Polymath Privacy Notice (Children Users)

Last Updated: 27 March 2026

Who should read this? This notice explains how we collect, use, and protect Personal Data about Child Users (individuals under 16) who play Polymath. It is written for parents/guardians and educators so they can understand our practices under applicable child‑privacy laws. We comply with local child‑privacy requirements such as the U.S. Children’s Online Privacy Protection Act (“COPPA”) and the Family Educational Rights and Privacy Act (“FERPA”).

Refer to our privacy centre for more information about how we handle other types of data.

1 Definitions & Scope

  • "Polymath", "we", "us", "our" – Celadon AI Ltd., a company incorporated in New Zealand (NZBN 9429049431452) with its principal office at 9 Sunderland Ave, Auckland 0618, New Zealand.
  • "Services" – The Polymath educational game, companion websites, mobile/desktop apps, and related features.
  • "Personal Data" / "Personal Information" – Information that identifies or can reasonably be linked to an identified or identifiable natural person.
  • "Users" – All individuals who interact with the Services, including Guardians, Educators, and Child Users.
  • "Adult Users" – Guardians and Educators aged 16 or older.
  • "Guardians" – Parents or legal guardians who create, supervise, or manage a child account.
  • "Educators" – Teachers or school administrators who use Polymath in a classroom or other educational setting.
  • "Child Users", "Children" – Individuals under 16 years of age who use the Services, typically under the supervision of a Guardian or Educator.
  • "Polymath Friends" – Features of the Services that enable Child Users to connect and interact with other Child Users within a controlled in-game environment.
  • "Friend Code" – A unique, system-generated code that may be used by a Child User to request a connection with another Child User within the Services.
  • "Connection" – A relationship established between two Child Users within the Services that enables limited in-game interaction and visibility between those users.
  • "Shared Environment" – An in-game space in which multiple Child Users can interact, view, or contribute to gameplay activities.
  • "Classroom Setting" – Polymath uses a combination of user behaviours, user role information, IP addresses and publicly available data to attempt to determine when a user is accessing Polymath from within a classroom setting. This data is used to determine whether the Educators or Guardians preferred play settings should take precedence. This is a best-effort estimation.
  • "Play Location" – Refers to the location from which a Child User is accessing Polymath (this will be either from within a Classroom Setting, or from a location outside of the Classroom Setting).

This Children’s Privacy Notice applies globally wherever Polymath is offered. If you are an Adult User using Polymath for yourself, please see our Adult Privacy Notice instead.

2 Information We Collect

2.1 Information Children Provide to Us

We collect only minimal information that a child intentionally enters in the game:

  • Nickname – a self‑chosen screen name; real names are neither requested nor required.

Children cannot submit free‑text messages, voice chat, or photos through the game.

2.2 Information We Collect Automatically

As with most online services, we and our service providers automatically capture certain information about how the child’s device interacts with Polymath:

  • Gameplay metrics – lesson or level, scores, progress, time‑on‑task, and similar performance data. We use this to adapt difficulty and generate progress reports.
  • Technical details – IP address (from which we infer a coarse location such as country or state), device and browser type, operating‑system version, and crash or diagnostics logs.

We do not collect precise geolocation, advertising identifiers, or behavioural‑tracking cookies, and we never use the data described above for targeted advertising.

2.3 Information from Third‑Party Sources

If an Educator chooses to enable single sign‑on (SSO) or classroom‑management integrations (for example, Google Classroom or Clever), we may receive the child’s:

  • Full name;
  • Email address.

As supplied by that platform so that the child can sign in and be added to the correct class. We receive no other information from third parties unless the supervising Adult User initiates the transfer.

An Educator enabling these options acts as consenting party for the collection and use of this data for the Children under their supervision.

3 How We Use Children’s Information

  • Provide and operate the game – allow sign‑in, save progress, and deliver educational content (legal basis: contractual necessity with the supervising Adult User; verified parental consent).
  • Personalise learning – adjust question difficulty and lesson sequencing based on performance data (legitimate interest in providing an effective educational experience).
  • Report progress to Adult Users – show Guardians and Educators how a child is doing in each topic .
  • Maintain security and integrity – monitor for cheating, fraud, and technical issues.
  • Comply with law – meet applicable child‑privacy regulations.

We do not use Children’s Personal Data for marketing or advertising purposes.

4 How We Disclose Children’s Information

4.1 Service providers

We share data with trusted vendors (cloud hosting, analytics) who must follow our child‑privacy requirements and may process data only for us. See our subprocessors page for more information on which third parties we share with.

4.2 Disclosures to other users

4.2.1 Sharing among authorised users

  • Guardians & Educators – Child profile information (name, grade, classroom membership) is visible to the guardian(s) and educator(s) responsible for that child. Adult Users may also see Personal Data about other Adult Users responsible for that child.
  • Classroom peers – Child Users in the same classroom may see each other’s chosen in‑game name, full name, or avatar and aggregate classroom progress. Child Users using Polymath Friends may see additional information - see section 4.2.2 Sharing through multiplayer (Polymath Friends).
  • Non-classroom peers – Child Users that are not classroom peers can connect to one another using Polymath Friends and share limited information with one another - see section 4.2.2 Sharing through multiplayer (Polymath Friends).
  • Cross‑guardian visibility – Guardians can view the classrooms and educators associated with their own child. Adult Users may also see the chosen in‑game name of a child user they are not responsible for if they are connected as a friend to a Child User account that they are associated with - see section 4.2.2 Sharing through multiplayer (Polymath Friends).
  • Public areas – Adult Users who voluntarily join areas such as leaderboards may have minimal information (e.g., classroom name, country or state) shown to other participants. No child Personal Data is displayed in public areas.

4.2.2 Sharing through multiplayer (Polymath Friends)

What is shared

A Child User may exchange a friend code to connect with other Child Users. These connections enable Child Users to interact with one another within the Services in a controlled and limited environment designed for collaborative gameplay and require consent from either an Educator or Guardian.

When connected, Child Users may:

  • access shared in-game environments;
  • participate in collaborative in-game activities (such as building);
  • transfer or share in-game resources; and
  • view aspects of each other’s in-game activity within those shared environments.

Connections allow limited in-game visibility, including a Child User’s nickname and avatar, as well as in-game actions and creations within shared gameplay contexts.

Where an Adult User (Guardian or Educator) has enabled Polymath Friends for a Child User, the Guardian can view information about that Child Users connections. This information is limited to information that is visible by the Child User under their guardianship and includes

  • the users chosen in-game name and avatar;
  • shared in-game environments;
  • view aspects of the Child Users in-game activity within those shared environments

For Child Users connected to one another with permission from an Educator, names as entered by the Educator are also shared between connected users and can be visible to their Guardians.

Polymath Friends doesn’t allow for free-text messaging, chat or voice communication. Child Users cannot use Polymath Friends to communicate personal contact information, and Polymath Friends does not enable Child Users to contact one another outside of the Services.

How connections are enabled

  • Where access to the Services is provided for a Child through an Educator in a Classroom Setting, an Educator must grant the Child User permission to use Polymath Friends. Child Users granted permission in this manner can only connect to other Child Users within the same classroom.
  • Where access to the Services is provided for a Child through a Guardian not in a Classroom Setting, a Guardian must grant the Child User permission to use Polymath Friends. Guardians are notified as connections are made, and can manage and remove these at https://relate.polymath.how/parent at any time.

These controls are intended to ensure that interactions occur only between known peers and within appropriate contexts.

How users connect

Friend codes are used to facilitate connections between Child Users. A connection requires action by both Child Users (one must initiate the request, the other must accept).

Child Users may control certain permissions within shared environments (for example, whether another Child User may view or modify in-game content), and may remove connections at any time.

These features are designed to support collaborative learning while limiting the sharing of Personal Data and reducing the risk of misuse or harmful behaviour.

4.3 Anonymisation of data

When an Adult User deletes their connection to a child, that link is removed; if no other Adult User remains, we anonymise the child’s data within 30 days. When Anonymisation occurs the Child User loses the ability to have an active connection to another Child Users account and both Child Users lose visibility of any data otherwise shared with eachother through Polymath Friends (see section 4.2).

4.4 Legal requirements

We may disclose data when required to comply with applicable laws, or to protect the safety of the child or others. We do not sell or share Children’s Personal Data for commercial purposes.

5 How We Protect Children’s Information

  • Encryption in transit & at rest.
  • Role‑based access controls (employees access only when necessary).
  • Secure development practices (code review, dependency management, employee training).
  • Data retention. We retain identifiable child data only while the account is linked to at least one Adult User. When all links are removed, data are anonymised or deleted within 30 days; encrypted backups are purged within 90 days.

6 Parental & Educator Rights & Choices

We comply with privacy laws that protect children's information at the country and state level, including COPPA and FERPA in the United States. These laws grant Guardians the right to:

  1. Review the Personal Data we have collected from their child;
  2. Direct us to delete that data;
  3. Refuse any further collection or use of the child’s data.

To exercise these rights—or to correct information—email help@polymath.how. We will verify your identity before fulfilling the request.

Educators acting on behalf of a school confirm they have authority to provide consent consistent with applicable laws and are responsible for communicating required notices to parents.

7 Updates to this Notice

We may update this Children’s Privacy Notice from time to time. We will notify Guardians and Educators of material changes via email or in‑app banner.

8 Contact Us

Questions about this Children’s Privacy Notice? Contact us at help@polymath.how.

Polymath
Download on the App StoreGet it on Google Play
© 2026 Celadon AI Limited. All rights reserved.
hello@polymath.how

About Polymath

Resources