf under their standard terms.

We do not sell your personal data. We do not share it with advertisers. We will disclose data only in response to a valid legal process or to protect against fraud or serious harm.

04 Data Retention

  • Trade ledger: retained indefinitely for your tax records and ours.
  • Audit and signal logs: retained for 12 months for debugging and strategy review.
  • Session tokens: expire after 30 days of inactivity.
  • Encrypted wallet keys: retained while your account is active and for a brief reconciliation window after closure.

05 Security

We take reasonable engineering precautions: private keys are encrypted at rest, passwords are stored as bcrypt hashes, traffic between you and the Service is served over HTTPS, and administrative access is restricted.

We do not claim perfect security. No internet-connected system is invulnerable. You accept the residual risk of server-side key storage by using the Service.

06 Your Rights

You can: export your full trade ledger from the client portal at any time, update your contact details, rotate your wallet keys, and request deletion of your account.

Deletion requests will be honored for personal data not subject to tax-record retention obligations. Trade ledger entries and on-chain transactions cannot be deleted from the blockchain.

07 Cookies and Sessions

We use a single HttpOnly session cookie to keep you logged in. We do not use third-party analytics cookies, advertising pixels, or cross-site trackers.

08 Children's Privacy

The Service is not directed to anyone under 18. We do not knowingly collect data from minors. If you believe a minor has registered, contact us and we will remove the account.

09 International Users

The Service is operated from the United States. If you use the Service from outside the US, your data is transferred to and processed in the US. You are responsible for determining whether your use complies with the laws of your jurisdiction.

10 Changes and Contact

We may update this policy at any time. The "Last revised" date at the top reflects the latest change. Material changes will be communicated through the client portal.

Questions: [email protected] [placeholder — operator to confirm address]. WEBSALE LLC · Tracy, California.