Privacy Policy

1. Information we collect

• Wallet information, such as public wallet addresses, chain identifiers, and connection state.
• Usage and device information, such as IP address, approximate location, browser details, device identifiers, page views, referrers, and diagnostic events.
• Eligibility and compliance information, such as country or region signals, geoblock results, sanctions or abuse-screening signals, wallet address, timestamps, and the feature or request being evaluated.
• Trading-related metadata, such as order parameters, order status, market identifiers, venue responses, request identifiers, and encrypted third-party session material where a feature requires it.
• Support or feedback submissions, including the text you send, timestamps, and any contact details you choose to provide.

2. How we use information

We use information to operate the service, display market and trader data, secure accounts and sessions, investigate abuse, communicate about support requests, and improve product quality.

When trading is enabled, we also use wallet, IP, and order metadata to enforce eligibility, prevent misuse, and relay your authorized requests to third-party venues.

3. Compliance, IP data, and approximate location

We may process your IP address and derive approximate location data to decide whether trading features should be available in your current location.

Approximate location is used for compliance gating, fraud prevention, abuse detection, rate limiting, support review, and operational logging. We do not promise that geolocation is perfect, and an unknown result may cause trading to stay blocked.

VPN, proxy, relay, or remote desktop usage is not automatically prohibited, but you must not use any of those methods to disguise a restricted location, residence, domicile, citizenship or nationality where applicable, or to bypass a venue or product restriction. We may use IP intelligence and request metadata to detect or investigate suspected circumvention.

4. Cookies, local storage, and analytics

We use cookies, local storage, and similar browser storage for session continuity, UI preferences, wallet connection state, and product analytics.

Wallet-connected trading features may use browser storage and server-side encrypted session records to maintain a trading session, remember legal acknowledgements, and reduce repeated signing prompts. Clearing browser storage, disconnecting a wallet, or session expiry may require you to reconnect or sign again.

Analytics and hosting providers may receive technical event data needed to measure performance, diagnose issues, and prevent abuse.

5. Third-party services and sharing

We share information with service providers only to the extent needed to run the product. Depending on the feature, this may include infrastructure providers, analytics vendors, wallet tooling vendors, error tracking providers, and third-party market venues.

We may disclose information when required by law, to respond to lawful requests, to protect rights and safety, or in connection with a corporate transaction.

• Public wallet addresses and on-chain activity may already be visible on public blockchains or public APIs.
• If you submit an order, relevant request data may be transmitted to Polymarket or another third-party venue so the order can be evaluated or executed.
• If you use wallet tooling, your wallet provider may separately process your wallet address, device, IP, and transaction or signature metadata under its own policies.

6. Retention

We retain information for as long as reasonably necessary to operate the service, comply with legal obligations, resolve disputes, and enforce agreements.

Retention periods may vary by data category. Compliance logs, support records, geoblock decisions, legal-acknowledgement records, and encrypted session material may be kept longer than routine analytics events when needed for security, anti-circumvention, dispute, or legal reasons.

7. Security

We use administrative, technical, and organizational measures intended to protect information we control. No internet service or storage system is perfectly secure, and we cannot guarantee absolute security.

If a feature stores third-party session material server-side, Kestrell intends to store it in encrypted form, keep it separate from wallet private keys and seed phrases, and limit access to the minimum necessary for the feature to function.

8. International use and transfers

Kestrell and its service providers may process information in multiple countries. By using the service, you understand that your information may be transferred to and processed in places where data protection laws differ from those in your home jurisdiction.

9. Your choices and rights

Depending on your location, you may have rights to access, correct, delete, or restrict certain personal information, and to object to some processing activities.

To make a privacy request, contact Blue Label Services - FZCO, IFZA Properties, Dubai Silicon Oasis, DSO-IFZA, Dubai, United Arab Emirates. We may need to verify your request and may not be able to honor it when an exemption or legal obligation applies.

10. Minors

Kestrell is not directed to minors and is not intended for anyone under 18 or under the age of majority where they live. Do not use Kestrell or submit personal information if you are not eligible to use the service.

11. Changes and contact

We may revise this Privacy Policy by posting an updated version here. Material updates may also be surfaced in-product when practical.

Questions about this policy should be sent to Blue Label Services - FZCO, IFZA Properties, Dubai Silicon Oasis, DSO-IFZA, Dubai, United Arab Emirates.