Privacy Policy

Effective Date: 17 November 2025

Last Updated: 17 November 2025

This Privacy Policy explains how Thalamus (“we”, “our”, or “us”) collects, uses, stores, and protects your information when you access or use Kiyotaka.ai (the “Platform”), an analytics and execution interface that allows users to connect an external wallet (e.g., MetaMask) or create an internal wallet using Privy, and place trades on Polymarket and other supported venues.

By accessing or using the Platform, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Account Information

We collect the following information when you interact with the Platform:

  • Email address (if provided)
  • Username or display name
  • Connected social accounts (e.g., X)
  • Referral information (e.g., referral codes or links, and relationships between referred users)
  • Saved user interface preferences, watchlists, layouts, indicators, alerts, and personalized settings

1.2 Wallet Information

We support two types of wallets:

(A) External Wallets (Non-Custodial)

When you connect a wallet such as MetaMask, we collect:

  • Public wallet address
  • Signed messages used for authentication

We do not collect, store, or ever ask for your private keys or seed phrase.

(B) Internal Wallets (Privy Custodial Wallets)

If you opt to create an internal wallet through Privy, we collect:

  • Wallet address
  • Encrypted metadata required to maintain your account
  • Transaction activity routed through the wallet

Privy manages private key creation and encryption. We do not have access to any unencrypted key material.

1.3 Trading & Interaction Data

To provide analytics and trade execution, we collect:

  • Markets viewed
  • Charts, indicators, and analytics interacted with
  • Search queries
  • Trades placed, executed, or canceled
  • Linked Polymarket markets and positions
  • Performance metrics, order routing metadata, and execution logs
  • Conversations with our LLM features (e.g., chat history for support or analytics queries)

1.4 Technical Information

We automatically collect:

  • IP address
  • Browser type and version
  • Device identifiers
  • Operating system
  • Approximate geolocation (derived from IP; we store only the country code for compliance and restriction enforcement)
  • Session logs (e.g., records of user activity during a visit, such as timestamps, page views, and interactions), error logs, crash reports

1.5 Cookies & Local Storage

We use cookies or browser storage to:

  • Maintain user sessions
  • Save chart settings and UI preferences
  • Store layouts, watchlists, and indicator configurations
  • Improve performance and analytics

Cookie Types (EU-Compliant Classification)

We use two categories of cookies:

Session Cookies

  • Temporary cookies that expire when you close your browser.
  • Used for authentication, routing requests, and ensuring the Platform loads correctly.

Persistent Cookies

  • Remain on your device after the session.
  • Used to store settings, layouts, user preferences, and analytics necessary for performance and reliability.

Impact of Disabling Cookies

If cookies are disabled, key Platform features—such as chart layouts, analytics tools, indicator settings, watchlists, and login persistence—may not function properly or may fail entirely.

Do Not Track

Your browser may allow you to send a "Do Not Track" (DNT) signal. The Platform does not currently respond to DNT requests due to the absence of industry standards.

Third-Party Analytics (PostHog)

We use PostHog, a privacy-focused analytics provider, to understand user behavior, diagnose issues, and improve performance. PostHog may use cookies or local storage but does not receive private keys, identity documents, or financial information.

2. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Platform
  • Authenticate users and manage login sessions
  • Create and manage Privy-generated wallets
  • Route and execute trades on Polymarket and other venues
  • Display analytics, leaderboards, preferences, and personalized content
  • Support LLM-based features, including storing conversation history to improve responses and user experience
  • Detect and prevent fraud, abuse, and unauthorized access
  • Enforce geo-restriction and compliance requirements
  • Ensure platform security and performance
  • Communicate with you regarding updates or support
  • Comply with applicable laws and regulatory requirements

We may also create aggregate, anonymized, or de-identified datasets derived from your information. Such information cannot reasonably identify you and may be used for analytics, research, product development, or publications.

3. Legal Bases (GDPR Where Applicable)

If you reside in the EEA, we process your information on the basis of:

  • Performance of a contract
  • Legitimate interests (security, fraud prevention, analytics)
  • Consent (cookies, marketing)
  • Compliance with legal obligations

4. How We Share Information

4.1 Execution Venues

To execute trades:

  • Polymarket
  • Future prediction markets or exchanges

We share only the information required for trade routing and execution.

We never share private keys or seed phrases.

4.2 Service Providers

We use trusted third-party service providers for:

  • Cloud hosting
  • Databases and analytics
  • Error monitoring (e.g., Sentry)
  • Authentication and wallet creation (Privy)
  • Customer support tools

All service providers are bound by confidentiality obligations.

4.3 Business Transfers

We may transfer your information in connection with mergers, acquisitions, financings, reorganizations, bankruptcy events, asset sales, or similar corporate transactions. We will take reasonable steps to ensure the recipient upholds the commitments of this Privacy Policy.

4.4 Legal & Compliance

We may share information when:

  • Required by applicable law
  • Necessary to enforce our Terms of Service
  • Needed to investigate fraud, security incidents, or abuse

4.5 No Selling of Data

We do not sell personal data, including wallet addresses, trading history, or analytics.

5. Data Security

We implement industry-standard measures:

  • Encryption in transit and at rest
  • Privy-managed key encryption for custodial wallets
  • Access controls and audit logging
  • Segregated production and development environments
  • Regular security assessments
  • Secure internal API communication

No online system is fully secure, but we will notify affected users of any material breach in accordance with applicable law.

6. Data Retention

  • Trading and execution logs: 5–7 years
  • Device logs and analytics: 30–365 days
  • UI preferences: until deleted or account closed
  • Privy wallet metadata: until account closure or withdrawal
  • LLM conversation history: a limited period, typically up to 365 days, for support and improvement purposes

We will delete or anonymize personal data upon request where legally allowed.

7. International Transfers

Your information may be processed in:

  • United States
  • European Union
  • Singapore
  • Other regions where service providers operate

We apply safeguards such as Standard Contractual Clauses where appropriate.

8. Geo-Restrictions & Compliance Enforcement

We may restrict certain functionality and disable trading access for users in certain jurisdictions, including:

  • United States
  • Singapore
  • Malaysia
  • Sanctioned or embargoed countries

We may use IP addresses, device metadata, or other indicators to enforce restrictions.

Attempts to circumvent geo-blocking may result in suspension or wallet limitations.

9. User Rights

Depending on jurisdiction, you may have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Request data export
  • Object to processing
  • Withdraw consent (where applicable)

Contact to exercise these rights.

10. Non-Custodial Limitations

For external wallets (MetaMask, WalletConnect, etc.):

  • We do not store private keys, seed phrases, or recovery data.
  • We cannot recover lost wallets.
  • All blockchain transactions must be approved by you.
  • Transactions are irreversible once submitted.
  • We cannot reverse, cancel, or modify on-chain activity.

For internal (Privy) wallets:

  • Private keys are generated and encrypted by Privy.
  • We do not have access to raw key material.
  • You are responsible for actions taken using your account.

11. Children's Privacy

The Platform is not intended for users under 18.

We do not knowingly collect data from minors.

12. California Privacy Notice (CCPA/CPRA)

California residents have the right to:

  • Request access to categories or specific pieces of personal information
  • Request deletion (subject to legal exceptions)
  • Request correction of inaccurate information
  • Know whether information is disclosed and to whom
  • Opt out of the sale or sharing of personal information (we do not sell data)

Submit requests to .

We may request identity verification before processing.

Under Civil Code §1798.83, California residents may request information regarding disclosures for direct marketing purposes once per calendar year.

13. Changes to This Privacy Policy

We may update this Policy periodically.

The "Last Updated" date will reflect changes.

Material updates may be communicated via email or in-app notification.

14. Contact Us

For privacy-related inquiries, please contact us by e-mail at .

Intelligence Meets Execution
Follow us on
X
Discord
KiyotakaEcosystemBlogStories
ProductsChartLiquidationskScreener HubkScript Hub
LearnCode with kScriptOrderbook Heatmap
PlatformStatusDisclaimerTerms & ConditionsPrivacy Policy
Copyright © Kiyotaka 2025.
Kiyotaka. All Rights Reserved