Skip to content

Privacy Policy

Effective date: July 17, 2026

Information We Collect

We collect the minimum data needed to provide and secure PolyTrackers. For California residents, the following maps to the CCPA/CPRA categories of personal information:

  • Identifiers — email address, account ID, authentication provider ID (Google, GitHub), and public wallet addresses you connect to your profile.
  • Commercial information — subscription tier, billing cycle, and records of purchases made through our payment processor. We never receive or store your full payment card number.
  • Internet or other electronic network activity — feature interactions, request metadata, API usage, error diagnostics, and performance telemetry.
  • Geolocation data — approximate location derived from IP address for security, fraud prevention, and rate limiting. We do not collect precise GPS location.
  • Inferences — signals derived from your usage patterns (for example, anomaly preferences, risk-profile answers, tier eligibility).
  • Cookies and local storage — authentication session cookies, CSRF tokens, and client-side settings (bankroll, Kelly fraction, and similar tuning knobs).
  • Account security and trading credentials — where you enable trading features, we store trading credentials and signing material associated with your account (such as venue API credentials and, for certain configurations, encrypted wallet keys or references to third-party signing or custody providers). This material is encrypted at rest and used only to operate the features you enable. See our Terms of Service for how custody and trading authority work.
  • Consent records — when you accept our Terms of Service, Privacy Policy, or an in-app disclosure (such as the Copy-Trading Disclosure required before enabling real-money copy trading), we keep an append-only record of the document version you accepted, a server timestamp, and coarse request metadata (a truncated IP prefix — never the full address — and a summarized user-agent) so that your consent is provable.
  • Email digest subscriptions — if you request the weekly Whale Report without creating an account, we store the email address, confirmation and unsubscribe status, the public page where you subscribed, and available first-touch campaign attribution. The address is not eligible to receive reports until you confirm it by email.

How We Use Information

  • To deliver core platform features and account access
  • To power analytics, monitor performance, and improve product reliability
  • To detect abuse, prevent fraud, and maintain security
  • To communicate service updates, legal notices, support responses, and alerts you have subscribed to (for example, anomaly or whale alerts over email, Telegram, or Discord)
  • To send the weekly Whale Report and onboarding guidance you requested; every marketing email includes an unsubscribe control
  • To operate subscription billing, including renewals, cancellations, and tax collection through our payment processor

Third-Party Services

We rely on third-party processors and infrastructure providers to operate PolyTrackers. Each processes data only as needed to provide its service to us and under its own privacy and security obligations. We use providers in the following categories:

  • Cloud hosting and infrastructure — application hosting, routing, edge compute, and file storage
  • Authentication and database — managed authentication, database, and access control
  • Payment processing — subscription checkout and billing through a PCI-DSS-compliant payment processor; we never receive or store your full payment card number
  • Error monitoring and analytics — application error, performance, and usage telemetry
  • Rate limiting and caching — abuse prevention and short-lived caching
  • Email and messaging delivery — transactional email and delivery of alerts to the messaging channels you opt into
  • Blockchain and market data — on-chain data, webhook ingestion, and prediction-market data from third-party providers and the venues you trade on
  • Wallet signing and custody — embedded-wallet and delegated transaction-signing providers for users who enable trading
  • Security and bot detection — automated-abuse detection and protection on sensitive routes

We can provide the current list of the specific subprocessors we use on request. To request it, or to ask which providers process your personal data, email privacy@polytrackers.com.

Data Security

We implement technical and organizational measures designed to protect personal data and the credentials and signing material we store, including encryption of sensitive material at rest, access controls, and rate limiting and bot detection on sensitive routes. However, no method of transmission over the internet and no method of electronic storage is completely secure. We cannot and do not guarantee the absolute security of the Service, your account, or your information, and you provide and use the Service at your own risk. You are responsible for keeping your account credentials, devices, email, and authentication factors secure, and for promptly notifying us at support@polytrackers.com if you suspect unauthorized access. Where a personal-data breach is likely to require it under applicable law, we will notify affected users and the relevant authorities within the timeframes the law requires. Our liability in connection with any security incident is limited as described in our Terms of Service.

Data Retention and Deletion Rights

We retain personal data only as long as needed to provide the service, satisfy legal obligations, resolve disputes, and enforce our terms. You may request deletion of your account and associated personal data by emailing privacy@polytrackers.com, subject to any lawful retention requirements (for example, retaining billing records to meet tax and accounting obligations).

Your Privacy Rights (GDPR, CCPA/CPRA, and Similar State Laws)

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate personal information
  • Request deletion of your personal information, subject to lawful retention exceptions
  • Restrict or object to certain processing activities
  • Request portability of the personal information you provided
  • Withdraw consent where processing is based on consent

To exercise any of these rights, email privacy@polytrackers.com. We will respond within the timeframe required by applicable law (generally 45 days under the CCPA/CPRA, with one 45-day extension where permitted). We will not discriminate against you for exercising any of these rights.

International Data Transfers

We and our processors may store and process your information in countries other than the one in which you reside, including the United States. These countries may have data-protection laws that differ from those in your jurisdiction. Where we transfer personal data of individuals in the European Economic Area, the United Kingdom, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum) or another lawful transfer mechanism. By using the Service, you understand that your information may be transferred to and processed in such countries.

Do Not Sell or Share My Personal Information

PolyTrackers does not sell personal information in exchange for monetary consideration. We also do not share personal information with third parties for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA and similar state privacy laws. The third-party processors listed above act as service providers under written contracts that restrict them to processing personal information only to provide the service to PolyTrackers.

If this ever changes, we will update this page, notify existing users, and provide a “Do Not Sell or Share My Personal Information” control in the site footer before any selling or sharing begins.

Cookie Policy

We use cookies and similar technologies to keep you signed in, remember preferences, measure product usage, and improve platform performance. We do not use advertising cookies. You can manage cookie settings through your browser, but disabling certain cookies may limit functionality such as staying signed in.

Children's Privacy

PolyTrackers is not directed to children under 18 and we do not knowingly collect personal information from anyone under 18. Our Terms of Service require users to be at least 18 years old. If you believe a child under 18 has provided us with personal information, contact privacy@polytrackers.com and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the Effective date at the top of this page and, where required by law, communicated to you directly.

Contact

For privacy requests or questions, email privacy@polytrackers.com.