Privacy policy.

This Privacy Policy explains how pplats ("we", "us", "our"), the company behind Pipoly.app, collects, uses, shares and protects personal data when you use our website (pplats.com) and our products, including Pipoly. pplats operates under the codeverix umbrella.

We aim to collect as little data as we need to run the product, pay people fairly, and meet our legal obligations.

1. Who we are

pplats is the data controller for personal data processed through pplats.com and Pipoly.app. You can reach us at hello@codeverix.com.

2. What we collect

Depending on how you use Pipoly, we may collect:

• Account data — name, email, password (hashed), country and language.
• Verification data — date of birth, identity signals (where required by law) and device/behavioral signals used to detect fraud.
• Payout data — bank, mobile-money or wallet details required to send you money.
• Activity data — tasks completed, polls voted on, campaigns run, and the proof attached to each.
• Communications — messages you send us via email or in-app support.
• Technical data — IP address, device type, browser, language, approximate location, and cookies (see our Cookies page).

3. Why we use it

• To provide and operate Pipoly and pplats.com.
• To verify identity, prevent fraud and protect campaign budgets.
• To process payouts on local rails.
• To match people with relevant tasks, polls and campaigns.
• To respond to your messages and support requests.
• To comply with legal, accounting and regulatory obligations.
• To improve the product through aggregated, non-identifying analytics.

4. Lawful bases (GDPR / UK GDPR)

• Contract — to deliver the service you signed up for.
• Legal obligation — for tax, anti-fraud and KYC requirements.
• Legitimate interests — to keep the platform safe and improve it.
• Consent — for optional cookies and marketing emails (you can withdraw at any time).

5. Sharing

We share personal data only when needed:

• Payment and payout providers to send and receive money.
• Identity and fraud-prevention vendors where verification is required.
• Cloud and infrastructure providers hosting our systems under data-processing agreements.
• Brands running campaigns or studies receive only the aggregated or pseudonymized data they paid for — never your contact details unless you explicitly opt in.
• Authorities when legally required (court order, regulatory request).

We do not sell personal data. Ever.

6. International transfers

Pipoly is global. Personal data may be transferred to and processed in countries outside your own. Where required, we use Standard Contractual Clauses or equivalent safeguards.

7. Retention

We keep personal data only as long as needed for the purposes above. Account data is removed within 30 days of account deletion, except for records we must keep to comply with tax, anti-fraud and accounting law (typically up to 7 years).

8. Your rights

Subject to applicable law, you can:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your account and data.
• Object to or restrict certain processing.
• Receive your data in a portable format.
• Withdraw consent for optional processing at any time.
• Lodge a complaint with your local data-protection authority.

To exercise any of these, email hello@codeverix.com. We respond within one month.

9. Security

We protect data with encryption in transit and at rest, least-privilege access controls, regular reviews and independent testing. No system is perfectly secure — if we ever suffer a breach affecting your data, we will notify you and the relevant authorities as required.

10. Children

Pipoly is not for anyone under 18 (or the age of majority in your country). We do not knowingly collect data from minors.

11. Changes

We update this policy when our practices change. The "last updated" date at the top reflects the most recent revision. Material changes will be communicated by email or in-app notice.

12. Contact

Questions, requests or complaints? Write to hello@codeverix.com.