Privacy Policy

Last updated: February 18, 2026

1. Introduction

Mantikos AI (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Mantikos AI platform and services (the “Service”). Please read this Policy carefully. If you disagree with its terms, please discontinue use of the Service immediately.

2. Information We Collect

A. Information You Provide Directly

  • Account registration data (name, email address, password hash);
  • Billing information (processed by Stripe — we do not store raw card data);
  • Risk preference settings and trading configuration parameters;
  • Kalshi API key (stored encrypted with AES-256-GCM — never in plaintext); and
  • Communications you send to us (support requests, feedback).

B. Information Collected Automatically

  • Trade data and performance metrics from your Kalshi account via API;
  • Device information (browser type, operating system, IP address);
  • Usage data (pages visited, features used, session duration);
  • Log data (access times, error logs, API call logs); and
  • Cookies and similar tracking technologies (see Section 7).

C. Information from Third Parties

  • Authentication data from Clerk (our identity provider);
  • Payment confirmation from Stripe; and
  • Market data from Kalshi via API.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service;
  • Execute trades on Kalshi on your behalf within your configured parameters;
  • Process payments and manage your subscription;
  • Send transactional communications (trade confirmations, account alerts);
  • Improve, personalize, and expand the Service;
  • Analyze usage patterns to optimize AI model performance;
  • Detect, prevent, and address fraud, security, and technical issues;
  • Comply with legal obligations; and
  • Communicate product updates and promotional offers (with your consent where required).

We do not sell your personal information to third parties. We do not use your trading data to trade against you or share it with competing services.

4. How We Share Your Information

We may share your information with:

  • Kalshi: Your API credentials and trade instructions are transmitted to Kalshi to execute your trades. This transmission is governed by Kalshi's terms and privacy policy.
  • Stripe: Payment processing. Your card data is handled directly by Stripe and subject to their PCI-DSS compliance.
  • Clerk: Identity and authentication management.
  • Cloud Infrastructure Providers: Hosting, storage, and computing services necessary to operate the platform.
  • Legal Requirements: We may disclose your information when required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights or the safety of others.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as a business asset.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you close your account, we will retain your data for up to 90 days to allow for account recovery, after which we will delete or anonymize your personal information, except where we are required by law to retain it (e.g., financial records, which may be retained for up to 7 years).

Trade history and aggregated performance data may be retained in anonymized form indefinitely for model training and improvement purposes.

6. Security

We implement industry-standard security measures to protect your information, including:

  • AES-256-GCM encryption for API credentials at rest;
  • TLS 1.3 encryption for all data in transit;
  • Multi-factor authentication support via Clerk;
  • Access controls limiting employee access to personal data on a need-to-know basis; and
  • Regular security audits and vulnerability assessments.

No method of transmission over the internet or electronic storage is 100% secure. While we use commercially reasonable security measures, we cannot guarantee absolute security. In the event of a data breach, we will notify affected users in accordance with applicable law.

7. Cookies and Tracking

We use the following types of cookies and tracking technologies:

  • Essential Cookies: Required for the Service to function (authentication sessions, security tokens). Cannot be disabled.
  • Functional Cookies: Remember your preferences and settings.
  • Analytics Cookies: Help us understand how users interact with the Service. You may opt out via your browser settings.

You can control cookie preferences through your browser settings. Note that disabling essential cookies will impair Service functionality.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal data we hold about you;
  • Correction: Request correction of inaccurate or incomplete data;
  • Deletion: Request deletion of your personal data, subject to legal retention requirements;
  • Portability: Request your data in a portable format;
  • Opt-out of Marketing: Unsubscribe from promotional communications at any time via the unsubscribe link; and
  • Restrict Processing: Request that we limit how we use your data in certain circumstances.

To exercise any of these rights, contact us at privacy@mantikos.io. We will respond within 30 days. We may need to verify your identity before processing your request.

9. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you additional rights, including the right to know what personal information we collect, the right to delete your personal information, and the right to opt out of the sale of your personal information. We do not sell personal information. To exercise your CCPA rights, contact us at privacy@mantikos.io.

10. Children's Privacy

The Service is not directed to children under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18 without parental consent, we will delete that information promptly. If you believe we have inadvertently collected such information, please contact us immediately.

11. Third-Party Links

The Service may contain links to third-party websites or services (including Kalshi). We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any third-party services you access through the Service.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Policy on our website and, where feasible, by email at least 14 days before changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the revised Policy.

13. Contact Us

For questions, concerns, or requests regarding this Privacy Policy, contact us at:

privacy@mantikos.io

Legal:Terms of ServicePrivacy PolicyRisk Disclaimer