Privacy Policy

Last Updated: February 20, 2026 (v1.2)

Introduction

Golf Rules AI, Inc. ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

Company Information

Legal Entity: Golf Rules AI, Inc.

Jurisdiction: Delaware Corporation, United States

Registered Address: 131 Continental Dr, Suite 305, Newark, DE 19713, USA

Contact: hello@golfrules-ai.com

Information We Collect

Personal Information

We collect personal information that you voluntarily provide when registering for an account or using our Service:

  • Account Information: Email address and password (encrypted)
  • Profile Information: Display name and preferred language
  • Authentication Data: If you sign in via Google OAuth, we receive your email address and basic profile information from Google

Usage Data

We automatically collect certain information when you use the Service:

  • Learning Progress: Completed modules, quiz scores, and study streaks
  • Questions Submitted: Text, voice, or image-based questions you submit to our AI rule checker
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and pages viewed

Payment Information

If you subscribe to our premium service, payment processing is handled by Stripe, Inc. (web), Apple App Store (iOS), or Google Play (Android). We do not store or have access to your full credit card number, CVV, or other sensitive payment details. We only receive confirmation of successful payments and basic transaction information necessary for providing service.

How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our golf rules learning platform
  • Personalization: To personalize your learning experience based on your progress and preferences
  • Communication: To send you service-related notifications, updates, and streak reminders (with your consent)
  • AI Improvement: To analyze anonymized questions for improving our AI rule checking accuracy
  • Analytics: To understand how users interact with our Service and identify areas for improvement
  • Security: To detect, prevent, and address technical issues, fraud, or abuse
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

Service Providers

We engage trusted third-party service providers to perform functions on our behalf:

  • Supabase: Database hosting and user authentication (PostgreSQL, hosted in the EU)
  • Vercel: Web application hosting and content delivery
  • Stripe: Payment processing for premium subscriptions (web)
  • RevenueCat: Subscription management and in-app purchase processing (iOS/Android)
  • Google: OAuth authentication services
  • Anthropic: AI language model for rule checking (Claude)

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

AI/LLM Data Processing

We take reasonable steps to minimize the inclusion of personal data in AI prompts. Questions submitted to our rule checker are processed without account identifiers, and we do not use your personal data to train AI models. The AI processes golf rule questions in isolation without access to your profile or learning history.

Users are responsible for avoiding the inclusion of personal or sensitive information in questions submitted to the AI rule checker. While we implement technical measures to minimize personal data processing, user-generated content may contain information beyond our control. We recommend keeping your questions focused on golf rules and avoiding the inclusion of names, locations, or other personally identifiable information.

Legal Requirements

We may disclose your information if required by law or in response to valid legal requests by public authorities (e.g., court orders or government agencies).

Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

AI-Generated Content Disclaimer

AI-generated responses provided by the Service are for educational purposes only and do not constitute official rulings under the Rules of Golf. While we strive for accuracy, AI responses may contain errors, omissions, or outdated information.

Users should consult official governing bodies (e.g., The R&A or USGA) and certified rules officials for authoritative decisions, particularly in competitive or tournament play. The Company is not liable for any decisions, penalties, or outcomes arising from reliance on AI-generated content.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account Data: Retained until you delete your account or request deletion
  • Learning Progress: Retained as long as your account is active
  • AI Questions: Stored for up to 12 months for service improvement, then anonymized or deleted
  • Payment Records: Retained for 7 years as required by tax and accounting regulations

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL
  • Encryption of sensitive data at rest
  • Secure password hashing using industry-standard algorithms
  • Regular security assessments and updates
  • Access controls limiting data access to authorized personnel only

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Your Rights

Depending on your location, you may have certain rights regarding your personal information:

For All Users

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and personal data
  • Data Portability: Request a copy of your data in a machine-readable format

For European Economic Area (EEA) Residents (GDPR)

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Object: Object to processing of your personal data
  • Right to Restriction: Request restriction of processing in certain circumstances
  • Right to Withdraw Consent: Withdraw consent at any time where we rely on consent to process your data
  • Right to Lodge a Complaint: Lodge a complaint with your local data protection authority

Legal Basis for Processing (GDPR): We process your data based on: (a) your consent, (b) performance of a contract, (c) compliance with legal obligations, and (d) our legitimate interests, specifically: fraud prevention, service security, AI model accuracy improvement, and product analytics.

For California Residents (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request information about the categories and specific pieces of personal information we have collected
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of your personal information (note: we do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising your CCPA rights

To exercise any of these rights, please contact us at hello@golfrules-ai.com. We will respond to your request within 30 days.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We ensure that appropriate safeguards are in place to protect your personal information in accordance with this Privacy Policy, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with all service providers
  • Compliance with the EU-U.S. Data Privacy Framework where applicable

Data categories transferred: Account identifiers (email) may be processed by US-based authentication services. AI rule checking uses anonymized question content only, without personal identifiers. Payment data is processed by Stripe under their own compliance frameworks.

Data transferred to the United States may be subject to lawful access requests by public authorities under applicable U.S. laws, including for national security or law enforcement purposes.

Children's Privacy

Our Service is not directed to children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at hello@golfrules-ai.com, and we will take steps to delete such information.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for the Service to function (authentication, session management)
  • Preference Cookies: Remember your settings (language, theme)
  • Analytics Cookies: Help us understand how users interact with our Service (anonymized, without full IP addresses)

We do not use cookies or tracking technologies for cross-app or cross-site advertising profiling. Where required by applicable law, we obtain your consent before placing non-essential cookies. You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

Third-Party Links

Our Service may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will provide a more prominent notice (such as an email notification).

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Golf Rules AI, Inc.

131 Continental Dr, Suite 305

Newark, DE 19713, USA

Email: hello@golfrules-ai.com

Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions, and without prejudice to mandatory consumer protection laws of your country of residence. Nothing in this section limits your mandatory data protection rights under applicable local law, including the GDPR for EEA residents.