What are you looking to do with Polymath?
Last Updated: May 2020
Your privacy is important to us. Polymath Inc. (“Polymath”, “we”, or “us”) wants you to be familiar with how we collect, use and disclose your Personal Information.
This Policy also describes other important topics relating to your privacy.
If you are a user in the UK or the European Economic Area ("EEA"), please refer to our section "Users in UK and EEA" which provides information on the rights that you have specifically under the General Data Protection Regulation and the UK's Data Protection Act 2018 (collectively we call them the "European Data Protection Laws").
By using the Services, or by otherwise choosing to submit Personal Information to Polymath, for users outside of the UK and EEA, you consent to the collection, use and disclosure of your information as outlined in this Policy. If you are a user in the UK or EEA, please refer to our section "Users in UK and EEA" which provides information on the basis on which we may process your personal information. At any time, you have the right to remove your consent to the collection, and future use and disclosure of your information, subject to reasonable notice and legal, contractual and technological limitations. You may make this request by writing to the e-mail address set out below.
We may change this Policy from time to time. If we make material changes, we will take reasonable steps to notify you, such as by revising the effective date at the top of the Policy or placing a notice on our Websites and associated platforms through which you use our Services, or at our discretion, contacting you using any contact information you have provided. We encourage you to review the Policy whenever you access the Services to stay informed about our information practices.
The following is a short summary of the key elements of this Policy. You can read the full version of the Policy following this summary.
We may collect the following Personal Information and other information from you:
We may use your Personal Information for the following purposes:
We may share your Personal Information with the following parties / for the following purposes:
How to contact us:
What Personal Information Do We Collect About You?
Personal Information refers to any information about an identifiable individual.
Your Ethereum public address is collected on-chain when you utilize our Ethereum Smart Contracts to configure securities tokens directly on the Ethereum blockchain. Please see the section “Information Recorded On-Chain” for more information on how information on-chain is processed.
We collect the following Personal Information and other information from you when you use the Ethereum TokenStudio, including:
We collect the following Personal Information and other information when you request to open an account on Polymesh and our Services provided on Polymesh, including Polymesh TokenStudio and Polymesh Wallet:
We also collect information that you provide directly to us when you access and use the Services, including:
Please note that where you provide us with the information of another person such as a token recipient, you must have their permission to give it to us for that purpose.
Information that we Collect
When you access or use the Services, we collect certain information using cookies, web beacons, and similar tracking technologies. Cookies are small data files stored directly on the device you are using that allow us to collect information to help the Services function properly, and to report on activities and trends so that we can improve the services. This information includes:
Your browser gives you the ability to reject cookies. However, setting your browser or device to reject cookies generally hinders performance and may adversely affect your experience while using the Services.
How do we Use your Personal Information?
Information we collect is used by Polymath and its service providers to:
We may aggregate and anonymize Personal Information so that it may not be used to identify you or any other individual. We do so to generate data for our use, which we may use and disclose for any purpose, if permitted by applicable law.
Who do we share your information with?
We share information about you as follows or as otherwise described in this Policy:
Information Recorded On-Chain
“On-chain” operations refer to those operations that occur on a blockchain such as Ethereum and Polymesh and are permanently recorded on the records of the blockchain.
Any information that you attach to an “on-chain” operation may be viewed by the public, meaning that others will have access to this content and it may be viewed, collected and used by others. Further, due to the nature of blockchain technology, information that is recorded “on-chain” cannot practically be corrected or revised.
Information may be recorded “on-chain” in the following circumstances:
If you choose to voluntarily disclose Personal Information in an “on-chain” operation, that information will be available to the public (for example, anyone who views the public blockchain). We will not be able to control how members of the public access or use such information, nor can it be deleted as it is released outside of our control. Think carefully and use caution relating to the disclosure of any Personal Information before you request any operations to be processed “on-chain” on Ethereum or Polymesh as described herein.
Users in UK and EEA
The following information is only applicable to users located in the UK or the EEA or otherwise within the scope of European Data Protection Laws.
Basis for Processing
We are allowed to process your Personal Information for the following reasons and on the following legal bases:
Where Personal Information is processed with consent, you may choose to withdraw your consent at any point by contacting us as described below in the "Contact Us" section.
Rights as Data Subjects
As a data subject, you have the following rights under the European Data Protection Laws:
For you to exercise these rights, please get in touch with us using the information in the section "Contact Us". We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex and/or if we receive a high number of requests, in which case we will respond within three months.
Please be aware that there are exceptions and exemptions that apply to some of the rights which we will apply in accordance with the applicable laws. Moreover, due to the nature of blockchain technology, information that is recorded “on-chain” cannot practically be corrected, revised or deleted. Please see the section “Information Recorded On-Chain” for more information.
Similarly, you may complain to the relevant supervisory authority in your country. In the UK this is the Information Commissioner's Office, information about how to contact this regulator can be found at www.ico.org.uk. Ideally, we recommend that you get in touch with us first so we can resolve any issues directly with you as quickly as possible.
Transfer of Personal Information Outside UK and EEA
Any transfer of your Personal Information outside the UK and the EEA will be carried out in accordance with the European Data Protection Laws to safeguard your privacy rights and give you remedies in the unlikely event of a security breach or to any other similar approved mechanisms.
The Personal Information we collect is stored on our servers or those of our service providers. We retain Personal Information in accordance with our record retention policies. Our record retention periods are established taking into account requirements of privacy laws, the purposes for which the information was collected, legal and regulatory requirements to retain the information for minimum periods, limitation periods for taking legal action, and our business needs. We may retain anonymous and aggregate information indefinitely.
Polymath uses physical, technological, and organizational security measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. Our employees, representatives and agents will have access to your Personal Information as necessary for the purposes described in this Policy.
Personal Information may be accessed by persons within our organization, or our third party service providers, who require such access to carry out the purposes indicated in this Policy, or such other purposes as may be permitted or required by the applicable law. Personal Information we collect is managed from our affiliate offices in Toronto, Ontario, Canada.
However, while we have taken steps to help protect your Personal Information, we cannot fully eliminate security risks associated with Personal Information. No security measures can provide absolute protection. We cannot ensure or warrant the security of any information you provide to us.
We may Transfer Personal Information Outside of your Country
Some or all of the Personal Information we collect may be stored or processed outside of your jurisdiction of residence, including in the United States. Your Personal Information may be processed and stored in the United States and the governments, courts or law enforcement or regulatory agencies of the United States may be able to obtain disclosure of your Personal Information through a lawful order made where the information is located.
By providing us with Personal Information, for users outside of the UK and EEA, you understand and expressly agree that we may transfer your information to another country, including the US. If you are a user in the UK or EEA, please refer to our section “Transfer of Personal Information Outside UK and EEA”. If you do not agree to the transfer of your Personal Information outside of your jurisdiction (including to the US), as described here, do not provide us with Personal Information.
This Policy does not apply to third party sites
Access and Correction
You may request access to your Personal Information and to request a correction if you believe it is inaccurate.
Please contact us by e-mail at firstname.lastname@example.org if you would like to exercise either of these options. Please note that in some circumstances we may not be able to allow you to access certain Personal Information, for example if it contains Personal Information of other persons, or for legal reasons. We may require you to verify your identity before allowing you to access your Personal Information.
If you have any questions about this Policy, please contact our Policy Department at email@example.com.
You may also contact our Privacy Officer in our affiliate office at 3130 – 155 Wellington Street West, Toronto, Ontario, Canada, Postal Code: M5V 3H6.