1. Scope of This Policy
This Policy applies to:
• All users who visit, register on, or use the Platform;
• Information collected through our website, mobile applications, APIs, and associated services;
• Information collected in connection with our KYC/AML compliance obligations.
This Policy does not apply to third-party websites or services linked from the Platform. We encourage you to review the privacy policies of those third parties independently.
2. Information We Collect
2.1 Information You Provide to Us
Category | Examples |
Identity Information | Full legal name, date of birth, nationality, government-issued ID (passport, national ID, driver's licence), selfie / liveness check images |
Contact Information | Email address, phone number, residential address |
Financial Information | Source of funds declaration, wallet addresses, transaction history on the Platform |
KYC / AML Documentation | Proof of address (utility bill, bank statement), enhanced due diligence documents as required |
Account Information | Username, account preferences, communication preferences |
Communications | Correspondence with our support and compliance teams |
2.2 Information We Collect Automatically
Category | Examples |
Technical Data | IP address, device type, browser type and version, operating system |
Usage Data | Pages visited, features used, time spent on Platform, clickstream data |
Transaction Data | Wallet addresses, deposit/withdrawal amounts and timestamps, trade history, settlement records |
Cookies and Tracking | Session cookies, analytics cookies, preference cookies (see Clause 8) |
2.3 Information from Third Parties
We may receive personal information from:
• KYC/AML verification partners: Identity verification providers who process identity documents and biometric data on our behalf;
• Blockchain networks: Publicly available on-chain data associated with wallet addresses you connect to the Platform;
• Sanctions and PEP screening databases: Third-party services that screen users against international sanctions lists;
• Analytics providers: Aggregated and pseudonymised usage data from analytics platforms.
3. How We Use Your Information
Purpose | Legal Basis | Details |
Account creation and management | Contract performance | Creating and maintaining your account; providing Platform services |
Identity verification (KYC) | Legal obligation | Verifying your identity and eligibility to use the Platform as required by applicable AML/KYC regulations |
AML and sanctions screening | Legal obligation | Screening against international sanctions lists, PEP databases, and adverse media to comply with AML obligations |
Processing transactions | Contract performance | Facilitating deposits, withdrawals, trades, and settlement |
Platform security and fraud prevention | Legitimate interests | Detecting, investigating, and preventing fraud, market manipulation, and other abusive or illegal activity |
Compliance and legal obligations | Legal obligation | Maintaining records required by regulators; responding to lawful requests from competent authorities |
Customer support | Contract performance | Responding to your queries and resolving disputes |
Platform improvement | Legitimate interests | Analysing usage patterns to improve Platform functionality, user experience, and market offerings |
Marketing communications | Consent | Sending promotional emails, product updates, or newsletters (only where you have opted in) |
Enforcing our Terms | Legitimate interests / Legal obligation | Enforcing our Terms and Conditions and taking action against prohibited conduct |
4. KYC/AMLData—SpecialProvisions
4.1 Given the regulatory requirements applicable to prediction market and crypto asset platforms, identity verification is a mandatory condition of using the Platform's full functionality. We process identity documents and biometric data (including facial images and liveness verification) for this purpose.
4.2 Biometric and identity document data is processed by our third-party KYC provider in accordance with their privacy terms and is not retained by the Company beyond what is required for regulatory record-keeping.
4.3 KYC/AML records, including identity documents, transaction histories, and compliance review records, are retained for a minimum of 5 years from the date of account closure (or such longer period as required by applicable law).
4.4 We are required to report suspicious activity to relevant financial intelligence authorities. Making such reports is a legal obligation, and we are generally prohibited from informing you that a report has been made ("tipping off").
5. DataSharingandDisclosure
We do not sell your personal information. We share your information only as follows:
5.1 Service Providers (Data Processors)
We engage third-party service providers who process data on our behalf, including:
• KYC/AML providers (identity verification, sanctions screening)
• Cloud infrastructure providers (hosting, storage)
• Analytics providers (usage analytics — data is pseudonymised)
• Customer support platforms
• Blockchain analytics providers (on-chain transaction monitoring for AML purposes)
• Email delivery services
• Legal and professional advisers (subject to professional confidentiality obligations)
All service providers are engaged under data processing agreements and are required to implement appropriate security measures.
5.2 Legal and Regulatory Disclosure
We may disclose your information to:
• Competent regulatory authorities, financial intelligence units, or law enforcement agencies where required by applicable law or a valid legal order;
• Courts or dispute resolution bodies in connection with legal proceedings;
• Any successor entity in the event of a merger, acquisition, or sale of all or part of our business (subject to the successor maintaining equivalent data protection standards).
5.3 With Your Consent
We may share your information with third parties for other purposes where you have given your specific, informed consent.
6. International Data Transfers
Your personal information may be transferred to and processed in countries other than your country of residence. Where such transfers occur, we implement appropriate safeguards, including:
• Standard contractual clauses approved by relevant data protection authorities;
• Processing only with countries that have been assessed as providing an adequate level of data protection;
• Binding corporate rules where applicable.
By using the Platform, you acknowledge that your information may be transferred internationally as described above.
7. Cookies and Tracking Technologies
7.1 We use cookies and similar tracking technologies (including pixels and local storage) to operate the Platform, analyse usage, and (where you consent) personalise your experience.
7.2 The types of cookies we use:
Cookie Type | Purpose | Legal Basis |
Strictly Necessary | Authentication, session management, security | Required for Platform operation — no consent needed |
Performance / Analytics | Understanding how users interact with the Platform | Consent |
Functional | Remembering your preferences and settings | Consent |
Marketing | Delivering relevant content and measuring campaign performance | Consent |
7.3 You can manage your cookie preferences through our Cookie Consent Manager, accessible in the Platform footer. You can also control cookies through your browser settings. Disabling strictly necessary cookies will affect Platform functionality.
7.4 We do not use tracking technologies to build advertising profiles for sale to third parties.
8. Data Retention
We retain your personal information for as long as:
• Your account remains active;
• It is necessary to provide Platform services;
• It is required to comply with applicable legal and regulatory obligations (including AML record-keeping requirements of a minimum of 5 years);
• It is necessary for the establishment, exercise, or defence of legal claims.
Upon account closure, identifiable personal information will be deleted or anonymised within 90 days, except where longer retention is required by law. KYC/AML records are retained for the periods required by applicable regulation.
9. Your Data Rights
Subject to applicable law, you may have the following rights in respect of your personal information:
Right | Description |
Access | Request a copy of the personal information we hold about you |
Rectification | Request correction of inaccurate or incomplete information |
Erasure | Request deletion of your personal information (subject to legal retention requirements) |
Restriction | Request that we restrict processing of your information in certain circumstances |
Portability | Receive your personal information in a structured, machine-readable format |
Objection | Object to processing based on our legitimate interests |
Withdraw Consent | Withdraw consent for marketing communications at any time |
To exercise any of these rights, please contact privacy@polytrade.live. We will respond within 30 days of receiving your request. We may require you to verify your identity before processing your request.
Limitations: Some rights may be limited or excluded where applicable law requires us to retain or process your information (for example, AML record-keeping obligations).
10. Security
10.1 We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. These measures include:
• Encryption of data in transit (TLS) and at rest (AES-256 or equivalent);
• Multi-factor authentication for Platform accounts and internal systems;
• Role-based access controls limiting employee access to personal data;
• Regular security audits and penetration testing;
• Incident response and business continuity procedures.
10.2 Notwithstanding the above, no system is entirely secure. We cannot guarantee absolute security and are not liable for unauthorised access that is beyond our reasonable control.
10.3 Data Breaches. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable data protection law.
11. Children's Privacy
The Platform is not intended for, and we do not knowingly collect personal information from, individuals under the age of 18. If we become aware that we have collected personal information from a minor, we will promptly delete it. If you believe a minor has provided us with personal information, please contact privacy@polytrade.live.
12. Third-Party Links
The Platform may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing them with any personal information.
13. Blockchain Data
13.1 You acknowledge that data recorded on a public blockchain network is inherently public and immutable. Wallet addresses, transaction amounts, and timestamps associated with on-chain activity are publicly visible to anyone with access to the relevant blockchain.
13.2 We cannot delete or modify on-chain data. Requests for erasure of blockchain data cannot be fulfilled to the extent such data exists on a public ledger. Our obligations under data protection law apply only to personal data in our systems and control.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be notified to you via email or a prominent notice on the Platform at least 14 days before the change takes effect. The date of the most recent revision is always indicated at the top of this Policy. Your continued use of the Platform after the effective date of a revision constitutes your acceptance of the updated Policy.
15. Supervisory Authority
If you are located in a jurisdiction with a data protection supervisory authority and you believe we have not handled your personal information in accordance with applicable law, you have the right to lodge a complaint with the relevant authority. Please contact us first so we have the opportunity to address your concern.
16. Governing Law
Any disputes arising under this Policy shall be subject to the dispute resolution provisions set out in our Terms and Conditions.
17. Contact Us
For all privacy-related queries:
General Privacy Queries | |
Data Subject Rights Requests | |
Urgent Security Concerns |