Skip to content
PolyTrackers Detective Orca mascotPolyTrackersBeta
Log in

Privacy Policy

Effective date: April 22, 2026

Information We Collect

We collect the minimum data needed to provide and secure PolyTrackers. For California residents, the following maps to the CCPA/CPRA categories of personal information:

  • Identifiers — email address, account ID, authentication provider ID (Google, GitHub), and public wallet addresses you connect to your profile.
  • Commercial information — subscription tier, billing cycle, and records of purchases made through Stripe. We never receive or store your full payment card number.
  • Internet or other electronic network activity — feature interactions, request metadata, API usage, error diagnostics, and performance telemetry.
  • Geolocation data — approximate location derived from IP address for security, fraud prevention, and rate limiting. We do not collect precise GPS location.
  • Inferences — signals derived from your usage patterns (for example, anomaly preferences, risk-profile answers, tier eligibility).
  • Cookies and local storage — authentication session cookies, CSRF tokens, and client-side settings (bankroll, Kelly fraction, and similar tuning knobs).

How We Use Information

  • To deliver core platform features and account access
  • To power analytics, monitor performance, and improve product reliability
  • To detect abuse, prevent fraud, and maintain security
  • To communicate service updates, legal notices, support responses, and alerts you have subscribed to (for example, anomaly or whale alerts over email, Telegram, or Discord)
  • To operate subscription billing, including renewals, cancellations, and tax collection through Stripe

Third-Party Services

We rely on the following processors and infrastructure providers to operate PolyTrackers. Each processes data under its own privacy and security obligations:

  • Supabase — authentication, database, and row-level access control
  • Vercel — hosting, routing middleware, edge functions, Vercel Blob storage (raw whale webhook capture), Vercel Analytics, and Speed Insights
  • Stripe — Checkout, Customer Portal, and billing webhooks. Stripe handles card data directly under PCI-DSS; PolyTrackers receives only non-sensitive subscription metadata and customer IDs
  • Sentry — application error monitoring and performance telemetry (client, edge, and server)
  • Upstash — Redis-based rate limiting and short-lived cache
  • Resend — transactional email (account, alert, and support messages)
  • Telegram — delivery of alerts to users who opt in through our bot
  • Discord — delivery of alerts to users who configure a Discord webhook
  • Alchemy — blockchain webhook ingestion and on-chain data services
  • Polymarket APIs — market and trading data
  • Vercel BotID (powered by Kasada) — bot detection on sensitive routes to prevent abuse

Data Retention and Deletion Rights

We retain personal data only as long as needed to provide the service, satisfy legal obligations, resolve disputes, and enforce our terms. You may request deletion of your account and associated personal data by emailing privacy@polytrackers.com, subject to any lawful retention requirements (for example, retaining billing records to meet tax and accounting obligations).

Your Privacy Rights (GDPR, CCPA/CPRA, and Similar State Laws)

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate personal information
  • Request deletion of your personal information, subject to lawful retention exceptions
  • Restrict or object to certain processing activities
  • Request portability of the personal information you provided
  • Withdraw consent where processing is based on consent

To exercise any of these rights, email privacy@polytrackers.com. We will respond within the timeframe required by applicable law (generally 45 days under the CCPA/CPRA, with one 45-day extension where permitted). We will not discriminate against you for exercising any of these rights.

Do Not Sell or Share My Personal Information

PolyTrackers does not sell personal information in exchange for monetary consideration. We also do not share personal information with third parties for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA and similar state privacy laws. The third-party processors listed above act as service providers under written contracts that restrict them to processing personal information only to provide the service to PolyTrackers.

If this ever changes, we will update this page, notify existing users, and provide a “Do Not Sell or Share My Personal Information” control in the site footer before any selling or sharing begins.

Cookie Policy

We use cookies and similar technologies to keep you signed in, remember preferences, measure product usage, and improve platform performance. We do not use advertising cookies. You can manage cookie settings through your browser, but disabling certain cookies may limit functionality such as staying signed in.

Children's Privacy

PolyTrackers is not directed to children under 18 and we do not knowingly collect personal information from anyone under 18. Our Terms of Service require users to be at least 18 years old. If you believe a child under 18 has provided us with personal information, contact privacy@polytrackers.com and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the Effective date at the top of this page and, where required by law, communicated to you directly.

Contact

For privacy requests or questions, email privacy@polytrackers.com.