P

Privacy Policy

Last updated: 19 April 2026

1. Who controls your data

Guru Softwares Ltd (UK), trading as PolyGuru, is the data controller. Contact: hello@gurusoftwares.co.uk.

2. What we collect

  • Account: email, optional name, hashed password (if using email/password auth), OAuth identity (if using social login).
  • Billing: Stripe customer ID and subscription state. We do not store your card details — Stripe holds them directly.
  • Usage: bets you log in your portfolio, watchlist selections, risk/bankroll configuration, WhatsApp number (if you opt into alerts).
  • Product analytics: basic page-view counts to improve the product. No ad-network tracking.
  • Geo:country-level only, derived from IP to comply with Polymarket's jurisdictional restrictions.

3. Why we use it

  • Operate the service (login, subscription, portfolio).
  • Send transactional email (alerts, digests, receipts).
  • Improve AI accuracy (aggregated, anonymised).
  • Meet legal and compliance obligations.

Legal bases (GDPR): contract performance (operate the service), legitimate interests (service improvement), consent (WhatsApp alerts), legal obligation (tax, KYC if required).

4. Who we share with

  • Stripe— payment processing. Subject to Stripe's privacy policy.
  • Resend — transactional email delivery.
  • Twilio (optional) — WhatsApp alerts if you opt in.
  • Vercel — app hosting; request logs retained for ≤30 days for debugging.
  • Turso — encrypted database hosting in AWS eu-west-1.
  • Anthropic / Google— your market question text is sent to their LLM APIs to produce analyses. Input and output are not used to train these vendors' models (enterprise terms).

We do not sell personal data to third parties.

5. How long we keep it

  • Account + billing: while your account is active, then 6 years for tax.
  • Usage / portfolio: until account deletion.
  • Request logs: ≤30 days.
  • Analyses + signals: indefinitely (anonymised aggregates only).

6. Your rights (UK/EU GDPR)

You have the right to access, correct, delete, or export your data, and to object to processing. Email us and we'll handle it within 30 days. You also have the right to lodge a complaint with the UK ICO.

7. Cookies

We use a minimal set of cookies for session management, CSRF, and preference storage (e.g. default bet amount). No advertising cookies. See our Cookie Policy for details.

8. Security

Passwords are hashed with bcrypt; data at rest is encrypted by our hosting providers. We use HTTPS everywhere. If we discover a breach affecting your data, we will notify you within 72 hours as required by GDPR.

9. Children

PolyGuru is for adults only (18+). We do not knowingly collect data from minors.

10. Changes

Material changes will be emailed to active users at least 14 days before taking effect.