Draft — pending legal review

Privacy Policy

Last updated: June 22, 2026

This is a placeholder. The final privacy policy is being prepared with counsel. The short version is below. Email support@golffund.app with any questions.

1. The short version

  • We collect only what we need to run GolfFund for you.
  • We do not sell your data. We do not use it to advertise. We do not share it with anyone except the providers listed below.
  • You can export or delete your organization's data at any time.

2. Who we are

GolfFund is operated by GolfFund LLC (“we,” “us”). This policy covers data collected by the GolfFund web application at golffund.app.

3. What we collect

Account data: Your name, email, password hash, organization name, role.

Organization data you enter: Sponsors, golfers, families, contributions, payments, event details, custom notes, files you upload.

Usage data: Standard server and access logs (IP, user agent, pages viewed) for security and debugging.

Payment data: Subscription payments are processed by Stripe. We do not store full card numbers — only a customer ID and a record that you paid.

Email engagement: When you send transactional or marketing email through GolfFund, we record delivery status, bounces, and unsubscribes.

4. How we use it

  • To operate the service for your organization.
  • To send transactional email (account confirmation, password reset, receipts, packets, reminders).
  • To prevent fraud, abuse, and unauthorized access.
  • To send occasional product updates — only to organization administrators, and you can opt out.

5. Who we share it with

We use a small number of trusted vendors. We do not sell data to anyone.

  • Supabase / AWS — database, authentication, file storage
  • Vercel — web hosting
  • Stripe — subscription payments
  • Namecheap Private Email — outbound email
  • Google — if you sign in with Google

We will also disclose data if required by law (subpoena, court order) and will tell you when we are legally allowed to.

6. Your rights

  • Access or export your organization's data at any time from your dashboard.
  • Delete your account and your organization's data by emailing support.
  • Correct anything inaccurate.
  • If you live in California, the EU, or another region with stronger privacy rights, those rights apply to you too.

7. Data about your sponsors, golfers, and donors

When your organization adds someone's contact information to GolfFund, your organization is the data controller. GolfFund processes that data on your behalf. You are responsible for having the right to collect and use that information, and for honoring any deletion requests those people make. We will help you process those requests.

8. Children

GolfFund is not intended for use by anyone under 13. We do not knowingly collect data from children. If your tournament involves minors (junior golfers), please use a parent or guardian email and only the information you actually need.

9. Retention

We keep your data while your account is active. When you delete your account, we delete your organization's data within 30 days, except where we are legally required to keep records (e.g., tax records, payment history).

10. Security

Data is encrypted in transit (HTTPS) and at rest. Access is limited to the small number of people who run GolfFund. Despite our best efforts, no system is perfectly secure — we will notify you promptly of any breach affecting your data.

11. International transfers

GolfFund is hosted in the United States. If you access it from elsewhere, your data will be transferred to and processed in the US.

12. Cookies

We use only the cookies needed to keep you signed in and run the application. No advertising or cross-site tracking cookies.

13. Changes

We may update this policy. Material changes will be announced by email or in-app notice at least 14 days before they take effect.

14. Contact

Privacy questions? Email support@golffund.app.