Privacy Policy

Zayn Predictions, a product of Idea-Tects LLC.

Last updated: April 23, 2026

This Privacy Policy explains what personal information Idea-Tects LLC ("we," "us," "our") collects when you use Zayn Predictions (the "Service"), how we use it, who we share it with, and the rights you have over it. By using the Service you agree to this Policy.

We keep this short on purpose. If a sentence isn't here, we probably aren't doing that thing.

1. What We Collect

Account data. When you sign up we collect your email address and a unique identifier generated by our authentication provider (AWS Cognito). You may also receive a subscription identifier from Apple or Google tied to your purchase.

Usage data. In-app actions tied to your account: which predictions you react to (👍 👎 🎯 🔥), which categories you've enabled for Zayn Bot, the per-trade dollar limits you configure, and basic event logs we need to operate the Service (e.g. "a trade was skipped because of low balance").

Device push token. If you grant notification permission, we store the opaque Expo push token issued to your device so we can send you real-time alerts when new predictions are ready. The token identifies the device install, not you personally — it is not a phone number, email, or advertising identifier. You can revoke notifications at any time in your device's OS settings; the stored token becomes dormant and is cleared on the next sign-out.

Zayn Bot data (Pro subscribers, only if enabled). If you voluntarily enable Zayn Bot, you provide an API key from your third-party prediction-market exchange account. We store that API key encrypted in AWS Secrets Manager, scoped to your account, and use it only to place orders you have authorized. We also store the orders our system places on your behalf (ticker, side, size, entry price, status), so you can see them in the Service.

Device data. Standard mobile-OS crash reports and version information surfaced by the app framework (Expo / React Native). We do not run our own telemetry SDK; we do not collect advertising identifiers; we do not track you across apps or websites.

What we do not collect. We do not collect your name, address, phone number, date of birth, government ID, financial account numbers, location, contacts, photos, microphone, or camera input. The Service has no ad network.

2. How We Use It

• To run the Service — authenticate you, show your feed, record your reactions, and (if you've enabled it) place Zayn Bot orders on your behalf.
• To bill you — through Apple or Google, via RevenueCat. We rely on RevenueCat to verify your subscription status; we do not process payment cards ourselves and never see your card number.
• To communicate with you — transactional messages (verification codes, account-security notices, subscription changes). We do not send marketing email without explicit opt-in.
• To improve the Service — anonymized, aggregated analysis of model accuracy by category over time. We never identify individual users in analytics.
• To comply with law — respond to valid legal process, protect the rights and safety of users, and enforce our Terms.

We do not use your data to train third-party AI models.

3. Who We Share It With

We don't sell your data. We don't rent it. We don't share it with advertisers or data brokers. The short list of people who ever see any of your data:

• Amazon Web Services (AWS) — hosts our backend. Your data sits in AWS us-east-1 in DynamoDB (user records), Secrets Manager (your exchange API key, if any), and S3 (app assets). Access is gated by our IAM policies.
• RevenueCat — processes the subscription entitlement from Apple / Google. Receives your Cognito user ID and the subscription product you purchased. Their privacy policy: https://www.revenuecat.com/privacy.
• Expo (notification relay) — if you've enabled push notifications, we POST your Expo push token plus the notification body to Expo, which forwards it to Apple's APNs and Google's FCM for delivery to your device. We share no other data. Their privacy policy: https://expo.dev/privacy.
• Apple / Google (the App Store) — processes your payment and issues the subscription receipt. We see only that a subscription is active, not your payment details.
• The prediction-market exchange you connect (currently Kalshi), only if you enable Zayn Bot — receives the API calls we make on your behalf via your own API key. We do not share your email, user ID, or anything else about you with the exchange. The exchange already knows who you are because you created the account there.
• Law enforcement or counterparties in a legal proceeding — only in response to valid legal process, only to the narrow extent required, and where legally permitted we will notify you first.

If Idea-Tects LLC is acquired or merged, user data may transfer to the acquirer subject to this Policy. We will notify you before any such transfer becomes effective.

4. Where Your Data Lives

• U.S. only. All data is stored in the AWS us-east-1 region (Northern Virginia).
• Encryption in transit via HTTPS / TLS 1.2+.
• Encryption at rest via AWS-managed keys for DynamoDB and Secrets Manager.
• Your Zayn Bot API key is stored in AWS Secrets Manager under a per-user secret ARN and is readable only by the specific Lambda function that places orders on your behalf.
• The Service does not currently transfer personal data outside the United States.

5. Retention

• Account data — retained while your account is active, and for up to thirty (30) days after you delete your account so we can honor refund, dispute, or legal obligations.
• Signals and reactions — automatically deleted fourteen (14) days after creation using DynamoDB Time-to-Live (TTL).
• Prediction records — automatically deleted seven (7) days after creation.
• Trade records — retained for up to ninety (90) days after the trade settles, then automatically deleted. You can request earlier deletion at any time.
• Zayn Bot API key — deleted immediately when you disable Zayn Bot or delete your account.
• Device push token — rotated or cleared on sign-out; deleted when you delete your account. Inactive tokens (device uninstalled) are purged automatically within 30 days of the delivery system flagging them as unreachable.
• Aggregated, anonymized analytics — retained indefinitely; cannot be tied back to you.

6. Your Rights

Regardless of where you live, you can:

• Access the information we hold about you;
• Correct anything that's wrong;
• Delete your account and the data we hold (subject to the retention exceptions above);
• Export a copy of your data in a machine-readable format;
• Withdraw consent for Zayn Bot at any time by disabling the feature in-app;
• Opt out of sale or sharing — not applicable, we do not sell or share your data for advertising.

If you live in California (CCPA / CPRA), the EU / UK (GDPR), or another jurisdiction with specific privacy rights, those rights apply in full. Send any request to admin@idea-tects.com. We will respond within thirty (30) days.

You can also cancel your subscription at any time through the Apple App Store or Google Play Store; cancellation takes effect at the end of the current billing period.

7. Children

The Service is not directed to children under 18 and we do not knowingly collect data from anyone under 18. If you believe a minor has created an account, email admin@idea-tects.com and we will delete the account and all associated data promptly.

8. Security

We use AWS infrastructure, per-user IAM scoping, encryption at rest and in transit, and the principle of least privilege for backend services. We do not copy or export user databases to developer laptops. That said — no system is perfectly secure. If we learn of a breach that materially affects your data we will notify you without undue delay and as required by applicable law.

You can meaningfully reduce your own risk by:

• Using a strong, unique password for your account;
• Keeping two-factor authentication enabled on your third-party exchange account (if using Zayn Bot);
• Scoping the Zayn Bot API key narrowly (trade-only, no withdrawals) at your exchange;
• Deleting the Zayn Bot key in-app when you stop using the feature.

9. Changes to This Policy

We may update this Policy from time to time. If we make a material change we will notify active users by email or in-app notice at least seven (7) days before the change takes effect. The "Last updated" date at the top is always current.

10. Contact

Questions about this Policy, a data request, or a security concern?

admin@idea-tects.com

Idea-Tects LLC 3571 Far West Blvd, #3208 Austin, TX 78731, USA