Last updated: March 2026
This Privacy Policy explains how Arbitix ("we", "us", or "our") collects, uses, shares, and protects your personal information when you use our website at arbitix.io and our prediction markets aggregator platform (collectively, the "Service"). Please read this policy carefully. By using the Service, you agree to the practices described here.
Arbitix is a prediction markets data aggregator operated by Jhonatan Junio. Our platform aggregates publicly available market data from third-party prediction market platforms — including Polymarket, Kalshi, Metaculus, Manifold, and PredictIt — and presents it in a unified, comparable dashboard.
For all privacy-related matters, including data subject requests, you can reach us at:
We are committed to complying with the General Data Protection Regulation (GDPR) for users in the European Economic Area and the California Consumer Privacy Act (CCPA) for California residents.
We collect only the information necessary to provide and improve the Service. Below is a breakdown by category.
When you register or sign in via Google OAuth, we receive and store:
As you interact with the Service, we automatically collect information about your activity, including:
We collect technical information about the device and connection used to access the Service:
If you use our alert or watchlist features, we store:
Subscription payments are processed by Stripe. We do not store your card number, CVV, or full payment card details on our servers. We receive and store from Stripe only:
If you contact us via email or submit feedback through the Service, we retain:
What we do not collect: We do not collect Social Security numbers, government ID numbers, financial account credentials, or health information. We do not knowingly collect any sensitive personal data beyond what is described above.
We collect account data when you register for the Service, sign in via Google OAuth, configure alerts or watchlists, or communicate with our support team.
When you use the Service, certain data is collected automatically through:
When you choose to sign in with Google, we receive profile data (name, email, profile picture) from Google's OAuth service. We do not receive your Google password or access to your other Google account data. No other third parties supply us with personal data about you.
The prediction market data displayed on the platform (questions, probabilities, volume, and metadata) is publicly available data aggregated from third-party prediction market platforms. This data is not personal data and is not associated with individual users on our platform.
For users in the European Economic Area (EEA), we rely on the following legal bases under Article 6 of the GDPR:
Processing your account data, alert configurations, and watchlist data is necessary to provide the Service you have signed up for. Without this processing, we cannot create your account, deliver alerts, or maintain your saved preferences.
We process device data and usage data on the basis of our legitimate interest in:
We have conducted a balancing test and believe these interests do not override your fundamental rights and freedoms.
We rely on your consent for:
You may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
Payment records and certain transaction data are retained to comply with applicable financial and tax regulations.
Anonymized aggregate data: Arbitix retains ownership of all anonymized, aggregated usage data derived from the Service. This data cannot be used to identify any individual user and may be used for benchmarking, product research, investor reporting, and similar business purposes.
We do not sell your personal data. We do not sell, rent, or trade your personal information to any third party for their marketing purposes, including under the CCPA definition of "sale."
We share data only with the following service providers who process it strictly on our behalf and under data processing agreements:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database storage and authentication | United States |
| Vercel | Web hosting, CDN, and analytics | United States |
| OneSignal | Push notification delivery | United States |
| Resend | Transactional email delivery | United States |
| Trigger.dev | Background task processing (cron jobs, alerts) | United States |
| Stripe | Payment processing and subscription management | United States |
| OAuth authentication (sign-in with Google) | United States |
We may also disclose your information in the following limited circumstances:
We retain your data only for as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, and resolve disputes.
| Data Category | Retention Period |
|---|---|
| Account data (profile, preferences) | Duration of account + 30 days after deletion request |
| Usage analytics | 24 months from collection date |
| Payment records | 7 years (legal and tax compliance requirement) |
| Market data (aggregated public data) | Indefinite — this is publicly sourced data |
| Alert history and watchlist data | Duration of account; deleted when account is deleted |
| Support correspondence | 3 years from last communication |
| Server logs (IP, request logs) | 90 days |
When a retention period expires, data is securely deleted or irreversibly anonymized. You may request earlier deletion; see Section 8 for how to exercise that right.
If you are located in the European Economic Area, you have the following rights under the GDPR:
If you are a California resident, you have the following rights under the CCPA:
To submit a request, email us at founder@arbitix.io with the subject line "Privacy Request" and a description of your request. We may need to verify your identity before processing the request.
EEA users have the right to lodge a complaint with their local data protection authority if they believe we have violated their rights. We encourage you to contact us first so we can address your concerns directly.
Arbitix is operated from Brazil and our service providers are primarily located in the United States. If you are accessing the Service from the EEA, United Kingdom, or Switzerland, your personal data will be transferred to and processed in the United States, which may not provide the same level of data protection as your home jurisdiction.
For transfers of personal data from the EEA to the United States, we rely on the following safeguards:
By using the Service, you acknowledge that your data may be transferred to, stored in, and processed in the United States. We take all steps reasonably necessary to ensure your data is treated securely in accordance with this policy.
The Service is not directed to individuals under the age of 16 years old. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at founder@arbitix.io. Upon verification, we will delete the information as promptly as possible.
If we learn that we have inadvertently collected personal information from a child under 16 without parental consent, we will take immediate steps to delete that information from our records and, where applicable, notify the relevant authorities.
We reserve the right to update this Privacy Policy at any time. When we make changes, we will revise the "Last updated" date at the top of this page.
Your continued use of the Service after the effective date of any updated policy constitutes your acceptance of the changes. If you do not agree to the updated policy, you should stop using the Service and may request deletion of your account.
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:
We aim to acknowledge all inquiries within 2 business days and resolve them as quickly as practicable.
© 2026 Arbitix. All rights reserved. Back to home