Privacy Policy

Last Updated: January 2025

At PaddleUp, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

1. Compliance Overview

PaddleUp is committed to compliance with:

  • CCPA (California Consumer Privacy Act) - For California residents
  • PIPEDA (Personal Information Protection and Electronic Documents Act) - For Canadian users
  • COPPA (Children's Online Privacy Protection Act) - Age 13+ requirement
  • Apple App Store Guidelines - iOS privacy requirements
  • Industry Best Practices - Including data minimization and encryption

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, profile photo, and authentication credentials
  • Profile Data: Skill level (DUPR rating), playing preferences, and availability
  • Location Data: GPS location (only when you explicitly allow it) to find nearby players and events
  • Communication Data: Messages sent through our platform and support tickets
  • Payment Information: Processed securely through Apple's payment system for Club+ subscriptions

2.2 Information Collected Automatically

  • Device Information: Device type, operating system version, unique device identifiers
  • Usage Data: App features used, match history, and interaction patterns
  • Performance Data: Crash reports and performance metrics

3. How We Use Your Information

We use your information to:

  • Provide player matching based on skill level and location
  • Facilitate event discovery and registration
  • Enable messaging between matched players
  • Process Club+ subscription payments
  • Improve app functionality and user experience
  • Send important service updates and notifications
  • Ensure safety and prevent fraudulent activity

4. Information Sharing and Disclosure

We never sell your personal information. We share information only in these circumstances:

  • With Your Consent: When you explicitly agree to share
  • Other Players: Profile information visible to matched players
  • Service Providers: Trusted partners who help operate our service (e.g., Supabase for data storage)
  • Legal Requirements: If required by law or to protect rights and safety
  • Business Transfers: In the event of merger or acquisition (with continued privacy protection)

5. Data Security

We implement industry-standard security measures:

  • Encryption: All data transmitted using TLS/SSL encryption
  • Secure Storage: Data stored with encryption at rest
  • Access Controls: Role-based access and authentication
  • Regular Audits: Security assessments and updates
  • Row Level Security (RLS): Database-level access controls

6. Your Privacy Rights

6.1 Rights for All Users

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Receive your data in a portable format
  • Opt-Out: Unsubscribe from marketing communications

6.2 Additional Rights for California Residents (CCPA)

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by us
  • Right to opt-out of sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising privacy rights

6.3 Additional Rights for Canadian Residents (PIPEDA)

  • Right to know why information is being collected
  • Right to expect information to be used only for stated purposes
  • Right to access personal information and verify accuracy
  • Right to complain to the Privacy Commissioner of Canada

7. Data Retention

We retain your information for as long as necessary to provide our services:

  • Active Accounts: Data retained while account is active
  • Deleted Accounts: Most data deleted within 30 days of account deletion
  • Legal Obligations: Some data may be retained longer if required by law
  • Anonymized Data: May be retained indefinitely for analytics

8. Children's Privacy

PaddleUp is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover such information has been collected, we will promptly delete it.

9. International Data Transfers

Your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international transfers in compliance with applicable laws.

10. Third-Party Services

Our app integrates with:

  • Google Sign-In: For authentication (governed by Google's privacy policy)
  • Apple Sign In: For authentication (governed by Apple's privacy policy)
  • Google AdMob: For advertising to free users (you can upgrade to Club+ for ad-free experience)
  • Supabase: For secure data storage and real-time features

11. Contact Us

For privacy-related questions or to exercise your rights:

Email: privacy@paddleupclub.com

In-App: Settings > Privacy > Contact Privacy Team

Response Time: Within 30 days for most requests

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes through:

  • In-app notifications
  • Email to your registered address
  • Prominent notice on our website

Continued use of PaddleUp after changes indicates acceptance of the updated policy.

This privacy policy is effective as of January 2025 and was last updated on January 2025.

PaddleUp is committed to protecting your privacy and ensuring transparency in our data practices.