Privacy Policy
1. Introduction
EdgeScan (“we”, “us”, “our”) operates the prediction market intelligence platform at edgescan.io. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our services.
2. Information We Collect
Account information: Name, email address, password (managed by Clerk), profile photo, timezone, and language preference.
Financial information: Subscription plan, payment history, and Stripe customer ID. We do not store credit card numbers — all payment processing is handled by Stripe (PCI-DSS Level 1 certified).
Platform connections: Public wallet addresses (e.g., Polygon addresses for Polymarket), read-only API keys for connected prediction market platforms.
Usage data: Pages visited, features used, scan frequency, signals viewed, bot configurations, paper trading activity.
Device and technical data: IP address (hashed after 30 days), browser type, operating system, referring URL, and access timestamps.
3. How We Use Your Information
We use your information to provide and maintain our platform, process payments and manage subscriptions, deliver signals and alerts via your preferred channels, improve our AI probability models, prevent fraud and abuse, comply with legal obligations, and communicate product updates and security notices.
4. Data Sharing
We do not sell your personal information. We share data only with trusted service providers who help us operate our platform:
Clerk: Authentication and user management. Stripe: Payment processing. Supabase: Database hosting. Vercel: Application hosting and analytics. Upstash: Rate limiting and caching.
We may also disclose information if required by law, to protect our rights, or in connection with a merger or acquisition.
5. Data Security
We implement industry-standard security measures including TLS 1.3 encryption for all data in transit, AES-256-GCM encryption for sensitive data at rest, row-level security (RLS) in our database, regular security audits following OWASP Top 10 guidelines, rate limiting on all API endpoints, and comprehensive audit trails for all user actions.
6. Data Retention
We retain your data for the duration of your account plus 90 days after deletion. Financial records are retained for 7 years as required by law. IP addresses are hashed after 30 days. You can request immediate deletion by contacting privacy@edgescan.io.
7. Your Rights
You have the right to access your personal data, correct inaccurate data, delete your account and data, export your data in machine-readable format, object to certain processing activities, and withdraw consent for optional processing. Exercise these rights via your dashboard Settings or by contacting privacy@edgescan.io.
8. Cookies
We use minimal cookies required for authentication and language preference. We do not use advertising or tracking cookies. See our Cookie Policy for details.
9. International Transfers
Your data may be processed in the United States and European Union. All transfers are protected by Standard Contractual Clauses (SCCs). See our GDPR Compliance page for details.
10. Children's Privacy
EdgeScan is not intended for users under 18 years of age. We do not knowingly collect personal information from children.
11. Changes to This Policy
We will notify you of material changes at least 30 days in advance via email. Continued use after notification constitutes acceptance.
12. Contact
For privacy inquiries, contact us at privacy@edgescan.io. For GDPR-specific requests, contact our Data Protection Officer at dpo@edgescan.io.