Polymatcha Privacy Policy

Summary

Polymatcha is a study app. We collect the information needed to run accounts, sync study data, create cards, provide social/discovery features, process support requests, and operate the service. We do not sell personal information, run third-party ads, or track you across other companies' apps or websites.

Information we collect

• Account information, such as your email address and user ID, when you sign in.
• Profile information you choose to add, such as your name, display name, bio, and profile photo.
• Study content you create or import, including decks, cards, prompts, answers, source text, study history, review state, and deck sharing or publishing choices.
• Photos or images you choose to use for card creation, including marked-up versions used to understand selected regions.
• Social and discovery activity, such as follows, friend requests, shared decks, comments, notifications, and reactions.
• Feedback or support messages you send to us.
• Basic technical information handled by our hosting and backend providers, such as IP address, request logs, device or browser metadata, and error diagnostics.

How we use information

We use this information to provide sign-in, sync your library, save and review cards, generate draft cards, show profiles and discovery features, respond to support, prevent abuse, debug issues, and maintain the app.

AI and photo features

If you use AI card generation, the text, instructions, draft cards, and selected images needed for that request may be sent to OpenAI through our backend. For photo-based generation, the backend stores task metadata and generated output, not the raw photo payload as a library item. OpenAI may process the request according to its own service terms and privacy commitments.

Sharing

Your private decks and cards are not public unless you share them, publish them, or use a discovery/community feature. Profile fields and profile photos you add may be visible through profile, friend, following, discovery, or activity features. Profile photos are stored as public avatar files so they can be displayed in the app.

Service providers

• Supabase, for authentication, database storage, file storage, and backend infrastructure.
• Vercel, for website and API hosting.
• OpenAI, when you use AI card generation or photo reading features.
• Apple, for App Store, TestFlight, crash, diagnostic, and payment-related platform services.

Retention and deletion

We keep account, profile, study, and support data for as long as needed to provide the app, comply with legal obligations, resolve disputes, prevent abuse, and maintain backups. You can delete your account in the app from Profile or Settings, then Account, then Delete account. Account deletion permanently removes your account, profile, study data, user-created decks and cards, social data, comments, avatar, and AI task data associated with the account, subject to any legal or security obligations. You can also email christopherdoyle967@gmail.com for privacy questions.

Device permissions

Polymatcha may ask for camera or photo library access so you can take or choose photos for card creation. You can change these permissions in iOS Settings. We do not request contacts, precise location, microphone, health, or advertising tracking permissions.

Security

We use reasonable technical and organizational measures to protect personal information. No internet service can guarantee perfect security.

Children

Polymatcha is not directed to children under 13. If you believe a child has provided personal information, contact us and we will review the request.

Changes

We may update this policy as the app changes. The current version will be posted at https://polymatcha.com/privacy.