privacy policy

Privacy Policy

Effective Date: January 20, 2025 Last Updated: August 1, 2025

Introduction

CityTennis is committed to protecting user privacy and securing personal information. This policy explains how data is collected, used, stored, shared, and protected when using the mobile and web application. By using the app, users agree to this policy.

1. Information We Collect

1.1 Personally Identifiable Information (PII)

When creating an account or using the app, CityTennis may collect:

  • Name: First and last name.

  • Email Address: For authentication and communication.

  • Phone Number: For verification and notifications.

  • Profile Photo: User's profile picture.

  • Location Information: City, country, and optionally full address (for coaches).

  • Date of Birth: For age verification.

  • Gender/Sex: For matchmaking and personalization.

  • Tennis Information: Tennis rating (NTRP, UTR, skill level), handedness, preferred game types, interests, availability, and playing frequency.

  • Coach/Team Captain Information: Certifications, bio, and team details.

  • Payment Information: Processed securely through third-party processors.

1.2 Google User Data

CityTennis uses Google OAuth 2.0 for authentication and accesses:

  • Basic Profile Information (userinfo.profile): Name and profile picture from Google account.

  • Email Address (userinfo.email): Email associated with Google account.

Why This Data is Collected: To authenticate identity, create/maintain accounts, display profile, enable communication, and personalize experience. Google API Services User Data Policy Compliance: All use and transfer of information from Google APIs adhere to Google API Services User Data Policy, including Limited Use requirements.

1.3 Automatically Collected Information

Automatically collected technical information includes:

  • Device Information: Device type, OS, browser, unique identifiers.

  • Usage Data: Pages visited, features used, time spent, interactions.

  • Location Data: GPS coordinates during session submissions or challenge creation (with user permission).

  • Log Data: IP address, access times, error logs.

  • Cookies and Similar Technologies: For session maintenance and improved user experience.

1.4 User-Generated Content

This includes:

  • Session Photos/Videos: Uploaded during tennis session submissions.

  • Gallery Photos: Uploaded to user gallery.

  • Messages: Content of messages sent to other users.

  • Notes and Comments: Text content posted on profiles or feed items.

  • Challenge Details: Information about challenge matches.

2. How We Use Your Information

The collected information is used for:

2.1 To Provide and Maintain Our Services

  • Account creation and management.

  • Identity authentication using Google Sign-In.

  • Enabling session submission and verification.

  • Displaying profiles and connecting users.

  • Processing challenge matches and competitions.

  • Facilitating messaging and social interactions.

  • Calculating leaderboards and rankings.

  • Processing point redemptions and rewards.

2.2 To Personalize Your Experience

  • Suggesting nearby players and recommending courts.

  • Providing personalized match suggestions.

  • Displaying relevant content based on user role.

2.3 To Improve Our Services

  • Analyzing usage patterns and diagnosing technical issues.

  • Developing new features and improving existing ones.

  • Conducting research and analytics.

2.4 To Communicate With You

  • Sending verification codes, authentication emails, and notifications.

  • Responding to inquiries and support requests.

  • Sending administrative messages.

2.5 To Ensure Security and Prevent Fraud

  • Verifying session submissions and preventing false reporting.

  • Detecting fraudulent activity and enforcing Terms of Service.

  • Protecting user rights and safety.

2.6 To Comply With Legal Obligations

  • Responding to legal requests and complying with regulations.

Important Note Regarding Google User Data: Google user data (profile info and email) accessed via OAuth is used solely for the stated purposes and is NOT used for advertising, user profiling for advertising, or any other purposes prohibited by Google API Services User Data Policy.

3. How We Share Your Information

CityTennis does not sell personal information. Information is shared only under specific circumstances:

3.1 With Other Users (App Functionality)

Certain information is visible to other users:

  • Public Profile Information: Name, photo, location, rating, role, bio.

  • Session Activity, Challenge Details, Gallery Photos, Notes and Comments.

3.2 With Service Providers

Information may be shared with trusted third-party service providers (e.g., cloud hosting, authentication, payment processors, email services, analytics, maps services). These providers are bound by confidentiality.

3.3 For Legal Reasons

Information may be disclosed if required by law or in response to legal requests.

3.4 Business Transfers

Information may be transferred in case of merger, acquisition, or sale of assets, with prior notification to users.

3.5 With Your Consent

Information may be shared with explicit user consent.

Critical Limitation on Google User Data Sharing: Information obtained from Google APIs will NOT be transferred, sold, or disclosed to third parties except:

  1. To provide or improve user-facing features of CityTennis visible in the app's UI.

  2. To comply with applicable laws.

  3. As part of a merger or acquisition (with prior notice).

  4. With explicit consent for a specific purpose. Human access to Google user data is restricted to explicit consent, security purposes, or legal requirements.

4. Data Security

Measures include encryption, secure storage, authentication, access controls, regular security audits, and vetting third-party services. However, absolute security cannot be guaranteed.

5. Data Retention

Data is retained as long as necessary, unless a longer period is legally required. Users can request account deletion.

6. Your Rights and Choices

Users may have rights regarding their data, including access, correction, deletion, objection, withdrawal of consent, opting out of communications, and revoking Google OAuth Access. Requests can be sent to privacy@citytennis.app.

7. Third-Party Links and Services

The app may contain links to third-party sites, which are not covered by this policy.

8. Children's Privacy

CityTennis is not intended for users under 13.

9. International Data Transfers

By using the app, users consent to data transfer to the United States or other countries where service providers are located.

10. California Privacy Rights (CCPA)

California residents have rights to know, delete, opt-out (CityTennis does not sell PII), and non-discrimination.

11. European Privacy Rights (GDPR)

EEA/UK users have rights under GDPR, with legal bases for processing including consent, contract, legal obligations, and legitimate interests.

12. Changes to This Privacy Policy

Updates will be made with notification, and continued use implies acceptance.

13. Contact Us

For questions or requests, contact privacy@citytennis.app.

14. Consent

By using CityTennis, users acknowledge and consent to this Privacy Policy.