Privacy Policy

This Privacy Policy explains how PolyBlock Limited (“PolyBlock,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal data when you access our website, APIs, documentation, sandbox environments, and related services (collectively, the “Services”).

PolyBlock Limited is registered in England and Wales (Company No. 15080139) with its registered office at 154–160 Fleet Street, Unit 303, London, England, EC4A 2DQ.

We are committed to processing personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), the Data Protection Act 2018, and other applicable data protection laws.

1. Scope of This Policy

This Privacy Policy applies when:

  • You visit our website
  • You request access to our API or sandbox
  • You contact us for enterprise, partnership, or technical inquiries
  • You use our Services as an individual

Where we process personal data strictly on behalf of customers under a Data Processing Addendum, we act as a processor and this Privacy Policy does not override the customer’s own privacy obligations.

2. Personal Data We Collect

2.1 Information You Provide Directly

We may collect:

  • Name
  • Email address
  • Company name
  • Job title
  • Contact details
  • Account credentials
  • Communications and support requests

2.2 Technical and Usage Information

When you access our website or Services, we may collect:

  • IP address
  • Device and browser information
  • Log files and API usage metrics
  • Access timestamps
  • Error reports and performance data

2.3 Blockchain-Related Data

Depending on how the Services are used, we may process:

  • Wallet addresses
  • Transaction metadata
  • Network identifiers

Blockchain data may be publicly available by nature. However, where it can be linked to an identifiable individual, it may constitute personal data.

2.4 Information from Third Parties

We may receive personal data from:

  • Identity or verification service providers
  • Enterprise customers
  • Analytics or infrastructure providers

3. Legal Bases for Processing

We process personal data under one or more of the following legal bases:

  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate interests (e.g., security, service improvement)
  • Consent (where required)

Where processing is based on consent, you may withdraw consent at any time.

4. How We Use Personal Data

We use personal data to:

  • Provide and maintain the Services
  • Authenticate users and manage accounts
  • Monitor performance and security
  • Prevent fraud and abuse
  • Respond to inquiries and support requests
  • Comply with legal and regulatory obligations
  • Improve and develop our Services

We do not sell personal data.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain session functionality
  • Analyze website performance
  • Improve user experience

You can control cookies through your browser settings. Where required by law, we obtain consent before placing non-essential cookies.

6. Sharing of Personal Data

We may share personal data with:

  • Cloud and infrastructure providers
  • Analytics and monitoring providers
  • Professional advisers (legal, accounting)
  • Regulators or authorities where required by law

All third parties are required to maintain appropriate confidentiality and security safeguards.

7. International Transfers

Personal data may be transferred outside the UK or EEA. Where such transfers occur, we ensure appropriate safeguards, including:

  • UK International Data Transfer Agreement (IDTA)
  • EU Standard Contractual Clauses (SCCs)
  • Transfers to jurisdictions with adequacy decisions

8. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Encryption in transit
  • Access controls and authentication mechanisms
  • Monitoring and logging systems
  • Secure infrastructure practices

No system is entirely secure; however, we take reasonable steps to protect data against unauthorized access or disclosure.

9. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfill contractual obligations
  • Comply with legal requirements
  • Resolve disputes
  • Enforce agreements

Retention periods may vary depending on the nature of the data and legal obligations.

10. Your Rights

Subject to applicable law, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of data
  • Restrict or object to processing
  • Request data portability
  • Lodge a complaint with a supervisory authority

In the UK, the supervisory authority is the Information Commissioner’s Office (ICO).

To exercise your rights, contact us at the details below.

11. Automated Decision-Making

We do not engage in automated decision-making that produces legal or similarly significant effects without human involvement.

12. Children’s Data

The Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through our website or other appropriate channels.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact:

PolyBlock Limited
154–160 Fleet Street, Unit 303
London, England, EC4A 2DQ

By using the Services, you acknowledge that you have read and understood this Privacy Policy.