Case Studies
Our RFID wristbands are more private than a conference badge. Here's how.
Here's how Polar's implementation works, what happens to the data, and why attendee privacy is protected at every layer, by architecture, not by promise.
SHARE
PUBLISHED
Author
Polar
Here's how Polar's implementation works, what happens to the data, and why attendee privacy is protected at every layer, by architecture, not by promise.
The wristband carries nothing about you
The wristband holds an anonymous token. Not your name, not your email, not your company. When it's scanned at a session entrance, the reader records that a token was present — not who that token belongs to.
A paper badge with your name and company printed on it exposes more about you than the wristband ever does. Anyone walking past can read it. The wristband is invisible, non-persistent, and carries nothing meaningful outside the controlled context of the venue hardware.
Raw data never leaves the venue
RFID signals are processed entirely on the organizer's local hardware - the reader at the door, the tablet at the session entrance. That data never leaves the venue. Individual identifiers and movement data never touch our servers. What syncs to Polar is aggregated statistics only: total check-ins, session traffic counts, peak time windows.
This is an architectural decision, not a policy. There is no pipeline that would allow us to receive individual movement data even if we wanted to. The system is built so that individual-level data has nowhere to go.
You own the data. We process it on your behalf.
Polar operates as a data processor under GDPR Article 28. The organizer is the data controller. That means the organizer owns the data, not us. We process it on their behalf, under their instructions, within the framework we enforce. Organizers decide what to import, how long to keep it, and when to delete it. When they delete it, it's gone.
We never sell attendee data. We never use it for advertising. We never share it with third parties for any commercial purpose. That's not a terms-of-service clause buried in small print — it's the business model. Polar charges organizers, not advertisers.
Compare that to a typical conference app
Ever downloaded an app for a conference? Some companies would admit to use your phone's sensors (Bluetooth beacons, WiFi positioning, sometimes GPS or the accelerometer) to locate you on the floor, often down to which booth or session room you're in. The data flows to the app vendor, to event sponsors, and into whatever analytics pipeline they've wired up. They rarely tell you. You agreed to it the moment you accepted the terms of service to download the app.
Our wristband does none of that. There's no phone in the loop. There are no sensors on your person. The hardware in the venue doesn't know who you are, and the data it produces can be fully contained in the building.
You know exactly where the data lives:
Database: Supabase, Frankfurt, Germany (AWS eu-central-1).
Analytics: PostHog EU, Frankfurt. Anonymized, no PII.
Transactional email: Postmark US, covered by Standard Contractual Clauses under GDPR Art. 46.
If your legal or procurement team needs to know where every byte lives, we can tell them.
Security that matches the architecture
Everything in transit is encrypted via TLS. Everything at rest is encrypted via AES-256. Every workspace is isolated at the database level using row-level security. Role-based access control limits who inside an organization can see what. The Chrome extension reads only from the Luma page being actively imported — nothing from other tabs, no cookies, no browsing data.
If a breach occurs, we notify the supervisory authority within 72 hours, per GDPR Art. 33.
What we never collect
No raw RFID identifiers or individual movement trails. No financial or payment information. No passwords or stored credentials. No health, biometric, or location data. No browsing history outside Polar. No data from other browser tabs, cookies, or third-party websites.
For regulated industries
If you're running events in pharma, financial services, or enterprise tech — and your procurement team has a detailed data security questionnaire — we've built for this. EU-hosted infrastructure, GDPR-compliant processing, a DPA available for enterprise clients, full sub-processor transparency, and a designated EU representative in Germany under GDPR Art. 27.
The irony: a blockchain ticket leaves a permanent, public, and undeletable record of everywhere you've ever been. Our RFID wristband leaves nothing.
Privacy isn't something we added to Polar after the fact — it's a constraint that shaped the architecture from the start. The reason raw RFID data doesn't reach our servers isn't because we promised it wouldn't; it's because we built a system where it has nowhere to go.
If your legal team, procurement team, or attendees have specific questions, we'll get on a call.
Privacy policy and sub-processor register: polargtm.com DPA requests and privacy questions: privacy@polargtm.com
