Privacy Policy

Your trust powers KALKII. This policy explains what data we collect, how we use it, who we share it with, and the rights you have — written plainly, without dark patterns.

Last UpdatedJanuary 07, 2026
Effective FromJanuary 15, 2026
Versionv2.1
01

Introduction

Welcome to KALKII (accessible at kalkii.io). We are a next-generation crypto trading and referral rewards platform. Protecting your personal data is not a checkbox for us — it is core to how we design every feature.

This Privacy Policy applies to all users of the KALKII platform, including our website, web app, mobile applications, APIs, and any related services (collectively, the "Services"). By creating an account or using our Services, you agree to the practices described in this policy.

Quick summary
We collect the data needed to run a compliant trading platform, we never sell it to advertisers, and you can access, correct, or delete your data at any time by writing to us at info@kalkii.io.
02

Information We Collect

We collect information across five broad categories. Every field exists for a reason — usually a legal, security, or product one.

Account Information
  • Full legal name
  • Email address
  • Username and hashed password
Identity Verification (KYC)
  • Proof of address (utility bill, bank statement)
  • Source of funds declarations (for large volumes)
Financial & Wallet Data
  • Public wallet addresses you connect
  • Deposit / withdrawal transaction hashes
  • Trading history, orders, and P&L
Referral & Network Data
  • Your unique referral code
  • Sponsor / upline relationship
  • Downline structure and levels
  • Commission and rank progression records
Communications
  • Support tickets and chat transcripts
  • Email correspondence with our team
  • Feedback, surveys, and beta testing input
  • In-app notification preferences
03

How We Use Your Data

We only process your data for specific, declared purposes. If we want to use it for something new, we ask first.

A
Provide the Services
Create and secure your account, execute trades, process deposits and withdrawals, and calculate your referral commissions in real time.
B
Legal & Regulatory Compliance
Satisfy KYC, AML, CFT, PMLA, and any tax reporting obligations under international law. Some records must be kept for up to 8 years.
C
Fraud Prevention & Security
Detect suspicious login patterns, prevent multi-account abuse of referral bonuses, block wash trading, and protect the platform from cyber threats.
D
Customer Support
Respond to your queries, troubleshoot issues, and improve response quality by reviewing conversation history.
E
Product Improvement
Aggregate, anonymized analytics on how features are used so we can build a better platform. This data cannot be traced back to you individually.
F
Marketing (Opt-in only)
Send you product updates, market insights, or promotional offers — only if you explicitly subscribe. You can unsubscribe in one click, any time.
04

KYC & Verification

As a regulated financial platform, KALKII is required to verify the identity of every user before enabling deposits, withdrawals, or trading beyond limited tiers.

Why we ask for KYC documents
KYC (Know Your Customer) is mandatory Prevention of Money Laundering Act (PMLA) and related FIU guidance for Virtual Digital Asset service providers. Non-compliance can lead to account restrictions.
  • Storage: KYC documents are encrypted at rest with AES-256 and stored in access-controlled vaults separate from your main account data.
  • Access: Only a small, audited team of compliance officers can view raw KYC documents, and every access is logged.
  • Third-party verifiers: We use trusted KYC vendors (e.g., DigiLocker, Signzy-class providers) to validate documents. They are contractually bound to our privacy standards.
  • Rejection: If your KYC is rejected, we retain the record for 5 years as required for regulatory audit, unless law requires longer.
05

Wallet & Transactions

KALKII operates a custodial and non-custodial hybrid model. What we see and store depends on how you interact with the platform.

Custodial

Platform Wallet

We hold funds on your behalf in segregated hot & cold wallets. We record every deposit, trade, and withdrawal against your account for audit and tax purposes.

Non-custodial

Connected Wallet

When you connect an external wallet (MetaMask, Trust, WalletConnect), we only see the public address and signed messages. We never see your seed phrase or private keys.

Blockchain transactions are, by their nature, public and permanent. Any address you use with KALKII will be linked to your KALKII account for our internal records, but the on-chain record itself is beyond our control.

06

Referral & Network Data

KALKII's referral program is central to the platform. Because rewards flow across a network of users, some of your data is by design visible to others in your structure.

Visible to your upline
Your masked username, join date, and total qualifying volume. Personal contact info is never shared.
Visible to your downline
Your public name / handle only if you appear as their direct sponsor. Nothing else.
Internal use only
Full email, KYC status, and transaction detail are never shared with anyone in the network.
Commission records
Retained for a minimum of 7 years for tax, audit, and dispute resolution.
07

Data Sharing

We do not sell your personal data. We share it only in the limited cases below:

Service Providers
Cloud infrastructure (AWS, Cloudflare), email delivery, KYC vendors, blockchain analytics — all bound by data-processing agreements.
Regulators & Law Enforcement
When we receive a valid legal order (e.g., from FIU-IND, GST, Income Tax, RBI, or courts) we share only what is legally required.
Payment Partners
Bank and UPI partners receive the minimum data needed to settle deposits and withdrawals.
Corporate Events
If KALKII is involved in a merger, acquisition, or asset sale, data may transfer to the new entity under the same or stricter protections.
With Your Consent
Anything else — e.g., a third-party integration you enable — happens only after you explicitly authorize it.
08

Cookies & Tracking

We use cookies and similar technologies to make KALKII secure and functional. You control what non-essential trackers can do.

09

Data Security

We treat security as an ongoing discipline, not a one-time certification.

🔐
AES-256 Encryption
All sensitive data encrypted at rest and in transit (TLS 1.3).
🛡️
Cold Storage
95%+ of user crypto assets held in offline, multi-sig cold wallets.
🔑
2FA & Biometrics
TOTP, SMS, and biometric login supported and encouraged.
👁️
24/7 Monitoring
SIEM-based anomaly detection and DDoS protection at edge.
🧪
Regular Audits
Independent security audits and penetration tests each year.
⚠️
Incident Response
72-hour breach notification to affected users and regulators.

No system is 100% impregnable. Please help us by using a unique password, enabling 2FA, and never sharing your credentials.

10

Your Rights

Digital Personal Data Protection Act (DPDP) 2023, and equivalent laws in other jurisdictions, you have the following rights:

1
Right to Access
Get a copy of the personal data we hold about you.
2
Right to Correction
Fix inaccurate or outdated information.
3
Right to Erasure
Delete your data (subject to legal retention rules).
4
Right to Grievance
Escalate concerns to our Data Protection Officer.
5
Right to Nominate
Appoint someone to act on your behalf in your absence.
6
Right to Withdraw Consent
Revoke consent for any optional processing at any time.
How to exercise your rights
Email us at info@kalkii.io with the subject line "Data Rights Request". We respond within 30 days.
11

Data Retention

Different categories of data have different lifespans. Here is what we keep and for how long:

Category
Retention Period
Reason
Account & KYC data
5–8 years post-closure
PMLA & FIU-IND requirements
Transaction records
8 years
Tax & audit obligations
Support communications
3 years
Dispute resolution
Analytics (anonymized)
Indefinite
Aggregate, non-identifying
Marketing preferences
Until you opt out
Honoring your consent
12

International Transfers

KALKII's infrastructure primarily runs from data centers in Singapore. If you access the platform from outside Your data will be transferred to and processed in jurisdictions that may have different data protection laws.

For any cross-border transfer, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure your data receives the same level of protection as under law.

13

Children's Privacy

KALKII is not intended for anyone under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with data, please contact us immediately and we will delete it within 7 days.

14

Changes to This Policy

We may update this policy from time to time to reflect changes in our practices, technology, or law. When we make material changes, we will:

  • Notify you by email at least 15 days before the change takes effect.
  • Post a prominent notice on the KALKII dashboard.
  • Update the "Last Updated" date at the top of this page.
  • Archive the previous version so you can compare changes.
15

Contact Us

Questions, concerns, or data requests? We'd love to hear from you.

Email us at
info@kalkii.io
We aim to respond within 48 hours for support and within 30 days for formal data rights requests.
Data ControllerKALKII
Websitekalkii.io
Thank you for reading.

By continuing to use KALKII, you acknowledge that you have read and understood this Privacy Policy. Your trust is what makes this platform possible.

Back to KALKII