Kessel | Trade Polymarket and Kalshi As One Market

Last Updated: March 3, 2026 Effective Date: March 3, 2026

This Privacy Policy explains how Banto LLC d/b/a Kessel ("Kessel," "we," "us," or "our") collects, uses, discloses, and protects information when you access or use the Kessel platform, APIs, websocket connections, execution engine, data services, documentation, dashboards, and all related software and services (collectively, the "Services").

By using the Services, you agree to this Privacy Policy. If you do not agree, do not use the Services.

1. INFORMATION WE COLLECT

1.1 Information You Provide Directly

Account Registration:

Name, email address, and contact details
Company or entity name (if applicable)
Billing information and payment method details

Integration and Configuration:

Connected Venue Account credentials and API keys you provide to link your Polymarket, Kalshi, or other supported venue accounts
Routing policies, strategies, order configurations, and other User Content submitted to the Execution Engine
Technical preferences and integration settings

Communications:

Messages, feedback, and support requests submitted to Kessel via email, Discord, Telegram, or any other channel

1.2 Information Collected Automatically

Technical and Usage Data:

IP address, browser type, device identifiers, and operating system
API request logs, including endpoints called, timestamps, request parameters, and response codes
Websocket connection metadata and session duration
Pages and features accessed, time spent, and navigation paths
Error logs and diagnostic data

Execution and Trading Data:

Orders routed through the Execution Engine, including venue, size, price, routing policy applied, fill status, slippage, and latency metrics
Cross-venue routing logs and fill benchmarking data
Execution quality metrics associated with your account

Cookies and Similar Technologies:

Session cookies for authentication and platform functionality
Analytics cookies to understand aggregate usage patterns (no advertising cookies)

1.3 Information from Third Parties

Prediction Market Venues: Market data, orderbook feeds, and fill confirmations received from Polymarket, Kalshi, and other supported venues in connection with your Connected Venue Accounts
Payment Processors: Transaction status, fraud alerts, and chargeback notifications
Identity Verification Services: Where required for KYC/AML compliance

2. HOW WE USE YOUR INFORMATION

2.1 To Provide and Operate the Services

Authenticate your account and manage API Keys
Ingest and normalize market data from supported Prediction Market Venues
Route Orders through your Connected Venue Accounts according to your routing policies
Execute cross-venue strategies and manage take-profit, stop-loss, and portfolio exit logic
Provide fill quality dashboards, latency benchmarking, and execution analytics
Process fees and payments

2.2 To Improve and Develop the Services

Analyze aggregate, anonymized usage patterns to improve platform performance
Identify and fix bugs, latency issues, and execution failures
Develop new features, routing strategies, and venue integrations
Conduct internal benchmarking of execution quality

2.3 For Security and Fraud Prevention

Detect and prevent unauthorized access, credential compromise, and abuse
Monitor for anomalous API usage or trading patterns that may indicate security incidents
Enforce the Terms of Service and applicable law

2.4 For Compliance and Legal Obligations

Comply with applicable laws, regulations, and exchange rules
Respond to subpoenas, court orders, regulatory inquiries, or law enforcement requests
Enforce our legal rights and defend against claims
Maintain records required by applicable law

2.5 For Communications

Send transactional and operational communications (account alerts, API key updates, service announcements)
Respond to support requests and feedback
Notify you of material changes to these Terms or this Privacy Policy
We do not send marketing emails without your explicit consent

2.6 What We Do NOT Do With Your Data

We do not sell your personal data or trading data to third parties
We do not share your individual routing policies or execution strategies with other Users
We do not use your trading activity to take positions against you
We do not share your Connected Venue Account credentials with any party other than the applicable venue

3. HOW WE SHARE YOUR INFORMATION

3.1 Service Providers

We share data with third-party vendors who perform services on our behalf, including:

Cloud Infrastructure Providers (e.g., AWS): Data storage, hosting, and platform operations
Payment Processors (e.g., Stripe): Billing and fee collection
Analytics Providers: Aggregated, de-identified usage data only
Security and Monitoring Tools: Intrusion detection, error tracking, and performance monitoring
Identity Verification Services: KYC/AML compliance where required

All service providers are contractually bound to protect your data, use it only for specified purposes, and maintain security standards at least as protective as those described in this Policy.

3.2 Prediction Market Venues

To route Orders on your behalf, Kessel transmits necessary Order parameters to Polymarket, Kalshi, and other venues you have connected. This includes Order size, price, direction, and routing instructions. Kessel transmits only what is required to execute your instructions. Your credentials are transmitted directly to the applicable venue and are not stored in plaintext.

3.3 Legal Requirements

We may disclose your information when required by law or when we believe in good faith that disclosure is necessary to:

Comply with a subpoena, court order, or government investigation
Enforce our Terms of Service
Protect the rights, property, or safety of Kessel, our users, or the public
Prevent fraud or illegal activity

Where legally permitted, we will notify you before disclosing your information in response to legal process.

3.4 Business Transfers

If Kessel is acquired, merges with another entity, or undergoes a change of control or bankruptcy proceeding, your information may be transferred to the successor entity as part of that transaction. The successor will be required to honor this Privacy Policy or obtain your consent to material changes.

3.5 With Your Consent

We may share information in ways not described in this Policy if you explicitly authorize us to do so.

4. DATA SECURITY

4.1 Technical Safeguards

We implement industry-standard security measures, including:

Encryption in transit: TLS 1.2+ for all API connections and data transmission
Encryption at rest: AES-256 encryption for stored data
Access controls: Role-based access controls and multi-factor authentication for internal systems
Credential handling: Connected Venue Account credentials are encrypted and never stored in plaintext
Network security: Firewalls, intrusion detection, and DDoS mitigation
API Key security: Hashed storage of API Keys; full keys are displayed only at issuance

4.2 Operational Security

Least-privilege access controls for internal personnel
Security incident response and escalation procedures
Regular security reviews of infrastructure and dependencies
Vendor security assessments for critical service providers

4.3 Your Responsibilities

You are responsible for:

Protecting your Kessel API Keys and account credentials
Securing your Connected Venue Account credentials
Using API keys with minimum necessary permissions
Rotating credentials promptly upon any suspected compromise
Notifying Kessel immediately at team@kesselgateway.com upon discovery of any unauthorized access

No system is 100% secure. Kessel cannot guarantee absolute security and is not liable for unauthorized access resulting from your failure to secure credentials or from events outside our reasonable control.

5. DATA RETENTION

5.1 Account and Usage Data

We retain account information and API usage logs for the duration of your account and for a period of 3 years following account termination, unless a longer retention period is required by applicable law.

5.2 Execution and Trading Data

Order logs, fill records, routing policy configurations, and execution quality metrics are retained for 5 years following the date of the relevant activity. This retention period reflects potential regulatory inquiry windows applicable to trading activity.

5.3 Payment and Billing Data

Transaction records and billing history are retained for 7 years to satisfy tax and financial recordkeeping requirements.

5.4 Technical Logs

System logs and error logs are retained for 90 days unless needed for an active security investigation or legal proceeding.

5.5 Anonymized Analytics

Aggregated, de-identified usage and performance data may be retained indefinitely as it cannot be re-associated with any individual user.

5.6 Account Deletion

Upon account termination, your active access is immediately revoked. We will delete or anonymize personal data within 30 days of termination, subject to the retention periods described above and any legal obligations requiring longer retention. You may request deletion of specific data by contacting team@kesselgateway.com.

6. YOUR PRIVACY RIGHTS

6.1 Access and Portability

You may request a copy of the personal data Kessel holds about you. We will provide it in a machine-readable format (JSON or CSV) within 30 days of a verified request.

6.2 Correction

You may request correction of inaccurate or incomplete personal data in your account. You can update most account information directly through your account settings.

6.3 Deletion

You may request deletion of your personal data. We will honor deletion requests subject to legal retention obligations described in Section 5. Some data (execution records, billing records) cannot be deleted during applicable retention periods.

6.4 Opt-Out of Marketing

We do not send marketing communications by default. If you receive any, you may opt out at any time by clicking "unsubscribe" or emailing team@kesselgateway.com.

6.5 California Residents (CCPA/CPRA)

California residents have the following additional rights:

Right to Know: What personal data we collect, use, and disclose
Right to Delete: Subject to legal exceptions
Right to Correct: Inaccurate personal data
Right to Opt-Out of Sale: We do not sell personal data
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, email team@kesselgateway.com. We will respond within 45 days and verify your identity before processing requests.

6.6 Virginia, Colorado, Connecticut, and Utah Residents

Residents of these states have similar rights to access, correct, delete, and opt out of certain data processing. Contact team@kesselgateway.com to exercise these rights.

6.7 Do Not Track

Our Services do not respond to "Do Not Track" browser signals.

7. COOKIES AND TRACKING TECHNOLOGIES

7.1 Cookies We Use

Strictly Necessary: Session management and authentication. Cannot be disabled without impairing core functionality.
Functional: User preferences and interface settings.
Analytics: Aggregate, de-identified usage patterns to improve platform performance.

We do not use advertising cookies or cross-site tracking technologies.

7.2 Managing Cookies

You may block or delete cookies via your browser settings. Blocking strictly necessary cookies will impair your ability to use the Services.

8. INTERNATIONAL DATA TRANSFERS

Kessel is based in the United States. Data you submit to the Services is processed and stored in the United States and may also be processed in other countries where our service providers operate.

If you are located outside the United States, your data may be subject to U.S. laws, which may differ from the laws of your jurisdiction. By using the Services, you consent to the transfer of your data to the United States and other jurisdictions as described in this Policy.

For users in the European Economic Area or United Kingdom, we rely on appropriate transfer mechanisms including Standard Contractual Clauses where required by applicable law. Contact team@kesselgateway.com for more information.

9. JURISDICTIONAL RESTRICTIONS AND REGULATORY STATUS

Prediction markets operate in a complex and evolving regulatory environment. Access to the Services may be restricted for users in certain jurisdictions based on applicable law or Kessel's assessment of regulatory risk. Kessel reserves the right to restrict, suspend, or terminate access for users in any jurisdiction, including the United States, at any time without prior notice.

Users are solely responsible for determining whether their use of the Services is lawful in their jurisdiction. Kessel makes no representation that the Services are available or appropriate for use in any particular location.

10. CHILDREN'S PRIVACY

The Services are not directed to individuals under the age of 18. Kessel does not knowingly collect personal data from anyone under 18. If we become aware that we have collected personal data from a minor, we will delete it promptly. If you believe we have inadvertently collected data from a minor, contact team@kesselgateway.com.

11. THIRD-PARTY LINKS AND SERVICES

The Services may contain links to third-party websites or integrate with third-party platforms including Prediction Market Venues. Kessel is not responsible for the privacy practices of any third party. We encourage you to review the privacy policies of any third-party services you use in connection with Kessel.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy at any time by posting a revised version at kesselgateway.com/privacy. We will provide at least 14 days' advance notice of material changes via email or in-Service notification. Continued use of the Services after the effective date of any revision constitutes your acceptance of the updated Policy.

We will not make retroactive changes that materially reduce your privacy rights without your explicit consent.

13. CONTACT

For privacy questions, data requests, or to exercise your rights:

Banto LLC d/b/a Kessel Email: team@kesselgateway.com Website: kesselgateway.com

By using the Kessel Services, you acknowledge that you have read this Privacy Policy in its entirety, understand it, and agree to the data practices described herein.

Kessel Privacy Policy