Privacy Policy

We built Specula on a non-custodial, zero-KYC architecture. Here's exactly what data we collect, why we collect it, and how we protect it.

Last updated: March 1, 2026 GDPR Compliant No KYC Required
Launch App

Plain-language summary: Specula is a Polymarket copy trading platform. We only collect your public blockchain wallet address for authentication. We do not collect your name, email, ID, or financial information. Your private keys never leave your device.

01

Who We Are

Specula ("we", "us", "our") operates specula.app, an automated prediction market copy trading platform that enables users to mirror trades from high-performing wallets on Polymarket. Our service is designed as a non-custodial Polymarket automation tool — we never hold your funds, and we never take custody of your private keys.

This Privacy Policy applies to all visitors and users of specula.app and any associated services, APIs, or applications operated by Specula.

02

Data We Collect

2.1 Data You Provide Directly

Because Specula uses wallet-based authentication, the only identifier we collect from you is your public blockchain wallet address. This address is public on the blockchain by nature. We do not ask for, store, or process:

  • Your real name or legal identity
  • Email addresses (unless you voluntarily provide one for notifications)
  • Government-issued ID or KYC documents
  • Payment card or bank account details
  • Private keys or seed phrases — these never leave your wallet application

2.2 Trading Configuration Data

When you configure our automated trading bot, we store your settings — copy multiplier, risk limits, feature toggles, and notification preferences. This data is associated with your wallet address and is necessary to operate the service.

2.3 Automatically Collected Data

Like most web services, we automatically collect standard server-side information when you visit our platform:

  • IP address (anonymized after 7 days)
  • Browser type, version, and operating system
  • Pages visited, timestamps, and referral URLs
  • Session duration and interaction events

2.4 Subscription Transaction Data

When you subscribe via USDC payment, we record the transaction hash, chain ID, payment amount, and subscription period. Transaction hashes are publicly visible on-chain; we store them solely to verify your subscription status.

2.5 Notification Preferences (Optional)

If you choose to enable Telegram or email alerts for your prediction market bot, we store the corresponding Telegram chat ID or email address solely to deliver alerts you have requested.

03

How We Use Your Data

  • Service delivery: To authenticate your wallet, maintain your dashboard, and execute your copy trading configuration on Polymarket.
  • Subscription management: To verify USDC payments, activate plan features, and manage subscription renewals.
  • Security & fraud prevention: To detect and block unauthorized access, bot abuse, or manipulation of our platform.
  • Performance & stability: To monitor uptime, diagnose errors, and improve the reliability of our trading execution engine.
  • Notifications: To send trade alerts, cascade signals, and system updates via your chosen channels — only if you have opted in.
  • Legal compliance: To comply with applicable laws, regulations, and lawful requests from authorities.

We do not use your data for advertising, profiling, or sale to third parties.

04

Data Sharing & Third Parties

We do not sell, rent, or trade your personal data. We may share limited data with the following categories of recipients only as necessary to operate the service:

4.1 Infrastructure Providers

We use cloud hosting and database providers to run our platform under data processing agreements.

4.2 Blockchain Networks

When our Polymarket trading bot executes trades on your behalf, transaction data is broadcast to public blockchain networks. Blockchain data is inherently public and permanent by design.

4.3 Analytics

We may use privacy-respecting analytics tools (with IP anonymization enabled) to understand aggregate usage patterns.

4.4 Legal Requirements

We may disclose data if required by law, court order, or to protect the rights and safety of Specula and its users.

05

Cookies & Tracking Technologies

We use a minimal set of cookies necessary to operate the platform. For full details, please read our Cookie Policy. In summary:

  • Session cookies: Required to keep you authenticated. Expire when you close your browser.
  • Preference cookies: Store your dashboard settings and UI preferences. 30-day expiry.
  • Security cookies: Used to protect against CSRF attacks and session hijacking.

We do not use advertising cookies, tracking pixels, or cross-site trackers.

06

Data Retention

  • Active account data: Retained for the duration of your subscription and for 12 months after last activity.
  • Trade history: Retained for up to 24 months to provide performance analytics.
  • IP addresses: Anonymized after 7 days; aggregated logs deleted after 90 days.
  • Notification credentials: Deleted immediately upon removal from your settings.
  • Subscription records: Retained for 7 years to meet financial recordkeeping obligations.
07

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate data.
  • Right to erasure: Request deletion of your data, subject to legal retention obligations.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to withdraw consent: Withdraw any consent you have given at any time.

Note on blockchain data: Data recorded on public blockchains (transaction hashes, wallet addresses) cannot be deleted due to the immutable nature of blockchain technology.

08

Security

  • HTTPS/TLS encryption for all data in transit
  • Encrypted database storage with access controls
  • Session tokens using cryptographically secure random generation
  • HttpOnly, Secure, SameSite=Strict cookie flags
  • Prepared statements preventing SQL injection attacks
  • Regular security reviews and dependency audits
09

Children's Privacy

Specula is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with data, please contact us immediately.

10

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, where appropriate, provide notice via the platform dashboard. Continued use of Specula after a policy update constitutes your acceptance of the revised policy.

11

Contact Us