Skip to content

Privacy Policy

Last updated: April 2, 2026

SatoriEx Pte. Ltd. ("SatoriEx," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use the SatoriEx prediction market platform, including our website, APIs, and mobile applications (collectively, the "Platform").

By using the Platform, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use the Platform.

1. Information We Collect

We collect the following categories of information:

1.1 Account Information

  • Email address and display name;
  • Password (stored as a bcrypt hash; we never store or access your plaintext password);
  • Referral codes and referrer information.

1.2 Identity Verification (KYC)

  • Full legal name, date of birth, and nationality;
  • Government-issued identity documents (passport, national ID, or driver's license);
  • Proof of address documents;
  • Selfie or biometric verification images;
  • KYC tier status and verification timestamps.

1.3 Financial & Trading Data

  • Blockchain wallet addresses connected to your account;
  • Deposit and withdrawal transaction records;
  • Trading activity, including order history, positions, and profit/loss;
  • Account balances and ledger entries;
  • Copy trading preferences and followed traders.

1.4 Technical & Device Data

  • IP address, browser type, and operating system;
  • Device identifiers and screen resolution;
  • Referring URLs and pages visited;
  • Timestamps of access and session duration;
  • Language preferences.

1.5 Communications

  • Support tickets and correspondence with our team;
  • Dispute filings and associated evidence;
  • Market proposals and comments.

2. How We Use Your Information

We process your personal information for the following purposes:

  • Service Provision: To create and manage your account, process trades, handle deposits and withdrawals, and provide customer support;
  • Identity Verification: To perform KYC checks and comply with anti-money laundering (AML) regulations;
  • Fraud Prevention & Security: To detect and prevent market manipulation, wash trading, unauthorized access, and other prohibited activities;
  • Regulatory Compliance: To meet our obligations under applicable financial regulations, tax reporting requirements, and law enforcement requests;
  • Platform Improvement: To analyze usage patterns, optimize performance, and develop new features;
  • Communications: To send transaction confirmations, security alerts, market resolution notifications, and (with your consent) marketing communications;
  • Dispute Resolution: To investigate and resolve market disputes and user complaints.

3. Legal Basis for Processing

We process your personal information under the following legal bases, in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws:

  • Contract Performance: Processing necessary to provide the Platform services you requested (account management, trade execution, deposits and withdrawals);
  • Legal Obligation: Processing required to comply with applicable laws, including KYC/AML regulations, tax reporting, and responding to lawful requests from authorities;
  • Legitimate Interest: Processing necessary for fraud prevention, platform security, analytics, and service improvement, where our interests do not override your fundamental rights;
  • Consent: Processing based on your explicit consent, such as marketing communications and optional analytics. You may withdraw consent at any time.

4. Data Sharing & Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

  • Service Providers: Trusted third parties that assist with KYC verification, cloud hosting, analytics, and customer support, bound by contractual data protection obligations;
  • Regulatory & Legal: Government authorities, regulators, or law enforcement agencies when required by applicable law, court order, or regulatory investigation;
  • Blockchain Data: Certain transaction data (wallet addresses, transaction hashes) is inherently public on the blockchain and visible to anyone;
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity;
  • With Your Consent: When you explicitly authorize disclosure to a third party.

5. International Data Transfers

SatoriEx operates primarily in the Asia-Pacific region with infrastructure in Singapore and other jurisdictions. Your personal data may be transferred to and processed in countries outside your country of residence.

Where we transfer data outside jurisdictions with adequate data protection laws, we implement appropriate safeguards, including:

  • Standard Contractual Clauses approved by relevant data protection authorities;
  • Adequacy decisions where available;
  • Binding corporate rules for intra-group transfers;
  • Your explicit consent where required.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide the Platform services and maintain your account;
  • Comply with legal obligations (KYC/AML records are typically retained for 5โ€“7 years after account closure, as required by applicable regulations);
  • Resolve disputes and enforce our Terms of Service;
  • Maintain financial and audit records.

When your data is no longer required, we will securely delete or anonymize it. Trading data may be retained in anonymized form for market integrity analysis.

7. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in Transit: All communications between your browser and our servers use TLS (Transport Layer Security);
  • Password Security: Passwords are hashed using bcrypt with appropriate cost factors;
  • Session Security: Authentication tokens are stored in HttpOnly, Secure cookies to prevent cross-site scripting attacks;
  • Access Controls: Role-based access control (RBAC) limits employee access to personal data on a need-to-know basis;
  • Infrastructure: Hosted on enterprise-grade cloud infrastructure with network isolation, DDoS protection, and regular security audits;
  • Monitoring: Automated threat detection and logging of access to sensitive systems.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you;
  • Right to Rectification: Request correction of inaccurate or incomplete personal data;
  • Right to Erasure: Request deletion of your personal data, subject to legal retention obligations;
  • Right to Data Portability: Request your data in a structured, machine-readable format;
  • Right to Restrict Processing: Request that we limit how we process your data in certain circumstances;
  • Right to Object: Object to processing based on legitimate interests or for direct marketing;
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before processing your request. Note that certain data may be exempt from deletion due to legal obligations (e.g., KYC/AML records).

9. Cookies & Tracking Technologies

We use the following types of cookies and tracking technologies:

  • Essential Cookies: Required for Platform functionality, including authentication and session management. These cannot be disabled;
  • Analytics Cookies: Help us understand how users interact with the Platform to improve performance and usability. These are only set with your consent;
  • Preference Cookies: Store your language selection and display preferences.

You can manage cookie preferences through your browser settings. Disabling essential cookies may prevent you from using certain Platform features.

10. Children's Privacy

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a person under 18, we will take steps to delete that information promptly. If you believe a minor has provided us with personal data, please contact us at [email protected].

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Material changes will be communicated via email or a prominent notice on the Platform at least 14 days before they take effect.

We encourage you to review this Privacy Policy periodically. Your continued use of the Platform after changes take effect constitutes acceptance of the updated policy.

12. Contact & Data Protection Officer

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

If you are located in the European Economic Area and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.