Privacy Policy
This is plain-English about what data Friendly Wagers collects, why we collect it, and what we do with it. We tried to write it the way we'd want it written for ourselves. If anything reads as ambiguous, email us at support@friendlywagers.golf and we'll fix it.
1. Who we are
Friendly Wagers is an app for tracking the bets you already make with your friends on the golf course. We're an independent developer based in the United States. When this policy says "we" or "us," that's who we mean.
2. What we collect, and why
2.1 Account information
When you sign up, we collect the minimum we need to give you an account:
- Sign in with Apple: a private relay email (or your real one, your choice) and your name. We do not see your Apple ID.
- Email sign-in: the email address and password you provide. Passwords are managed and hashed at rest by our authentication provider (Supabase) using industry-standard algorithms — we never see your password in plain text.
- Optional: a display name and profile photo you choose. These are visible to friends you play with.
If you upload a profile photo (a Premium feature), it's stored on Supabase Storage in the US, served via a public URL so other round participants can see it, and capped at 1MB resized to 512×512 JPEG. You can remove it any time in Settings — that deletes the file from Storage and clears the URL from your profile.
2.2 Round and wager data
This is the core of what the app does. We store:
- The rounds you create or join, including the course, date, players, format(s), wager amounts
- Your scores hole-by-hole
- Settlement results (who owes whom at the end of the round)
- Your running head-to-head balances in the Vault
This data is yours. It exists so the app can compute settlements, sync across your devices, and show you a history of your rounds. We do not sell it, share it with advertisers, or use it to train AI models.
2.3 Subscription and purchase information
If you subscribe to Friendly Wagers Premium, Apple handles the payment. We receive a transaction receipt from Apple that confirms your subscription status (active, expired, trial). We never see your credit card, Apple ID, or billing address.
2.4 Diagnostic and performance data
We use Apple's MetricKit framework to collect anonymized crash reports and performance metrics (app launch time, memory usage). This data is aggregated by Apple and shared with us without personal identifiers. You can opt out in iOS Settings → Privacy & Security → Analytics & Improvements.
2.5 What we do not collect
- Your location (the app does not request or use location services)
- Your contacts (we use invite codes, never your contact list)
- Your photo library (profile photos use the system photo picker, which gives us only the photo you choose)
- Any tracking identifiers across other apps or websites (we do not implement App Tracking Transparency because we do not track)
- Health, fitness, or activity data
3. How we use your data
We use the data above exclusively to:
- Run the service — sync your rounds across your devices, compute settlements, maintain Vault balances
- Show you and your playing partners the data needed to play a round together (your name, scores, and wager status are visible to other players in a round you create or join)
- Provide customer support when you contact us
- Diagnose crashes and improve performance
- Send you transactional notifications you've opted into (round invitations, settlement confirmations) — not marketing emails
We do not use your data for advertising. We do not have ads in the app and we never will.
4. Who we share data with
The short answer: we share with the minimum necessary set of service providers to run the app, and with the people you play with.
| Service | What they handle | Where they're based |
|---|---|---|
| Supabase | Database hosting, authentication, real-time score sync | United States (encryption in transit and at rest) |
| Apple | Sign in with Apple, In-App Purchase, push notifications, MetricKit diagnostics | United States |
| GolfCourseAPI | Course data (par, yardage, hole layouts) — no personal data of yours is sent here | United States |
| OpenStreetMap (Overpass API) | Geographic course discovery — coarse location queries. No personal identifiers sent. | Germany / global community-hosted |
We do not sell your data. We do not share your data with advertisers, data brokers, or analytics companies beyond Apple's first-party diagnostics.
5. How long we keep your data
Active accounts: as long as you keep your account. You own your data — every round, every settlement, every Vault entry.
Deleted accounts: when you delete your account in the app (Profile → Settings → Delete Account), we permanently remove your personal data immediately — and in all cases within 30 days. Anonymized aggregate statistics (e.g., "the app processed N rounds in March 2027") may persist, but cannot be traced back to you.
Rounds you played with others: if you delete your account, the rounds, settlements, and Vault history you shared with other players stay intact and visible to them, with your name kept as a frozen snapshot so their records still read clearly. We can't remove your name from someone else's records without breaking their data — the same way Venmo or Splitwise keeps the other side of a transaction. This protects their record of the game.
6. Your rights
You have the right to:
- Access your data — request an export from Profile → Settings → Export My Data
- Correct inaccuracies — most data is editable in the app; for anything that isn't, email us
- Delete your account and personal data — Profile → Settings → Delete Account
- Object to certain processing — email us
- Withdraw consent at any time — by deleting your account
If you're in California (CCPA/CPRA), the EU (GDPR), the UK, or another jurisdiction with privacy rights, you have additional protections. Email support@friendlywagers.golf to exercise them, and we'll respond within 30 days.
7. Security
We take the protection of your data seriously:
- All data in transit is encrypted via HTTPS / TLS 1.3
- Data at rest in Supabase is encrypted at the database level
- Passwords are hashed at rest using industry-standard algorithms (managed by our authentication provider, Supabase) — we cannot read your password
- Row-level security policies in our database ensure you can only access your own data and rounds you're part of
- Settlement and money math is computed on Apple's secure runtime, not on a server we control
No system is perfectly secure. If you suspect your account has been compromised, email support@friendlywagers.golf immediately.
8. Children's privacy
Friendly Wagers is intended for users 17 years of age and older. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.
9. International transfers
Our servers are in the United States. If you use the app from outside the U.S., your data will be transferred to and processed in the U.S. We rely on Standard Contractual Clauses (SCCs) and equivalent safeguards where applicable.
10. Changes to this policy
If we make material changes to how we handle data, we'll notify you in the app and update the "Last updated" date at the top of this page. If a change requires your renewed consent, we'll ask for it explicitly.
11. Contact
Privacy questions: support@friendlywagers.golf
Security reports: support@friendlywagers.golf
Everything else: support@friendlywagers.golf