Privacy Policy
Polywards · Operated by Polytools LLC
Last updated: June 2026
This Privacy Policy explains how Polytools LLC, the company operating the Polywards platform ("Polywards", the "Company", "we", "us"), collects, uses, shares, and protects personal data when you use our website, platform, and related services (the "Services"). We are committed to processing personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), where applicable. By using the Services, you acknowledge the practices described in this Policy.
1. Data Controller
Polytools LLC, a Wyoming limited liability company with its registered office at 30 N Gould St, Ste R, Sheridan, WY 82801, United States, acts as the data controller for the personal data processed through the Services. For any privacy-related request, contact us at: support@polywards.com.
2. Personal Data We Collect
We collect the following categories of personal data:
- Identification and contact data: name, email address, country of residence, and information you provide when creating an account.
- Identity verification (KYC) data: where we are required to verify your identity, age, or location, we may collect a copy of a government-issued identification document, your date of birth, and related verification data. This information is collected only when necessary for verification, fraud prevention, and compliance purposes.
- Transaction data: records of Enrollment Fees paid, program tier selected, and purchase history. Full payment card details are processed directly by our third-party payment providers and are not stored by us.
- Platform activity data: your interactions with Challenges, virtual account performance, and usage of platform features.
- Technical and location data: IP address, browser type, device identifiers, operating system, approximate location, and similar information collected automatically, including to detect the use of VPNs or proxies and to enforce jurisdictional restrictions.
- Communications data: the content of messages you send to our support team.
3. How We Use Your Data
We process your personal data to:
- Create and manage your account and provide access to the Services.
- Verify your identity, age, and location where required for fraud prevention, compliance, and reward eligibility.
- Process Enrollment Fee payments and issue any Performance Rewards.
- Operate, maintain, and improve the platform and personalise your experience.
- Communicate with you regarding your account, support requests, and service updates.
- Detect, prevent, and address fraud, abuse, rule violations, and security incidents.
- Comply with our legal obligations, including sanctions and anti-money-laundering requirements, and enforce our Terms and Conditions.
4. Legal Bases for Processing
Where the GDPR applies, we rely on: performance of a contract (to provide the Services you request); compliance with legal obligations (including identity verification and sanctions screening); our legitimate interests (such as securing the platform, preventing fraud, and improving the Services); and your consent, where required (for example, certain cookies or marketing communications). You may withdraw your consent at any time.
5. How We Share Your Data
We do not sell your personal data. We share it only with:
- Payment providers: to process Enrollment Fees and reward payments securely.
- Identity verification providers: to confirm your identity, age, or location where required.
- Service providers: such as hosting, analytics, customer support, and communication tools acting on our behalf under appropriate data processing agreements.
- Legal and regulatory authorities: where disclosure is required by law or necessary to protect our rights, our users, or the public.
- Business successors: in the event of a merger, acquisition, or sale of assets, subject to equivalent privacy protections.
6. Hosting & International Data Transfers
The platform is hosted on third-party cloud infrastructure located in the European Union. Our application servers run on Vercel infrastructure in Dublin, Ireland, and our primary database is hosted on Supabase (Amazon Web Services, region eu-west-1, Ireland). The primary storage and processing region for your personal data is therefore the European Union (Ireland).
The Company (Polytools LLC) is established in the United States, and certain of our sub-processors are established in or process data from the United States. As a result, some personal data may be transferred to, accessed from, or processed in the United States and other countries outside the European Economic Area (EEA).
Where personal data is transferred outside the EEA, we ensure an adequate level of protection through appropriate safeguards, namely: (i) the European Commission's Standard Contractual Clauses (SCCs) incorporated into our agreements with the relevant providers; and (ii) where a recipient is certified under it, the EU–U.S. Data Privacy Framework (DPF).
Our main sub-processors include Vercel (hosting), Supabase (database), Cloudflare (real-time infrastructure), Stripe (payments), and Privy (authentication and wallet services). A current list of our sub-processors and the safeguard applicable to each is available on request at support@polywards.com, where you may also request a copy of the relevant safeguards.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes set out in this Policy, including to meet legal, accounting, and reporting obligations. Identity verification records are retained only for the period required by applicable anti-money-laundering and compliance rules. When data is no longer required, we securely delete or anonymise it.
8. Your Rights (GDPR)
Subject to applicable law, you have the right to: access your personal data; request correction of inaccurate data; request erasure; restrict or object to processing; request data portability; and withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local data protection authority. To exercise any of these rights, contact us at support@polywards.com.
9. California Privacy Rights (CCPA)
If you are a California resident, you have the right to: know what categories of personal information we collect and how we use them; request access to or deletion of your personal information; and not be discriminated against for exercising your privacy rights. We do not sell personal information as defined under the CCPA. To exercise these rights, contact us at support@polywards.com. You may use an authorised agent to submit a request on your behalf, subject to verification.
10. Cookies & Tracking
We use cookies and similar technologies to operate the website, remember your preferences, analyse usage, and improve the Services. You can manage non-essential cookies through our cookie banner or your browser settings. Disabling certain cookies may affect functionality.
11. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
12. Children's Privacy
The Services are intended for users aged 18 and over. We do not knowingly collect personal data from minors. If we become aware that we have collected such data, we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. The revised version will be published on our website with an updated "last updated" date. We encourage you to review it periodically.
14. Contact
For any questions about this Privacy Policy or our data practices, contact us at: support@polywards.com.
Polywards (Polytools LLC) — Privacy Policy.