Legal

Privacy Policy

What we collect, how we use it, and who we share it with. The short version: we collect only what we need to run Mixl — and your exchange API keys never reach us.

Last updated: July 7, 2026.

This Privacy Policy explains how D Is For Family LLC, doing business as Mixl(“Mixl,” “we,” “us,” or “our”), collects, uses, discloses, and protects information when you use the Mixl website and applications (the “Service”). It should be read together with our Terms of Service.

1. Your Exchange API Keys Are Never Sent to Us

When you connect a prediction market such as Kalshi, your API credentials are generated, encrypted, and stored entirely within your own browser or device (using browser WebCrypto and local storage such as IndexedDB). They are never transmitted to, received by, or stored on our servers, and we have no ability to see, recover, or use them. Requests that require your credentials are signed locally on your device. Because we never hold these keys, they are not part of the data we process, and they are outside the reach of any request, subpoena, or breach affecting our servers.

2. Information We Collect

  • Account information. When you register, our authentication provider (Neon Auth) processes your email address, name, and login credentials. If you sign in with Google, we receive basic profile information (such as your name and email) from Google.
  • Billing information. If you subscribe, our payment processor (Stripe) collects and processes your payment details and billing information directly. We do not store your full payment-card numbers; we receive limited information such as your subscription status, plan, and the last four digits or card brand for reference.
  • Usage and app data. Data you generate in the Service — such as saved simulations, simulation usage counts, preferences, and subscription state — is stored in our database (hosted on Neon/PostgreSQL) and associated with your account identifier.
  • Device and log data. Like most online services, we and our providers automatically receive technical information such as IP address, browser type, pages viewed, timestamps, and error logs, used for security, rate limiting, and to operate the Service.
  • Cookies and local storage. We use cookies and browser storage that are necessary to keep you signed in and to remember preferences (for example, your light/ dark theme). We do not sell your personal information.

3. How We Use Information

  • to provide, operate, maintain, secure, and improve the Service;
  • to authenticate you and manage your account and subscription;
  • to process payments and prevent fraud, abuse, and prohibited use;
  • to communicate with you about your account, transactions, security, and changes to the Service or our policies; and
  • to comply with law and enforce our Terms.

4. How We Share Information

We do not sell your personal information. We share information only as needed to run the Service, with service providers (“subprocessors”) who process data on our behalf, and as required by law:

  • Neon — authentication and database hosting;
  • Stripe — payment processing and billing;
  • Google — optional sign-in (OAuth);
  • Amazon Web Services (SES) — transactional email delivery;
  • Railway — application hosting and infrastructure.

We may also disclose information to comply with legal obligations, enforce our agreements, protect the rights, safety, and security of Mixl and others, or in connection with a merger, acquisition, or sale of assets (subject to this Policy).

5. Data Retention

We retain personal information for as long as your account is active and as needed to provide the Service, and thereafter as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. When you delete your account, we delete or anonymize personal information we hold, except where retention is required by law or for legitimate business purposes.

6. Security

We use technical and organizational measures designed to protect information, and we minimize what we hold — most notably, your exchange credentials never reach us (Section 1). No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your login credentials and device secure.

7. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, or export your personal information, to object to or restrict certain processing, and to withdraw consent. You can update account information in the app, cancel your subscription at any time, and request access or deletion by contacting us. We will respond as required by applicable law and may need to verify your identity.

8. Children

The Service is not directed to, and is not intended for, anyone under 18. We do not knowingly collect personal information from children. If you believe a minor has provided us information, contact us and we will delete it.

9. International Users

We operate the Service from the United States, and information we process may be stored and handled in the United States or other countries where we or our subprocessors operate. By using the Service, you consent to that processing.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date reflects the current version, and we will indicate material changes as required by law. Your continued use of the Service after changes take effect constitutes acceptance.

11. Contact

For privacy questions or to exercise your rights, contact privacy@trymixl.com. For other legal matters, contact legal@trymixl.com.