Privacy Policy

Polychart, Inc. (“Polychart”, “we”, “us”) is the controller of your Personal Data and may process this data in accordance with this Privacy Policy. If we are processing Personal Data on behalf of a third party that is not an agent or affiliate of Polychart, the terms of this Privacy Policy do not apply — instead, the terms of that third party’s privacy policy will apply. You can contact us with any questions about our Privacy Policy at hello@getpolychart.com.

The Services may contain links to websites and services that are owned or operated by third parties (each, a “Third-party Service”). Any information you provide on or to a Third-party Service, or that is collected by a Third-party Service, is provided directly to the owner or operator of the Third-party Service and is subject to its privacy policy. We are not responsible for the content, privacy, or security practices of any Third-party Service. To protect your information, we recommend that you carefully review the privacy policies of all Third-party Services that you access.

The types of Personal Data we collect are described below.

We process your Personal Data based on legitimate business interests, the fulfillment of our Services to you, compliance with our legal obligations, and/or your consent. We only use or disclose your Personal Data when it is legally mandated or where it is necessary to fulfill the purposes described herein. Where required by law, we will ask for your prior consent before doing so.

Specifically, we process your Personal Data for the following legitimate business purposes:

• To fulfill our obligations to you under our terms of use;
• To communicate with you about and manage your account;
• To properly store and track your data within our system;
• To respond to lawful requests from public and government authorities, and to comply with applicable state and federal law, including cooperation with judicial proceedings or court orders;
• To protect our rights, privacy, safety, or property, and/or that of you or others, by providing proper notices, pursuing available legal remedies, and acting to limit our damages;
• To handle technical support and other requests from you;
• To enforce and ensure your compliance with our terms of use or the terms of any other applicable services agreement we have with you;
• To manage and improve our operations and the Services, including the development of additional functionality;
• To evaluate the quality of service you receive, identify usage trends, and improve your user experience;
• To keep the Services safe and secure for you and for us;
• To send you information about changes to our terms, conditions, and policies; and
• To allow us to pursue available remedies or limit the damages that we may sustain.

Personal Data we collect through the Services will be stored on secure servers operated by Firebase (Google Cloud), primarily in United States regions, and by Stream Chat for messaging-related data. Our marketing website is hosted by Vercel. Personal Data may be transmitted to these providers, which may store or maintain the data on their secure servers.

If we share your Personal Data with a third party other than as provided above, you will be notified at the time of data collection or transfer, and you will have the option of not permitting the transfer.

We will retain your Personal Data for as long as you maintain an account and up to six (6) years after the account is closed. The exact period of retention will depend on the type of Personal Data, our contractual obligation to you, and applicable law. We keep your Personal Data for as long as necessary to fulfill the purpose for which it was collected, unless otherwise required or necessary pursuant to a legitimate business purpose outlined in this Privacy Policy. At the end of the applicable retention period, we will remove your Personal Data from our databases and will request that our Business Partners do the same. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing of such data. We retain anonymized data indefinitely.

We use a combination of reasonable physical, technical, and administrative security controls to maintain the security and integrity of your Personal Data, to protect against any anticipated threats or hazards to the security or integrity of such information, and to protect against unauthorized access to or use of such information in our possession or control. This includes encryption in transit and at rest provided by Firebase by default, authentication, and access controls. However, internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure. As a result, we cannot ensure the security of information you transmit to us. By using the Services, you assume this risk.

We will never send you an email requesting confidential information such as account numbers, usernames, passwords, or social security numbers, and you should never respond to any email requesting such information. If you receive such an email that looks like it is from us, do not respond, do not click any links, and do not open any attachments — notify us at hello@getpolychart.com.

You are responsible for taking reasonable precautions to protect your account credentials from disclosure to third parties. You should immediately notify us at hello@getpolychart.com if you know of or suspect any unauthorized use or disclosure of your credentials, or any other security concern.

You have certain rights relating to your Personal Data, subject to applicable data protection laws. These rights may include:

• To access your Personal Data held by us;
• To erasure or deletion of your Personal Data, to the extent permitted by applicable data protection laws;
• To receive communications related to the processing of your Personal Data that are concise, transparent, intelligible, and easily accessible;
• To restrict the processing of your Personal Data, to the extent permitted by law;
• To object to the further processing of your Personal Data, including the right to object to marketing;
• To request that your Personal Data be transferred to a third party, where technically feasible;
• To receive your Personal Data in a structured, commonly used, and machine-readable format;
• To lodge a complaint with a supervisory authority;
• To rectify inaccurate Personal Data and, taking into account the purpose of processing, ensure it is complete; and
• Not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects.

Where the processing of your Personal Data by us is based on consent, you have the right to withdraw that consent without detriment at any time, or to exercise any of the rights listed above, by emailing us at hello@getpolychart.com.

You can change your profile information in the app at any time. For full deletion of your account and associated Personal Data, email hello@getpolychart.com with the subject line REQUEST FOR PERSONAL DATA DELETION.

Although we will use reasonable efforts to delete your Personal Data, you understand that it may not be technologically possible to remove every record from our systems — including backups designed to protect data from inadvertent loss. Where we cannot delete a record, we will put in place appropriate measures to prevent any further processing of such data.

We only send emails or other messages related to your account unless we have your express consent to do otherwise. We do not sell your information to third parties, and we do not share your contact information with third parties or affiliates for marketing or promotional purposes.

We do not knowingly collect Personal Data from individuals under the age of 18. Our Services are not directed to individuals under the age of 18, and we request that these individuals not provide Personal Data to us. If we learn that Personal Data from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you are aware of a user under the age of 18 using the Services, please contact us at hello@getpolychart.com.

California residents may request and obtain from us, once a year and free of charge, a list of the third parties (if any) to which we disclosed their Personal Data for direct marketing purposes during the preceding calendar year, and the categories of Personal Data shared with those third parties. If you are a California resident and wish to obtain that information, please submit your request by emailing us at hello@getpolychart.com with California Privacy Rights in the subject line.

We occasionally update this Privacy Policy. If we modify this Privacy Policy, we will post the modified terms on our website and/or notify you via the email address you have provided to us. You can store this policy and any amended version digitally, print it, or save it in any other way. Any changes to this Privacy Policy will be effective immediately upon providing notice, and shall apply to all Personal Data we maintain, use, and disclose. If you continue to use the Services following such notice, you are agreeing to those changes.

If you have any questions about this Privacy Policy, please contact us by email at hello@getpolychart.com. Please note that email communications are not always secure, so please do not include sensitive information in your emails to us.