Privacy Policy (UK)

Back to TeeTrail

Last updated: 12 March 2026

This Privacy Policy explains how TeeTrail ("we", "us", "our") collects, uses, stores, shares, and protects personal data when you use the TeeTrail website and services (the "Service") at https://teetrail.golf.

This policy is intended for users in the United Kingdom and is written with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 in mind.

Important: This is a general privacy policy template for a small web app. It is not legal advice. You should review and adapt it to reflect your actual practices.

1) Who we are (Controller)

Controller: TeeTrail
Contact email: [INSERT PRIVACY CONTACT EMAIL]
Postal address (optional): [INSERT POSTAL ADDRESS]

If you are using TeeTrail on behalf of an organisation, that organisation may also be a controller of certain data you input into the Service.

2) Personal data we collect

a) Account and profile data

  • Email address
  • Name or username
  • Profile information you choose to provide (e.g. avatar)

b) Authentication data

  • Authentication and session tokens
  • OAuth sign-in information if you choose to sign in with Google (we do not receive your Google password)

c) Usage, device, and log data

  • Pages/screens viewed and features used
  • Approximate location (derived from IP) and device/browser information
  • Event timestamps, error logs, and performance metrics

d) Golf activity and content you provide

  • Golf rounds you record (e.g. date, score, notes)
  • Courses you add/review and related metadata
  • Social features data (friends, likes, comments) where applicable

e) Communications

If you contact us, we will collect the information you provide in your message.

3) How we use your personal data

  • Provide and operate the Service (e.g. create your account, let you sign in, store your rounds)
  • Secure the Service (fraud prevention, abuse detection, debugging)
  • Send transactional communications (e.g. sign-up confirmation, invites)
  • Improve the Service (analytics, performance monitoring, feature usage insights)
  • Comply with legal obligations and respond to lawful requests

4) Lawful bases for processing (UK GDPR)

  • Contract: to provide the Service you request
  • Legitimate interests: to secure, maintain, and improve the Service
  • Consent: where required (e.g. certain cookies/technologies)
  • Legal obligation: where we must comply with UK law

5) Cookies and similar technologies

We may use cookies and similar technologies to keep you signed in, protect the Service, and measure usage and performance.

Where required by UK law (including PECR), we will request your consent before placing non-essential cookies.

6) How we share personal data

We do not sell your personal data.

a) Service providers (processors)

We may use third-party providers such as:

  • Hosting and infrastructure: Vercel
  • Database and authentication: Supabase
  • Transactional email delivery: Resend
  • Analytics and performance monitoring: Vercel Analytics and Vercel Speed Insights

b) Legal and safety

We may disclose information if we believe it is reasonably necessary to comply with a legal obligation, enforce our policies, or protect users and the Service.

c) Business changes

If we are involved in a merger, acquisition, financing, reorganisation, or sale of assets, personal data may be transferred as part of that transaction, subject to appropriate safeguards.

7) International transfers

Some providers may process data outside the UK. Where personal data is transferred internationally, we will take steps designed to ensure appropriate safeguards are in place.

8) Data retention

We retain personal data for as long as needed to provide the Service, comply with legal obligations, and resolve disputes.

9) Security

We use reasonable technical and organisational measures to protect personal data. However, no method of transmission or storage is 100% secure.

10) Your rights (UK)

You may have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Erase your personal data
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent (where processing is based on consent)

To exercise your rights, contact us at: [INSERT PRIVACY CONTACT EMAIL].

11) Children

The Service is not intended for children under 13. If you believe a child has provided us with personal data, contact us and we will take appropriate steps.

12) Links to other websites

The Service may contain links to third-party sites. We are not responsible for their privacy practices.

13) Changes to this policy

We may update this Privacy Policy from time to time and will update the “Last updated” date.

14) Complaints

If you have concerns about our use of your personal data, please contact us first so we can try to resolve it.

You also have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office (ICO)
Website: https://ico.org.uk/

15) Contact

For privacy questions and requests, contact:
Email: [INSERT PRIVACY CONTACT EMAIL]
Address (optional): [INSERT POSTAL ADDRESS]