Privacy Policy

This policy explains what information UpsideOnly collects, how we use it, who we share it with, and the rights you have over your data.

27 questionsUpdated May 18, 2026Press / to search

Overview

What this policy covers, who we are, and how it changes.

  • This Privacy Policy (this "Policy") describes how USO Deposit Trust LLC, a Delaware limited liability company, and its affiliated entities, including USO Labs Ltd., a Marshall Islands corporation, collect, use, disclose, and process personal information in connection with the UpsideOnly.com platform (the "Platform"). References in this Policy to "Company," "we," "us," or "our" include such affiliates and subsidiaries where the context requires.

  • Controller: We act as a data controller for personal information processed to operate the Platform.

  • We may update this Privacy Policy periodically and will provide notice of material changes by email, as required. If you do not agree with the changes, you must stop using our site and services. You can also withdraw your consent to any further processing of your personal information.

Information we collect

Categories of personal information we collect and where it comes from.

  • We collect the following categories of personal information:

    (a) Identification Data

    • Name, date of birth, username
    • Government-issued ID (e.g., passport, driver's license)
    • National identifiers (e.g., Social Security Numbers, where required)
    • Nationality
    • Country of residence
    • Your status as an employee or affiliate of a publicly traded company

    (b) Contact Data

    • Email address
    • We may collect contact information such as telephone numbers and mailing addresses in connection with customer support services or identity verification

    (c) Financial and Transaction Data

    • Bank account and payment details
    • Deposits, withdrawals, balances

    (d) Platform Activity and User-Generated Data

    • Paper trades, predictions, entries, positions, and rankings
    • User preferences and settings
    • Communications (including support interactions)
  • (e) Technical and Device Data

    • IP address
    • Device identifiers
    • Browser type and operating system
    • Log files, timestamps, and usage data

    (g) Additional Categories

    • Commercial information (services used or considered)
    • Internet/network activity (pages viewed, features used)
    • Approximate geolocation (derived from IP)
    • Inferences (e.g., fraud risk, behavioral segmentation)
  • (f) Compliance and Risk Data

    • Identity verification (Know Your Customer, or KYC) results
    • Anti-Money Laundering, or AML, screening and sanctions checks
    • Fraud detection signals and risk scoring
  • (h) Sensitive Personal Information (where applicable)

    • Government ID numbers
    • Financial account credentials
    • Biometric data (if used for identity verification)

    If we are in possession of any de-identified data, we commit to maintaining and using de-identified data without attempting to re-identify the data.

  • We collect personal information from:

    • You directly
    • Service providers (e.g., KYC vendors, payment processors)
    • Public databases and regulatory sources
    • Automated technologies (cookies, logs, analytics tools)

How we use information

Purposes, legal bases, and automated decision-making.

  • We process personal information for the following purposes:

    (a) Platform Operation — email address; username; name; date of birth; government ID; government ID numbers (where required); account information

    • Account creation and management
    • Facilitating transactions, payments, awards, and settlements

    (b) Regulatory Compliance — government ID; biometric data; date of birth; nationality; address; affiliation with publicly traded company; payment data

    • KYC/AML obligations
    • Sanctions screening
    • Regulatory reporting

    (c) Risk, Fraud, and Security — government ID; biometric data; date of birth; nationality; address; affiliation with publicly traded company; payment data; platform usage data

    • Fraud detection and prevention
    • Monitoring suspicious activity
    • Enforcement of platform rules

    (d) Product Improvement — information from cookies; logs; clicks; session data; user behavior

    • Analytics and performance optimization
    • Feature development, including to train our artificial intelligence tools

    (e) Communications — contact information; email; telephone numbers; mailing address

    • Service-related messages
    • Customer support
    • Marketing (subject to applicable law)
    • Link clicks
    • Data opening data

    We limit our collection and use of personal information to what is reasonably necessary and proportionate for these purposes. Certain data elements are used only for specific functions (e.g., identity data for compliance).

  • We may use automated systems to:

    • Detect fraud and suspicious activity
    • Conduct risk scoring and monitoring
    • Support regulatory compliance

    These systems may analyze transaction patterns, behavioral data, and device information.

    For EEA/UK users: You may have the right to:

    • Request human review
    • Obtain additional information about the logic involved

Sharing & disclosure

Who we share your data with, and why.

  • (a) Service Providers

    • Infrastructure and cloud providers
    • Payment processors and financial institutions
    • Identity verification and compliance vendors
    • Fraud prevention and risk analytics providers
    • Customer support providers
    • Analytics providers

    The categories of data we may provide to service providers, as well as the corresponding purpose of each category, are set forth below:

    Data CategoryPurpose
    Identity dataIdentity verification; KYC and AML screening; payment processing
    Contact informationPayment processing; user inquiries, customer service communications; disputes, identity verification
    Biometric dataIdentity verification; KYC and AML screening
    Government-issued identification numbersIdentity verification; KYC and AML screening
    Payment informationPayment processing; KYC and AML screening; performance tracking; fraud prevention
    Financial dataAudit; legal obligations
    CommunicationsDisputes; support
    Technical logsSecurity; analytics
    Marketing dataMarketing management
    Information from cookiesAuthentication; security; fraud prevention; session continuity; core platform functionality; user preferences; clicks; session data; advertising identifiers; conversion events; cross-site tracking data

    These parties are contractually restricted in their use of personal information when they act on our behalf. Some third-party providers may independently collect personal information when you visit our site. For example, our site includes social media features connected with social networking sites such as X, LinkedIn, and Facebook. Those sites may collect your IP address and which page you are visiting on the site, and may set a cookie to enable social media features to function properly. Our authorized third-party vendors and partners have their own privacy notices which govern the use, handling, and disclosure of your personal information. For example, your interactions with social media sites, including any personal information you provide via buttons or links to these sites, are governed by the privacy policy/notice of the social media company.

  • (c) Business Transfers

    • Mergers, acquisitions, financing events
  • (d) Affiliates

    • Internal operational purposes

Cookies & tracking

Cookies, browser controls, and opt-out signals.

  • We use cookies for:

    • Core functionality
    • Analytics
    • Personalization
  • You can manage preferences through browser settings or the Platform's cookie banner.

  • We may recognize opt-out preference signals such as Global Privacy Control (GPC) where required by law.

Your rights & choices

Access, deletion, correction, portability, and opt-out.

  • You have the following rights with respect to the data we collect:

    • Confirm our use of your personal information
    • Access personal information we have collected about you, including the right to request certain categories of information and information about third parties to whom we disclosed personal information
    • Obtain a copy of your personal information in a portable, usable format
    • Delete personal information we have collected from you, subject to legal exceptions
    • Correct inaccuracies in your personal information
    • Opt out of the sale of personal information, the use of personal information for targeted advertising, and profiling in furtherance of decisions that produce legal or similarly significant effects
    • Limit use of sensitive personal information

    We do not sell personal information for monetary consideration.

    We may disclose certain identifiers, device information, internet or network activity information, and similar information to analytics, advertising, and marketing partners, including providers such as Google Analytics or Meta Pixel, for purposes of analytics, advertising, and marketing. Under certain U.S. state privacy laws, these disclosures may be considered a "sale," "sharing," or use for targeted advertising. These activities are subject to opt-out rights.

    Where you have given us consent to process your personal information for a specific purpose, you may withdraw that consent for processing that has not yet occurred.

    While we hope that we can resolve any questions or concerns you may have, you may lodge complaints with a supervisory authority.

  • Contact:

    • Email: [email protected]
    • Address: 255 California St., 6th Floor, San Francisco CA 94111
    • Phone: 1 (800) 289-5290

    We may authenticate your identity by asking you to verify your identity via email or over the phone. We reserve the right to verify the identity of any person making a request to opt-out or to delete or modify personal information; provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion made by us for any reason.

    We will respond within applicable legal timelines (typically 30–45 days).

    If 45 days after you send us a request, we have not responded to your request or asked for additional time to respond to your request, or we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action by contacting [email protected]. For us to properly process your appeal, you must use "Rights Request Appeal" as the subject line of your email.

    You also have the right to not be discriminated against for exercising any of your rights.

    Authorized agents may submit requests on behalf of California residents.

Security

How we protect your information, and what you may see on the Platform.

  • We implement reasonable administrative, technical, and physical safeguards including:

    • Encryption in transit and at rest
    • Role-based access controls
    • Network monitoring and intrusion detection
    • Security testing and audits
    • Incident response procedures
  • No system is completely secure. In the unlikely event that we believe the security of your personal information in our possession or control may have been compromised, we may seek to notify you. As applicable, we will comply with security breach notification requirements.

  • Due to the nature of the Platform:

    • Certain transaction or market activity may be visible to other users
    • This may include positions, outcomes, or aggregated activity

    While we seek to limit direct identification, activity may in some cases be attributable to you based on behavior, patterns, or external data.

International transfers & retention

Where your data is processed and how long we keep it.

  • We may transfer personal information to jurisdictions outside your own, including the United States.

    Where required by applicable law, we implement appropriate safeguards for cross-border transfers of personal information, including contractual protections such as standard contractual clauses approved by relevant regulators.

    We conduct transfer impact assessments and implement safeguards such as encryption and access controls.

  • Data CategoryRetention PeriodRationale
    Identity dataAccount life + 5–10 yearsRegulatory compliance
    Financial data5–10 yearsAudit/legal obligations
    Communications2–5 yearsDisputes/support
    Technical logs12–24 monthsSecurity/analytics
    Marketing dataUntil opt-out or inactivityMarketing management

    We may retain data longer where required by law or investigations.

Children & contact

Age requirements and how to reach us about privacy.

  • The Platform is not intended for individuals under 18.

    We may implement age verification measures and reserve the right to suspend accounts suspected of underage use.

Full Privacy Policy

Canonical document, presented verbatim.

Last Updated: May 18, 2026

1. Introduction

This Privacy Policy (this “Policy”) describes how USO Deposit Trust LLC, a Delaware limited liability company, and its affiliated entities, including USO Labs Ltd., a Marshall Islands corporation, collect, use, disclose, and process personal information in connection with the UpsideOnly.com platform (the “Platform”). References in this Policy to “Company,” “we,” “us,” or “our” include such affiliates and subsidiaries where the context requires.

2. Scope and Role

Controller: We act as a data controller for personal information processed to operate the Platform.

3. Categories of Personal Information Collected

We collect the following categories of personal information:

(a) Identification Data

  • Name, date of birth, username
  • Government-issued ID (e.g., passport, driver’s license)
  • National identifiers (e.g., Social Security Numbers, where required)
  • Nationality
  • Country of residence
  • Your status as an employee or affiliate of a publicly traded company

(b) Contact Data

  • Email address
  • We may collect contact information such as telephone numbers and mailing addresses in connection with customer support services or identity verification

(c) Financial and Transaction Data

  • Bank account and payment details
  • Deposits, withdrawals, balances

(d) Platform Activity and User-Generated Data

  • Paper trades, predictions, entries, positions, and rankings
  • User preferences and settings
  • Communications (including support interactions)

(e) Technical and Device Data

  • IP address
  • Device identifiers
  • Browser type and operating system
  • Log files, timestamps, and usage data

(f) Compliance and Risk Data

  • Identity verification (Know Your Customer, or KYC) results
  • Anti-Money Laundering, or AML, screening and sanctions checks
  • Fraud detection signals and risk scoring

(g) Additional Categories

  • Commercial information (services used or considered)
  • Internet/network activity (pages viewed, features used)
  • Approximate geolocation (derived from IP)
  • Inferences (e.g., fraud risk, behavioral segmentation)

(h) Sensitive Personal Information (where applicable)

  • Government ID numbers
  • Financial account credentials
  • Biometric data (if used for identity verification)

If we are in possession of any de-identified data, we commit to maintaining and using deidentified data without attempting to reidentify the data

4. Sources of Personal Information

We collect personal information from:

  • You directly
  • Service providers (e.g., KYC vendors, payment processors)
  • Public databases and regulatory sources
  • Automated technologies (cookies, logs, analytics tools)

5. Purposes of Processing

We process personal information for the following purposes:

(a) Platform Operation – email address; username; name; date of birth; government ID; government ID numbers (where required); account information

  • Account creation and management
  • Facilitating transactions, payments, awards, and settlements

(b) Regulatory Compliance – government ID; biometric data; date of birth; nationality; address; affiliation with publicly traded company; payment data

  • KYC/AML obligations
  • Sanctions screening
  • Regulatory reporting

(c) Risk, Fraud, and Security – government ID; biometric data; date of birth; nationality; address; affiliation with publicly traded company; payment data; platform usage data

  • Fraud detection and prevention
  • Monitoring suspicious activity
  • Enforcement of platform rules

(d) Product Improvement – information from cookies; logs; clicks; session data; user behavior

  • Analytics and performance optimization
  • Feature development, including to train our artificial intelligence tools

(e) Communications – contact information; email; telephone numbers; mailing address

  • Service-related messages
  • Customer support
  • Marketing (subject to applicable law)
  • Link clicks
  • Data opening data

We limit our collection and use of personal information to what is reasonably necessary and proportionate for these purposes. Certain data elements are used only for specific functions (e.g., identity data for compliance).

5A. Automated Decision-Making and Profiling

We may use automated systems to:

  • Detect fraud and suspicious activity
  • Conduct risk scoring and monitoring
  • Support regulatory compliance

These systems may analyze transaction patterns, behavioral data, and device information.

For EEA/UK users:

You may have the right to:

  • Request human review
  • Obtain additional information about the logic involved

6. Legal Bases for Processing (EEA/UK)

PurposeLegal Basis
Platform operationContractual necessity
Compliance (KYC/AML)Legal obligation
Fraud and securityLegitimate interests
Product improvementLegitimate interests
MarketingConsent (where required)

7. Data Retention

Data CategoryRetention PeriodRationale
Identity dataAccount life + 5–10 yearsRegulatory compliance
Financial data5–10 yearsAudit/legal obligations
Communications2–5 yearsDisputes/support
Technical logs12–24 monthsSecurity/analytics
Marketing dataUntil opt-out or inactivityMarketing management

We may retain data longer where required by law or investigations.

8. Sharing and Disclosure

We disclose personal information to:

(a) Service Providers

  • Infrastructure and cloud providers
  • Payment processors and financial institutions
  • Identity verification and compliance vendors
  • Fraud prevention and risk analytics providers
  • Customer support providers
  • Analytics providers

The categories of data we may provide to service providers, as well as the corresponding purpose of each category, are set forth below:

Data CategoryPurpose
Identity dataIdentity verification; KYC and AML screening; payment processing
Contact informationPayment processing; user inquiries, customer service communications; disputes, identity verification
Biometric dataIdentify verification; KYC and AML screening
Government-issued identification numbersIdentify verification; KYC and AML screening
Payment informationPayment processing; KYC and AML screening; performance tracking; fraud prevention
Financial dataAudit; legal obligations
CommunicationsDisputes; support
Technical logsSecurity; analytics
Marketing dataMarketing management
Information from cookiesAuthentication; security; fraud prevention; session continuity; core platform functionality; user preferences; clicks; session data; advertising identifiers; conversion events; cross-site tracking data

These parties are contractually restricted in their use of personal information when they act on our behalf. Some third-party providers may independently collect personal information when you visit our site. For example, our site includes social media features connected with social networking sites such as X, LinkedIn, and Facebook. Those sites may collect your IP address and which page you are visiting on the site, and may set a cookie to enable social media features to function properly. Our authorized third-party vendors and partners have their own privacy notices which govern the use, handling, and disclosure of your personal information. For example, your interactions with social media sites, including any personal information you provide via buttons or links to these sites, are governed by the privacy policy/notice of the social media company.

(b) Regulators and Authorities

  • Law enforcement and courts
  • Financial regulators
  • Government agencies

(c) Business Transfers

  • Mergers, acquisitions, financing events

(d) Affiliates

  • Internal operational purposes

9. International Data Transfers

We may transfer personal information to jurisdictions outside your own, including the United States.

Where required by applicable law, we implement appropriate safeguards for cross-border transfers of personal information, including contractual protections such as standard contractual clauses approved by relevant regulators.

We conduct transfer impact assessments and implement safeguards such as encryption and access controls.

10. Data Security

We implement reasonable administrative, technical, and physical safeguards including:

  • Encryption in transit and at rest
  • Role-based access controls
  • Network monitoring and intrusion detection
  • Security testing and audits
  • Incident response procedures

No system is completely secure. In the unlikely event that we believe the security of your personal information in our possession or control may have been compromised, we may seek to notify you. As applicable, we will comply with security breach notification requirements.

11. Platform Transparency and Visibility

Due to the nature of the Platform:

  • Certain transaction or market activity may be visible to other users
  • This may include positions, outcomes, or aggregated activity

While we seek to limit direct identification, activity may in some cases be attributable to you based on behavior, patterns, or external data.

12. Your Rights

You have the following rights with respect to the data we collect:

  • Confirm our use of your personal information
  • Access personal information we have collected about you, including the right to request certain categories of information and information about third parties to whom we disclosed personal information
  • Obtain a copy of your personal information in a portable, usable format
  • Delete personal information we have collected from you, subject to legal exceptions
  • Correct inaccuracies in your personal information
  • Opt out of the sale of personal information, the use of personal information for targeted advertising, and profiling in furtherance of decisions that produce legal or similarly significant effects
  • Limit use of sensitive personal information

We do not sell personal information for monetary consideration.

We may disclose certain identifiers, device information, internet or network activity information, and similar information to analytics, advertising, and marketing partners, including providers such as Google Analytics or Meta Pixel, for purposes of analytics, advertising, and marketing. Under certain U.S. state privacy laws, these disclosures may be considered a “sale,” “sharing,” or use for targeted advertising. These activities are subject to opt-out rights.

Where you have given us consent to process your personal information for a specific purpose, you may withdraw that consent for processing that has not yet occurred.

While we hope that we can resolve any questions or concerns you may have, you may lodge complaints with a supervisory authority.

13. Exercising Your Rights

Contact:

  • Email: [email protected]
  • Address: 255 California St., 6th Floor, San Francisco CA 94111
  • Phone: 1 (800) 289-5290

We may authenticate your identity by asking you to verify your identity via email or over the phone. We reserve the right to verify the identity of any person making a request to opt-out or to delete or modify personal information; provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion made by us for any reason.

We will respond within applicable legal timelines (typically 30–45 days).

If 45 days after you send us a request, we have not responded to your request or asked for additional time to respond to your request, or we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action by contacting [email protected]. For us to properly process your appeal, you must use “Rights Request Appeal” as the subject line of your email.

You also have the right to not be discriminated against for exercising any of your rights.

Authorized agents may submit requests on behalf of California residents.

14. Cookies and Tracking

We use cookies for:

  • Core functionality
  • Analytics
  • Personalization

You can manage preferences through browser settings or the Platform’s cookie banner

14A. Privacy Signals

We may recognize opt-out preference signals such as Global Privacy Control (GPC) where required by law.

15. Children’s Privacy

The Platform is not intended for individuals under 18.

We may implement age verification measures and reserve the right to suspend accounts suspected of underage use.

16. Changes to This Policy

We may update this Privacy Policy periodically and will provide notice of material changes by email, as required. If you do not agree with the changes, you must stop using our site and services. You can also withdraw your consent to any further processing of your personal information.

17. Contact

Email: [email protected]

END OF DOCUMENT

© 2026 UpsideOnly · Powered by Perpetuals