Privacy Policy

1. Introduction

Welcome to GolfSocietyHQ ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our golf league management platform at www.golfsocietyhq.com (the "Service").

By using GolfSocietyHQ, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

When you register for and use GolfSocietyHQ, we collect the following personal information:

• Account Information: Full name, email address, password (encrypted)
• Profile Information: Golf handicap, profile photo (optional), phone number (optional)
• League Information: League membership details, scores, event participation
• Payment Information: Payment details are processed securely through Stripe (we do not store credit card information)

2.2 Automatically Collected Information

When you use our Service, we automatically collect certain information:

• Usage Data: Pages visited, features used, time spent on the Service
• Device Information: IP address, browser type, device type, operating system
• Cookies and Tracking: We use cookies and similar technologies to enhance your experience

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Maintain the Service: Create your account, manage leagues, calculate handicaps, and enable all features
• Process Payments: Handle subscription payments and billing through our payment processor (Stripe)
• Communication: Send event invitations, RSVP reminders, league updates, and important service notifications
• Improve Our Service: Analyze usage patterns to enhance features and user experience
• Customer Support: Respond to your inquiries and provide technical assistance
• Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Within Your League: Your name, handicap, scores, and RSVP status are visible to other members of your golf league
• Service Providers: We share data with trusted third-party service providers:
  • Supabase (database and authentication)
  • Stripe (payment processing)
  • Resend (email delivery)
  • Vercel (hosting and infrastructure)
• Legal Requirements: We may disclose information if required by law or to protect our rights
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred

5. Data Security

We implement industry-standard security measures to protect your personal information:

• All data is encrypted in transit using HTTPS/TLS
• Passwords are hashed using bcrypt/Argon2 algorithms
• Database access is protected with Row Level Security (RLS)
• Payment information is handled exclusively by PCI-compliant Stripe
• Regular security audits and updates to our infrastructure

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Service. If you request account deletion, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate information through your profile settings
• Deletion: Request deletion of your account and associated data
• Data Portability: Receive your data in a structured, machine-readable format
• Opt-Out: Unsubscribe from marketing emails (event notifications and league communications will continue)
• Object: Object to processing of your data in certain circumstances

To exercise these rights, please contact us at golfsocietyhq@gmail.com.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Keep you signed in to your account
• Remember your preferences and settings
• Analyze how you use our Service to improve performance
• Prevent fraud and enhance security

Most web browsers allow you to control cookies through their settings. However, disabling cookies may limit your ability to use certain features of our Service.

9. Third-Party Links

Our Service may contain links to third-party websites (e.g., golf course websites). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

10. Children's Privacy

GolfSocietyHQ is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at golfsocietyhq@gmail.com, and we will delete it promptly.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from those in your jurisdiction. We ensure appropriate safeguards are in place to protect your data in compliance with this Privacy Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. GDPR Compliance (For EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to be informed about how your data is used (covered in this policy)
• Right to access your personal data
• Right to rectification of incorrect data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making and profiling

Our legal basis for processing your data is primarily based on: (1) your consent when you create an account, (2) performance of our contract with you, and (3) our legitimate business interests.