Privacy Policy

Greenside Golf LLC ("Greenside Golf," "we," "us," or "our") operates the Greenside Golf platform, including the website at thegreensidegolf.com and any related mobile applications (collectively, the "Service"). We are incorporated and headquartered in Ohio.

This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the choices you have. It applies to all users of the Service, including golf course operators, organizers, and golfers.

Account information. When you register, we collect your name, email address, and a hashed password. Course operators also provide their course name, address, phone number, and Stripe Connect account details.

Profile and course data. Course operators may upload photos, descriptions, tee box configurations, pricing, and operating hours. This information is displayed publicly on your course profile page.

Booking and outing data. When a golfer books a tee time or registers for an outing or league, we collect your name, email address, phone number (optional), and golf handicap (optional) along with the booking details, player count, and selected options. Outing organizers provide event details, team rosters, and scoring information.

Membership data. If your golf course or organization manages its memberships through Greenside, we store membership data — including your name, address, date of birth, and handicap index — on behalf of your course or organization. Stripe processes recurring membership dues; card data is never stored on Greenside servers. You may request deletion of your membership data by contacting cameron@thegreensidegolf.com.

Location data.With your permission, the course discovery feature and our mobile app use your device's GPS location to show golf courses near you. Location is used for the search in progress and is not stored on our servers or used to track you.

Payment information. All card payments are processed by Stripe. We do not store card numbers, CVVs, or full bank account numbers on our servers. We receive and store only a Stripe-generated customer ID, charge ID, and limited metadata (last 4 digits, card brand, payment status) necessary to manage bookings and payouts.

Usage data. We automatically collect browser type, IP address, pages visited, referring URL, time spent on pages, and device identifiers. This data is used to improve the Service and diagnose technical issues.

Communications. If you contact us by email or submit a demo request, we retain that correspondence.

We share data with the following third-party processors as part of delivering the Service:

• Stripe (stripe.com) — Payment processing, course payouts via Stripe Connect Express. Stripe may collect and store payment information subject to their own privacy policy.
• Cloudinary (cloudinary.com) — Image hosting and optimization for course photos and assets.
• Resend (resend.com) — Transactional email delivery (booking confirmations, receipts, notifications).
• Railway (railway.app) — Backend infrastructure and PostgreSQL database hosting.
• Vercel (vercel.com) — Frontend web hosting and edge delivery.
• RapidAPI / Golf Course API — Used to fetch publicly available golf course information during course setup. No personal data is transmitted.
• Google Firebase Cloud Messaging (FCM) — Push notification delivery in our mobile app (when available). A device token is shared with Google to route notifications to your device.
• Google and Apple sign-in — If you sign in with Google or Apple in our mobile app (when available), we receive your name and email address from the provider; we never receive your password.

Each processor is bound by their own terms and privacy policies. We only share the minimum data necessary for them to provide their services.

• To create and manage your account and provide the Service
• To process bookings, outing registrations, and payments
• To deliver booking confirmations, receipts, and event notifications by email
• To send platform updates, product announcements, and marketing emails (you may opt out at any time — see Section 7)
• To verify golf course legitimacy before allowing course profiles to go live
• To detect fraud, enforce our Terms of Service, and comply with applicable law
• To analyze usage trends and improve the Service

We do not sell your personal information. We share it only in the following circumstances:

• With third-party processors listed in Section 3, as necessary to operate the Service
• With other users as part of normal platform operation — for example, a course owner can see a golfer's name and booking details; an outing organizer can see their registered players' names
• With law enforcement or regulators when required by law, court order, or to protect the rights and safety of our users or the public
• In connection with a merger, acquisition, or sale of assets, where the acquiring party agrees to honor this policy

We retain account data for as long as your account is active. If you close your account, we will delete or anonymize your personal information within 90 days, except where retention is required by law (for example, financial records required for tax compliance, which we retain for 7 years).

Booking and outing records are retained for 7 years for accounting and dispute-resolution purposes, even after an account is closed.

Email opt-out. Every marketing email we send includes an unsubscribe link. You may also email us at cameron@thegreensidegolf.com to be removed from marketing communications. Transactional emails (receipts, booking confirmations) cannot be opted out of while your account is active, as they are necessary to deliver the Service.

Account cancellation. You may cancel your Greenside Golf account at any time from your account settings page. Cancellation removes your access to paid features. See our Terms of Service for details on refunds and data handling upon cancellation.

Access and correction. You may review and update your account information at any time from your account settings. To request a copy of all personal data we hold about you, email cameron@thegreensidegolf.com.

Deletion. To request deletion of your account and associated personal data, email us at cameron@thegreensidegolf.com. We will process deletion within 30 days, subject to legal retention obligations described in Section 6.

California residents. If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete it, and the right to opt out of its sale (we do not sell personal data). To exercise these rights, contact us at the address below.

EEA and UK residents. If you are located in the European Economic Area or the United Kingdom, you have rights under the General Data Protection Regulation (GDPR), including the rights of access, rectification, erasure, restriction, portability, and objection. Our legal bases for processing are performance of a contract (delivering the Service), legitimate interests (fraud prevention, service improvement), and consent (marketing). You may lodge a complaint with your local supervisory authority.

We use session cookies strictly necessary for authentication (httpOnly, secure). We do not use third-party advertising cookies or behavioral tracking pixels. We may use first-party analytics to understand aggregate usage patterns.

You may disable cookies in your browser settings, but doing so will prevent you from logging in to the Service.

We use industry-standard security measures including TLS encryption in transit, encrypted passwords (bcrypt), and httpOnly/Secure cookie flags for authentication tokens. Database access is restricted to application servers only. No system is 100% secure; if you believe your account has been compromised, contact us immediately.

The Service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, contact us at cameron@thegreensidegolf.com and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify registered users by email and post the updated policy with a new effective date. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

For privacy-related questions or to exercise your rights, contact us at: