Your data is yours. We just help you use it.

Account information: When you create an account, we collect your name, email address, and password (hashed, never stored in plain text).

Golf data: Swing videos, launch monitor data, round scores, equipment details, practice sessions, and strokes gained statistics you upload or enter.

Coach-player data: If you connect with a coach, we store coaching sessions, prescriptions, feedback, and video analysis shared between you.

Device information: Device type, operating system, app version, and crash reports to improve the app experience.

Payment information: Processed securely by Stripe. We never see or store your full card number.

We use your information to:

• Provide AI-powered swing analysis and coaching tools
• Calculate strokes gained statistics from your rounds
• Enable coach-player communication and session tracking
• Process credit purchases and subscriptions
• Send essential service emails (account, security, billing)
• Improve app performance and fix bugs

When you submit swing videos or data for AI analysis, your content is sent to our AI processing pipeline (OpenAI). Your data is used solely to generate your analysis and is not used to train AI models. AI analysis results are stored in your account for your reference.

We do not sell your personal information. We share data only:

• With your coach: If you connect with a coach, they can see your swing videos, round data, and practice submissions.
• Service providers: Supabase (database/auth), Stripe (payments), OpenAI (AI analysis), Vercel (hosting), Daily.co (video calls). Each processes data only as needed to provide their service.
• Legal requirements: If required by law or to protect the safety of our users.

All data is encrypted at rest and in transit. We use Row Level Security (RLS) on every database table so users can only access their own data. Video storage uses time-limited signed URLs with no permanent public links. Authentication uses PKCE flow with secure session management.

Your data is retained as long as your account is active. If you delete your account, we remove your personal data within 30 days. Some anonymized, aggregated data may be retained for analytics.

You may optionally connect third-party services like Arccos, Garmin, or launch monitor platforms. When you do, we access only the data you authorize and store it in your account. You can disconnect integrations at any time.

Stroke Gained is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, contact us and we will delete it.

You have the right to:

• Access and download your personal data
• Correct inaccurate information
• Delete your account and associated data
• Opt out of marketing emails
• Disconnect third-party integrations

California residents have additional rights under the CCPA. Contact us for details.

We may update this policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the app after changes constitutes acceptance.

Questions about this privacy policy? Email us at bank@strokegained.com.