Last updated: 27 May 2026

Privacy Policy

This Privacy Policy explains how Paridesk ("we", "us", "our") collects, uses, and protects your information when you use our service. We respect your privacy and are committed to protecting your personal data.

1. Information We Collect

Automatically Collected

• IP address — used to detect your country for geographic restrictions enforcement. We do not store IP addresses with persistent user records; they are processed transiently per-request.
• Browser and device data — user agent, screen size, language preference. Used for analytics and bug diagnosis.
• Usage data — pages visited, features used, time spent. Aggregated and anonymised where possible.

Provided by You

• Email address — collected via Privy when you sign up. Used for authentication and (optionally) product updates.
• Wallet address — your public blockchain address. Used to display your positions and trade history.
• Trade history — orders you place via Paridesk are recorded on-chain by Polymarket. We may temporarily cache this data to improve performance.

What We Do Not Collect

• Private keys, seed phrases, or wallet passwords — we never have access to these
• Government-issued ID or proof of address — Paridesk does not perform KYC
• Banking or payment card information — all funds move via blockchain only

2. How We Use Information

• To provide the Service (display markets, route trades, show your positions);
• To enforce geographic restrictions (via IP geolocation);
• To authenticate you (via Privy);
• To debug issues, prevent abuse, and improve the product;
• To comply with legal obligations (including sanctions screening).

3. Third-Party Services

We rely on the following third-party services to operate Paridesk. Each has its own privacy policy.

• Privy — authentication and wallet management. Privy privacy policy
• Polymarket — underlying prediction market protocol. We send order data to Polymarket's servers when you place trades.
• Polygon — blockchain on which transactions are recorded. All on-chain data is permanent and public.
• Vercel — our cloud hosting provider. They may log access requests for security and operations.

4. Data Storage and Security

We store minimal data. Your authentication credentials (CLOB API keys, used to sign trades) are stored in encrypted HTTP-only cookies that expire after 30 days. They are never accessible to client-side JavaScript and cannot be exfiltrated via cross-site scripting attacks.

We use industry-standard security practices, including HTTPS for all traffic, server-side authentication, and isolated production environments. However, no internet-based service is 100% secure.

5. Your Rights (GDPR, CCPA, UK DPA)

If you are a resident of the EU, UK, or California, you have the right to:

• Access — request a copy of the personal data we hold about you;
• Rectification — request correction of inaccurate data;
• Erasure — request deletion of your data (subject to legal obligations);
• Portability — receive your data in a machine-readable format;
• Object — object to certain types of processing;
• Withdraw consent — where processing is based on consent.

To exercise these rights, contact us at support@paridesk.com. We will respond within 30 days.

Important: On-chain data (blockchain transactions) cannot be deleted, as it is recorded by the public Polygon network. Deletion requests can only apply to data we hold off-chain.

6. Cookies

We use the following cookies:

• paridesk_geo — stores your detected country and trading mode. Expires after 1 hour. Essential for the Service.
• paridesk_clob_creds — encrypted authentication credentials. HTTP-only (not accessible to JavaScript). Expires after 30 days.
• privy-* — set by Privy for authentication. See their privacy policy.

All cookies are strictly necessary for the Service to function. We do not currently use advertising or tracking cookies.

7. Children

Paridesk is not intended for users under 18. We do not knowingly collect data from minors. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

8. International Transfers

We operate in the United Kingdom and our cloud infrastructure is located in the European Union (Frankfurt). Some third-party services (such as Privy, Polymarket) may transfer data internationally, subject to their own safeguards.

9. Changes to This Policy

We may update this Privacy Policy. Material changes will be posted with a revised "Last updated" date.

10. Contact

Questions about your data? Contact us at support@paridesk.com.