Privacy Policy & Data Retention
The application is operated by Dyment Labs Pte. Ltd., 160 Robinson Road, #14-04 Singapore Business Federation Center, Singapore (068914).
What Otomato Does
Otomato is a read-only DeFi monitoring app. You provide a wallet address, we detect your on-chain positions and send alerts when something materially changes. We cannot move funds or execute transactions.
What Data We Collect
| Data | Why | Stored Where | Retention |
|---|---|---|---|
| Wallet address | Detect your on-chain positions | Our servers | Until you delete your account |
| Push notification token | Deliver alerts to your device | Our servers + Firebase/APNs | Until you delete your account or revoke permissions |
| Alert history | Show past alerts in the Feed | Our servers | 12 months, then auto-deleted |
| Analytics events | Understand how the app is used | PostHog (EU) | 12 months rolling |
| Error logs | Fix bugs | Sentry (EU) | 90 days |
| Server logs | Security & debugging | Our infrastructure | 90 days |
What We Do NOT Collect
- No names, emails, phone numbers, or government IDs
- No financial account numbers
- No cross-app tracking (no IDFA, no ATT)
Third-Party Services
| Service | Purpose | Data Shared | Location |
|---|---|---|---|
| PostHog | Analytics | Usage events, hashed wallet address, device info | EU (eu.posthog.com) |
| Firebase / APNs | Push notifications | Push token, notification content | EU (Firebase), US (Apple) |
| Sentry | Error tracking | Stack traces, error context | EU |
Your Rights (GDPR)
We comply with GDPR. You can:
- Delete your account — Settings > Danger Zone > Delete Account. This permanently hard-deletes all your data from our servers. Analytics data is deleted from PostHog within 30 days.
- Export your data — Settings > Data & Privacy > Export my data.
- Withdraw analytics consent — Settings > Data & Privacy > Tracking Preferences. Tracking stops immediately.
- Contact us — privacy@dymentlabs.com for any data request. We respond within 30 days.
Account deletion is permanent and irreversible.
Children's Privacy
Otomato is not intended for users under 13. We do not knowingly collect data from children. If you believe a child has provided us with data, contact us at privacy@dymentlabs.com and we will delete it.
Data Security
- All data transmitted over HTTPS
- No sensitive credentials stored
- PostHog autocapture disabled: only explicitly instrumented events
Changes to This Policy
We review this policy every six months and when we add new data processing. Material changes will be communicated in-app.