Legal

Privacy Policy

Effective: May 27, 2026 Last Updated: May 27, 2026

1. Introduction

This Privacy Policy describes how Birdie's Indoor Golf Club LLC ("Yips," "we," "us," or "our") collects, uses, and shares information when you use the Yips mobile application (the "App") and related services (collectively, the "Service").

By using the Service, you agree to the practices described in this Policy. If you do not agree, please do not use the Service.

2. Information We Collect

Information You Provide

Account information: email address, display name, handle, and (optionally) an avatar image when you create an account.
Golf profile information: handicap index, home course, and city/state, if you choose to provide them.
Round and score data: scores you log, hole-by-hole data, and game formats (Nassau, Skins, Banker, and similar formats).
Social information: friend connections, group and league memberships you create or join, and round coordination data — including rounds you post with open spots, rounds you join, and the courses, dates, and tee times associated with them.
Ledger entries: records showing who owes whom based on your tracked games. These are records only — Yips does not hold, transfer, or process money.
Optional payment handles: Venmo, CashApp, or Zelle handles you choose to display so friends know how to settle up with you directly. We never receive or transmit these payments.

Information Collected Automatically

Push notification tokens (if you enable notifications) so we can deliver alerts about rounds, invitations, and ledger updates.
Device and diagnostic information through Sentry for crash reporting and debugging (see Section 4).

Information from Third-Party Sign-In

If you sign in with Apple or Google, we receive a verified identity token (email, name) for account creation. We do not receive ongoing data from these providers after sign-in.

3. How We Use Your Information

We use the information we collect to:

Operate, maintain, and improve the Service.
Authenticate your account and keep it secure.
Display your profile, scores, and ledger entries to your friends and groups.
Send push notifications you have opted in to.
Diagnose crashes and fix bugs.
Communicate with you about your account or material updates to the Service.

We do not sell your personal information. We do not use your information for advertising or marketing profiling.

4. Third Parties Who Receive Your Information

We rely on the following service providers to operate the Service. Each only receives the data needed to perform its role.

Provider	Purpose	Data Received
Clerk	Identity and authentication	Email, name, and authentication tokens
Railway	Backend hosting and PostgreSQL database	Service data (encrypted in transit and at rest)
Expo	App delivery and over-the-air updates	App version and device platform metadata
Sentry	Crash and error monitoring	Clerk user ID and request context (no additional personal information)
Cloudinary	Avatar image hosting	Avatar images you upload
Apple Push Notification Service	iOS push notification delivery	Device push tokens and notification payloads
Apple / Google (OAuth)	Sign-in only	Identity verification at sign-in; no ongoing data sharing

We may also disclose information if required by law, subpoena, or other valid legal process, or to protect the rights, property, or safety of users, the public, or Yips.

5. Data Retention

Account data is retained until you delete your account.
Sentry crash reports are retained for approximately 30–90 days.
Server logs on Railway are retained for approximately 30 days.

When you delete your account, your personal data (email, name, handle, avatar, handicap, home course) is removed. To preserve the integrity of shared histories — your friends' round records and ledger entries — references to you within those shared records are anonymized to "Deleted User" rather than removed entirely.

6. Your Rights and Choices

You can:

Delete your account at any time from within the App (Settings → Delete Account). This triggers the anonymization process described above.
Request a copy of your data by emailing us at [email protected].
Request a correction to any inaccurate information by emailing [email protected].
Disable push notifications in your device settings.

Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

Know what personal information we collect, use, disclose, and (if applicable) sell or share about you.
Access a copy of the personal information we hold about you.
Correct inaccurate personal information.
Delete your personal information, subject to certain exceptions.
Opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under the CCPA/CPRA.
Non-discrimination — we will not discriminate against you for exercising any of these rights.

To exercise these rights, email [email protected]. We will verify your request by confirming you control the email address on the account. You may also designate an authorized agent to make a request on your behalf; we will require written proof of authorization.

Additional Rights for EU/UK Residents (GDPR/UK GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the right to:

Access the personal data we hold about you.
Rectify inaccurate or incomplete data.
Erase your data ("right to be forgotten"), subject to legal exceptions.
Restrict or object to certain processing.
Data portability — receive your data in a structured, commonly used, machine-readable format.
Withdraw consent at any time where processing is based on consent.
Lodge a complaint with your local data protection authority.

Our legal bases for processing your data are: (a) performance of a contract with you (to provide the Service); (b) your consent (e.g., for push notifications); and (c) our legitimate interests in operating, securing, and improving the Service.

To exercise any of these rights, email [email protected]. We will respond within the timeframes required by applicable law (generally one month under the GDPR).

7. Children's Privacy

Yips is rated 12+ and is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete the account promptly. If you believe a child under 13 has provided us information, please contact [email protected].

8. Security

We use industry-standard measures to protect your information, including encryption in transit (HTTPS/TLS) and encryption at rest at our hosting provider. No system is perfectly secure, however, and we cannot guarantee absolute security.

9. International Users

Yips is operated from the United States. By using the Service, you consent to your information being transferred to and processed in the United States, which may have different data-protection laws than your country.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date above and, for material changes, provide additional notice within the App. Continued use of the Service after a change constitutes acceptance.

11. Contact

Questions about this Policy or about your data?

Birdie's Indoor Golf Club LLC

[email protected]