Polymath Privacy Notice (Children Users)

Last Updated: 8 May 2025

1 Definitions & Scope

• "Polymath", "we", "us", "our" – Celadon AI Ltd., a company incorporated in New Zealand (NZBN 9429049431452) with its principal office at 9 Sunderland Ave, Auckland 0618, New Zealand.
• "Services" – The Polymath educational game, companion websites, mobile/desktop apps, and related features.
• "Personal Data" / "Personal Information" – Information that identifies or can reasonably be linked to an identified or identifiable natural person.
• "Users" – All individuals who interact with the Services, including Guardians, Educators, and Child Users.
• "Adult Users" – Guardians and Educators aged 16 or older.
• "Guardians" – Parents or legal guardians who create, supervise, or manage a child account.
• "Educators" – Teachers or school administrators who use Polymath in a classroom or other educational setting.
• "Child Users", "Children" – Individuals under 16 years of age who use the Services, typically under the supervision of a Guardian or Educator.

This Children’s Privacy Notice applies globally wherever Polymath is offered. If you are an Adult User using Polymath for yourself, please see our Adult Privacy Notice instead.

2 Information We Collect

2.1 Information Children Provide to Us

We collect only minimal information that a child intentionally enters in the game:

• Nickname – a self‑chosen screen name; real names are neither requested nor required.

Children cannot submit free‑text messages, voice chat, or photos through the game.

2.2 Information We Collect Automatically

As with most online services, we and our service providers automatically capture certain information about how the child’s device interacts with Polymath:

• Gameplay metrics – lesson or level, scores, progress, time‑on‑task, and similar performance data. We use this to adapt difficulty and generate progress reports.
• Technical details – IP address (from which we infer a coarse location such as country or state), device and browser type, operating‑system version, and crash or diagnostics logs.

We do not collect precise geolocation, advertising identifiers, or behavioural‑tracking cookies, and we never use the data described above for targeted advertising.

2.3 Information from Third‑Party Sources

If an Educator chooses to enable single sign‑on (SSO) or classroom‑management integrations (for example, Google Classroom or Clever), we may receive the child’s:

• Full name;
• Email address.

As supplied by that platform so that the child can sign in and be added to the correct class. We receive no other information from third parties unless the supervising Adult User initiates the transfer.

An Educator enabling these options acts as consenting party for the collection and use of this data for the Children under their supervision.

3 How We Use Children’s Information

• Provide and operate the game – allow sign‑in, save progress, and deliver educational content (legal basis: contractual necessity with the supervising Adult User; verified parental consent).
• Personalise learning – adjust question difficulty and lesson sequencing based on performance data (legitimate interest in providing an effective educational experience).
• Report progress to Adult Users – show Guardians and Educators how a child is doing in each topic .
• Maintain security and integrity – monitor for cheating, fraud, and technical issues.
• Comply with law – meet applicable child‑privacy regulations.

We do not use Children’s Personal Data for marketing or advertising purposes.

4 How We Disclose Children’s Information

4.1 Service providers

We share data with trusted vendors (cloud hosting, analytics) who must follow our child‑privacy requirements and may process data only for us. See our subprocessors page for more information on which third parties we share with.

4.2 Disclosures to Adult Users

A child’s nickname, course/grade, and performance reports are shared with the Guardian(s) and Educator(s) linked to that child’s account. When an Adult User deletes their connection to a child, that link is removed; if no other Adult User remains, we anonymise the child’s data within 30 days.

4.3 Classmates & friend codes

With parental consent, a child may exchange a friend code to connect with other Children Users. Connections allow limited in‑game visibility (nickname and avatar) but no free‑text or voice chat. Guardians can manage or disable connections at https://relate.polymath.how/parent at any time.

4.4 Legal requirements

We may disclose data when required to comply with applicable laws, or to protect the safety of the child or others. We do not sell or share Children’s Personal Data for commercial purposes.

5 How We Protect Children’s Information

• Encryption in transit & at rest.
• Role‑based access controls (employees access only when necessary).
• Secure development practices (code review, dependency management, employee training).
• Data retention. We retain identifiable child data only while the account is linked to at least one Adult User. When all links are removed, data are anonymised or deleted within 30 days; encrypted backups are purged within 90 days.

6 Parental & Educator Rights & Choices

We comply with privacy laws that protect children's information at the country and state level, including COPPA and FERPA in the United States. These laws grant Guardians the right to:

1. Review the Personal Data we have collected from their child;
2. Direct us to delete that data;
3. Refuse any further collection or use of the child’s data.

To exercise these rights—or to correct information—email help@polymath.how. We will verify your identity before fulfilling the request.

Educators acting on behalf of a school confirm they have authority to provide consent consistent with applicable laws and are responsible for communicating required notices to parents.

7 Updates to this Notice

We may update this Children’s Privacy Notice from time to time. We will notify Guardians and Educators of material changes via email or in‑app banner.

8 Contact Us

Questions about this Children’s Privacy Notice? Contact us at help@polymath.how.