Privacy policy
Last updated July 17, 2026
The short version: we collect what a trading platform needs to run — your account details, your trades and your money movements — and nothing built for advertising. We do not sell your data, and we never will.
What we collect
- Account data — your email address, username and password. The password is stored only as a hash by our authentication provider; we cannot read it.
- Trading data — the markets you create, the positions you open and close, your votes on community resolutions, and your chat messages.
- Payment data — deposit and withdrawal requests: amounts, currencies, transaction references and the crypto payout addresses you give us. We never see or store card numbers or bank credentials — there are none on the platform.
- Technical data — your IP address and the country it maps to. We use these for rate limiting, abuse prevention and the sign-up country check described on the about page. We do not build browsing profiles.
- Support mail — anything you email us, so we can answer and keep a record of disputes.
How we use it
Everything above is used to run the platform: executing and settling your trades, reviewing deposits and withdrawals, resolving disputes, stopping bots and multi-accounting, enforcing the country restriction at sign-up, and sending you transactional email (such as a withdrawal confirmation). That is the whole list.
We do not sell or rent personal data, we do not share it with advertisers, and we do not use it to train recommendation or profiling systems.
Who else touches your data
We use a small number of infrastructure providers, each processing only what its job requires:
- Supabase — hosts our database and authentication, so account and trading data lives on its infrastructure.
- Cloudflare Turnstile — the captcha at sign-up; Cloudflare sees your IP address and browser signals to tell humans from bots.
- Resend — delivers our transactional email, so it processes your email address and the content of those messages.
- Market data feeds — Global markets are read from the Polymarket and Kalshi public APIs. Data flows one way: we read prices from them and send them nothing about you.
How long we keep it
Account and trading data is kept while your account exists. Records of deposits, withdrawals and resolved markets are kept after account closure for as long as needed to handle disputes and meet record-keeping obligations, then deleted. Rate-limiting data (IP hit counts) is short-lived and held in memory only.
Security
Passwords are hashed, transport is encrypted (HTTPS), database access is restricted by row-level security so users can only read their own records, and every movement of funds passes a manual human review before it executes. No system is unbreachable — if a breach ever affects your data, we will tell you what happened and what we are doing about it.
Your rights
You can ask us at any time to show you the personal data we hold about you, correct it, export it, or delete your account and its data (subject to the retention of financial records described above). If you are in a jurisdiction with statutory privacy rights such as the GDPR, these requests are how we honour them. Email support@call-it-now.com — we answer within 30 days.
Under 18s
Callitnow is strictly 18+. We do not knowingly collect data from anyone under 18, and an account found to belong to a minor is closed and its data deleted.
Changes to this policy
If we change what we collect or who processes it, we will update this page and announce material changes before they take effect. The date at the top always reflects the current version.
Questions about your data? Email support@call-it-now.com, or read the terms of service for the rules of the platform itself.