Platform
Platform OverviewEmail MarketingSMS MarketingWhatsAppPush NotificationsRCS MessagingAI CampaignsAnalyticsAutomationCustomer Data Platform
Solutions
SolopreneursGrowing TeamsEnterpriseE-CommerceSaaSConsumer AppsMarketplaces
More
PricingBlogLaunch PlaybookCompany
Get StartedLog in

Privacy Policy

Last Updated: November 10, 2025

1. PURPOSE OF THIS PRIVACY NOTICE

This Privacy Notice sets out how PolarGX processes your personal data (or personal information or similar under other data legislation around the world – referred to only as "personal data" in this Privacy Notice) in connection with our business, including the provision of our Site and our Services.

In particular, this Privacy Notice explains our approach to any personal data that we might collect from you (i) when you use our Site or Services (ii) during any other interactions with us, or (iii) which we might otherwise process when providing Services to our Customers (including the personal data we collect, why we collected it and your rights in respect of our processing of your personal data).

This Privacy Notice is intended to assist you in making informed decisions when using the Site and our Services. Please take a moment to read and understand this Privacy Notice. It should be read in conjunction with our Terms of Service, Acceptable Usage Policy and Cookie Policy.

Finally, this Privacy Notice is intended to meet the requirements of the Regulation (EU) 2016/79 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (known as "GDPR"), as well as the "UK GDPR" (as defined in the UK Data Protection Act 2018). When we say GDPR, we mean both the EU and UK versions. Please refer to the Country Specific Provisions section for details of how your personal data will be processed in accordance with US regulations (including the California Consumer Privacy Act ("CCPA"), as amended by California Privacy Rights Act ("CPRA")) where appropriate.

2. SCOPE OF THIS PRIVACY NOTICE

This Privacy Notice only applies to the use of your personal data obtained by us, whether from you directly or from a third party. It does not apply to personal data collected by third parties during your communications with those third parties or your use of their products or services (for example, where you follow links on our Site to third party websites over which we have no control).

The policy applies to all Services and products that PolarGX (and, if applicable, its affiliates) offers.

This Privacy Notice is not intended to cover the processing of workplace personal data. Accordingly, if you are engaged as a worker for us, please see our Employee Privacy Notice which sets out further information about how we may process your personal data in connection with your employment and/or engagement. Further, PolarGX has a separate privacy policy for job candidates. This is provided when a candidate submits their job application. If you have any queries in relation to the use of your candidate information, please contact HR@polargx.com

3. DEFINITIONS

Below are some defined terms used in this Privacy Policy:

"Customer" refers to an organisation who is a customer of PolarGX;

"End User" refers to our Customer's end users;

"PolarGX Platform" means the business to business cross channel marketing platform that PolarGX provides to its Customers;

"Services" means the products and services that PolarGX provides to its Customers, including the PolarGX Platform; and

"Site" refers to https://polargx.com.

4. CHANGES TO THIS POLICY

We will update this Privacy Notice from time to time to reflect any changes or proposed changes to our use of your personal data, or to comply with changes in applicable law or regulatory requirements. We may notify you by email of any significant changes to this Privacy Notice, but we encourage you to review this Privacy Notice periodically to keep up to date on how we use your personal data. If we update this Privacy Notice, we will update the effective date at the top of the page.

5. ABOUT US

The Site and Services are made available by various companies in the PolarGX group of companies (each a "Group Company").

Where this Privacy Notice refers to "PolarGX", "we", "us, "our", this means one or more of the particular Group Companies that provide the particular Site or Services.

The processing activities of the following entities is covered by this Privacy Notice:

Location: United States

PolarGX Inc.

A Delaware Corporation

Austin, TX

Responsible for:

  • Provision of Services to Customers
  • Management of the Site

For the purpose of this Privacy Notice, unless we state otherwise, each Group Company shall be considered a data controller of your personal data in connection with the use cases identified in this Privacy Notice.

Please note that in many cases where we process personal data in relation to Services that we provide, we may carry out the activities referred to in this Privacy Notice in our capacity as a data processor (or similar under other data legislation around the world) acting on behalf of our Customers. In such situations, it would be our Customers who are the data controller, and any data subject should refer to the relevant Customer privacy notices for information about how their personal data is processed. We have made this distinction clear in the Privacy Notice.

6. HOW TO CONTACT US

To exercise your privacy rights, see "How do we process privacy requests" below. However, if you have specific questions about this Privacy Notice you can contact us using the following methods:

Email: legal@polargx.com

Post:

PolarGX Inc.

Austin, TX

United States

If you are from the EU or UK you can also write to:

EU GDPR Representative: [To be designated]

UK GDPR Representative: [To be designated]

7. TYPE OF PERSONAL DATA WE COLLECT/PROCESS

When we talk about personal data we mean any information which relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address) or to other factors that are specific to them, such as their physical appearance. Categories of personal data we may collect and process about you include:

Account data:

Data that is related to our Customer's Account with PolarGX, such as Identity Data and Contact Data and other information you may provide to us in your interactions with our staff.

Identity Data:

First name; last name.

Contact Data:

Address; billing address; business email address; telephone number; company name; job title; LinkedIn URL; social media handle; emergency contact (if required).

Image Data:

Photos; video recordings.

Financial Data:

Bank account details; partial payment card details.

Transaction Data:

Details about payments made between you and us; details of services purchased from us.

Profile Data:

Interests and preferences; contact preferences; whether you have participated in any promotions or competitions; feedback and survey responses; dietary preferences; the content of any messaging you send using any Enquiry Form or Chat function on the Site.

Behavioural Data:

Data relating to your browsing activity or interaction with our emails, obtained through the use of cookies, pixel tags and other similar technologies; information about when your current or previous sessions started; details about any services you viewed or purchased through the Site; information you shared within the PolarGX Community pages.

Technical Data:

IP address; browser type and operating system; geolocation, to ensure we're showing you the correct notices and information; any other unique numbers assigned to a device.

Marketing and Communications Data:

Marketing preferences; service communication preferences.

Publicly Available Data:

Information about articles (or similar) that you may have published; Information about your interests or affiliations.

PolarGX Platform Data:

Information about your usage and interaction with the PolarGX Platform.

Support Data:

Information, images and files you may share with our technical support staff when you interact with them and through support tickets.

For more information about the personal data we collect please refer to section 'HOW WE USE PERSONAL DATA' below.

8. CUSTOMER END USER INFORMATION WE PROCESS AS A PROCESSOR

PolarGX is a B2B company. We provide our Services so that Customers can enable the deployment of email, SMS, push notifications, in-app messages and web push messaging to End Users. In providing these Services, PolarGX processes personal data relating to End Users ("End User Data") that the Customer submits to the Services or instructs us to process on their behalf, in connection with the Services. Except where outlined in this Privacy Notice, the Customer is the controller of this End User Data. PolarGX may generate aggregated statistics from End User Data. Please refer to the 'Insight and analysis' section below for further information.

9. HOW WE COLLECT PERSONAL DATA

We may collect and receive your personal data using different methods:

Personal data you provide to us:

You may give us your personal data directly, for example, when you obtain services via our Site, contact us with enquiries, complete forms on our Site, subscribe to receive our marketing communications or provide feedback to us. We may also collect your data if we have attended an event and obtained your permission to add you to our database.

Personal data we collect using cookies and other similar technologies:

When you access and use our Site and the PolarGX Platform, we will collect certain Behavioural Data and Technical Data. We collect this personal data by using cookies and other similar technologies (see the "Insight and analysis" section below).

Personal data received from third parties:

We may receive personal data about you from third parties. Such third parties may include our Customers who have used our refer a friend facility on our Site, analytics providers, third parties that collect data from publicly available sources in order to assist us identifying prospective Customers and with delivering personalised communications to prospective Customers and third parties that provide technical services to us so that we can provide our Site and our Services.

Publicly available personal data:

From time to time, we may collect personal data about you (Identity Data, Contact Data, or Publicly Available Data) that is contained in publicly available sources (including open source data sets or media reports) or that you or a third party may otherwise make publicly available (for example through speeches at events or publishing articles or other news stories or posts on social media platforms).

10. WHO WE COLLECT PERSONAL DATA ABOUT

We collect and process personal data from the following people:

  • Site visitors: We will collect and process your personal data in connection with your interaction with us and our Site
  • People who contact us with enquiries: If you contact us with an enquiry through our Site, submit a complaint or provide any feedback to us in our surveys and feedback forms, we will collect and process your personal data in connection with your interaction with us and our Site.
  • Customer personnel: We may collect and process your personal data in connection with the supply of Services to you and/or your organization.
  • End Users: We may collect and process your personal data in order to provide our Services to our Customers and for insight and analytics purposes.
  • Partner/supplier personnel: If you (or your organisation) supply products or services to us or otherwise partner with us, we may collect and process your personal data in connection with our receipt of those products and services and/or partnership.
  • Visitors to our offices: If you attend one of our physical offices or other locations, we may process personal data that you volunteer in connection with your visit and any enquiries you make.
  • Event attendees: If you attend one of our events (conferences, webinars, meetings), we will process personal data about you in connection with your attendance at the event.

18. YOUR DATA PROTECTION RIGHTS

You have certain rights in relation to the personal data we hold about you, as described below. PolarGX does not restrict your rights according to the region you are located.

Please note, these rights are not absolute and there may be situations where we are unable to fulfil your request e.g. if it's incompatible with our financial and legal obligations.

Your right of access:

If you ask us, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data (along with certain other details). If you require additional copies, we may charge a reasonable fee for producing those additional copies.

Your right to rectification:

If the personal data we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have shared your personal data with others, we'll let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we will also tell you who we've shared your personal data with so that you can contact them.

Your right to erasure:

You can ask us to delete or remove your personal data in some circumstances, such as where we no longer need it or where you withdraw your consent (where applicable). If we have shared your personal data with others, we will let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal data with so that you can contact them directly.

Your right to restrict processing:

You can ask us to "block" or suppress the processing of your personal data in certain circumstances such as where you contest the accuracy of that personal data or you object to us processing it for a particular purpose. This may not mean that we will stop storing your personal data but, where we do keep it, we will tell you if we remove any restriction that we have placed on your personal data to stop us processing it further. If we've shared your personal data with others, we'll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we'll also tell you who we've shared your personal data with so that you can contact them directly.

Your right to data portability:

You have the right, in certain circumstances, to obtain personal data you have provided to us (in a structured, commonly used and machine-readable format) and to reuse it elsewhere or to ask us to transfer it to your chosen third party.

Your right to object:

You can ask us to stop processing your personal data, and we will do so, if we are: (i) relying on our own or someone else's legitimate interest to process your personal data, except if we can demonstrate compelling legal grounds for the processing; or (ii) processing your personal data for direct marketing purposes.

Your rights in relation to automated decision-making and profiling:

You have the right not to be subject to a decision when it is based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for the entering into, or the performance of, a contract between you and us.

Your right to withdraw consent:

If we rely on your consent (or explicit consent) as our legal basis for processing your personal data, you have the right to withdraw that consent at any time. You can exercise your right of withdrawal by contacting us using our contact details in the "How to contact us" section above or by using any other opt-out mechanism we may provide, such as an unsubscribe link in an email.

Your right to lodge a complaint with the supervisory authority:

If you have a concern about any aspect of our privacy practices, including the way we have handled your personal data, please contact us using the contact details provided in the "How to contact us" section above. You can also report any issues or concerns to a national supervisory authority in the Member State of your residence or the place of the alleged infringement. You can find a list of contact details for all EU supervisory authorities at https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

How do we process privacy requests?

Privacy requests are processed by PolarGX using this link: https://preferences.polargx.com/privacy. Please click on the link and begin the process. PolarGX will take reasonable steps to verify the identity of the requestor and, we may ask you to provide proof of identity in order to respond to privacy requests in accordance with GDPR, CCPA, CPRA and any other applicable privacy legislation. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal data from you than we currently have.

In some circumstances we are required to hold onto a copy of your personal information for business or legal purposes, this can include billing, technical support, law enforcement or litigation. When we no longer need this information we will delete the information if we are legally able to.

If you are a Customer and want further information as to how you can exercise your data rights an End User please talk to your CSM or refer to the support documentation.

17. CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL DATA

We are committed to keeping the personal data you provide to us secure and we have implemented information security policies, rules and technical measures to protect the personal data under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. In addition, all our employees and data processors (i.e. those who process your personal data on our behalf) are obliged to respect the confidentiality of the personal data of all users of our Site and those who purchase our Services.

PolarGX's security design and requirements are guided by industry defined best practices, including NIST and ISO 27001. PolarGX is both ISO 27001 and SOC 2 Type II certified. Internal Information Security policies and procedures, control framework, and risk matrix are defined and regularly reviewed to monitor coverage and effectiveness.

Please be advised that the security of information transmitted through the internet cannot be guaranteed. Protecting your password and authentication methods is your responsibility.

Your PolarGX account information is protected by a password for your privacy and security. PolarGX uses Transport Layer Security ("TLS") to encrypt all data communication over Hypertext Transfer Protocol ("HTTP"), otherwise known as HTTP Secure ("HTTPS").

22. PERSONAL DATA OF MINORS

Our Site is not intended for use by, or targeted at, minors (individuals under the age of 16) and we do not knowingly collect personal data of minors. If you are under 16, you cannot use the Site.

If we discover that we are holding the personal data of a minor, we will delete that information as soon as possible. Please contact us if you have reason to believe that a minor may have submitted personal data to us (see the "How to contact us" section above).

23. COUNTRY SPECIFIC PROVISIONS

PolarGX offers the ability for all individuals to control their data under the "Your Data Protection Rights" section; we do not make this dependent on your region.

UNITED STATES

California Residents

If you are a resident of California, you have additional rights under the CCPA.

CCPA secures the following privacy rights for California consumers:

  • The right to know about the personal information a business collects about them
  • The right to delete personal information collected from them (with some exceptions)
  • The right to opt-out of the sale of their personal information
  • The right to non-discrimination for exercising their CCPA rights

CCPA is known as CPRA effective January 1, 2023 updating CCPA legislation, making it easier to understand and will provide employees and contractors (HR Individuals) rights under CCPA.

New rights under CPRA include:

  • The right to correct
  • The right to limit use of sensitive information
  • The right to access information about automated decision making
  • The right to opt-out of automated decision making

PolarGX does not sell your personal information or share information for cross context behavioural advertising.