By using CaddyGo, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the App.
01 Data We Collect
1.1 Account Information
When you sign in with Apple, we may receive:
- Apple ID identifier (an opaque, app-specific user ID assigned by Apple)
- Full name (only if you choose to share it; provided on first sign-in only)
- Email address (only if you choose to share it; may be an Apple Private Relay address)
We store this information locally in the device Keychain. Your name and email are never sent to our servers.
1.2 Subscription Data
When you subscribe to CaddyGo Premium, your subscription is managed by RevenueCat, a third-party subscription management service. The following data is shared with RevenueCat:
- User identifier (your Supabase account ID, a UUID)
- Subscription status and entitlements (whether your subscription is active)
RevenueCat communicates directly with Apple to verify purchase receipts. We do not collect or store any payment or financial information. All billing is handled by Apple through the App Store.
1.3 Location Data
- iPhone: We request your approximate location (accuracy ~100 meters) to find golf courses near you. Location is obtained once per search and is not stored on our servers.
- Apple Watch: During a round, we continuously access your precise GPS location (best available accuracy, updated every 5 meters) to calculate distances to greens, hazards, and hole features. This data is processed on-device and is not sent to our servers.
We request location access only while using the App ("When In Use"). We do not access your location in the background.
1.4 Health and Fitness Data
On Apple Watch, CaddyGo records a golf workout via Apple HealthKit. With your authorization, we access the following data:
- Heart rate (read during the workout)
- Active calories burned (read and written to your workout)
- Distance walked (read and written to your workout, also measured via pedometer)
- Step count (measured via pedometer during the workout)
This health and fitness data is saved exclusively to Apple Health on your device. It is never transmitted to our servers or shared with any third party. We do not use health data for advertising, marketing, or data mining purposes, in compliance with Apple's HealthKit guidelines.
If you deny HealthKit authorization, the App will continue to function for GPS distances and scoring, but workout tracking will not be available.
1.5 Motion Data
On Apple Watch, we use device motion sensors (accelerometer, gyroscope, magnetometer) to determine your compass heading. This is used solely to orient the course map in your direction of play. Motion data is processed on-device in real time and is not stored or transmitted.
1.6 Scorecards
Your scorecards (course name, date, tee, par, and strokes per hole) are stored on your device and automatically synchronized across your devices via Apple iCloud (CloudKit). Your favorite courses are synchronized via iCloud Key-Value Store. This data is stored in your personal iCloud account, managed by Apple. It is never sent to our servers.
1.7 Usage Data
We collect usage events to understand how the App is used and improve it. These events include:
- App opened
- Round started (course name, number of holes)
- Round completed (course name, score, holes played, score vs. par)
- Subscription started or renewed (product identifier, price)
- Course sent to Apple Watch (course name)
Usage events are sent to Mixpanel and are associated with a random device identifier, not your Apple ID or name.
1.8 Crash and Diagnostic Data
We use Firebase Crashlytics to collect crash reports, which include device model, operating system version, and the state of the App at the time of the crash. This data helps us identify and fix bugs.
1.9 Apple Search Ads Attribution
On first launch, we check whether you installed the App through an Apple Search Ad. If so, we receive anonymized campaign attribution data from Apple's AdServices framework. This data is sent to Mixpanel to measure the effectiveness of our advertising. We do not request the Identifier for Advertisers (IDFA) and do not use App Tracking Transparency.
02 Data We Do NOT Collect
- Payment or financial information (handled entirely by Apple)
- Identifier for Advertisers (IDFA)
- Contacts, photos, camera, or microphone data
- Browsing or search history outside the App
We do not sell, rent, or trade your personal data to third parties.
03 How We Use Your Data
| Purpose | Data Used | Legal Basis (GDPR) |
|---|---|---|
| Authenticate your account | Apple ID identifier | Contract performance |
| Verify and manage your subscription | User identifier, subscription status | Contract performance |
| Provide GPS distances during your round | Location (Watch) | Contract performance |
| Find courses near you | Location (iPhone) | Consent |
| Track your golf workout | Heart rate, calories, distance, steps | Consent (HealthKit authorization) |
| Orient the course map | Device motion / compass heading | Contract performance |
| Display wind conditions | Course location coordinates | Contract performance |
| Improve the App and fix bugs | Usage events, crash reports | Legitimate interest |
| Measure advertising effectiveness | Search Ads attribution | Legitimate interest |
04 Third-Party Services
We share data with the following third-party services to operate the App. Each provider is contractually required to protect your data in accordance with applicable privacy laws.
| Service | Provider | Data Shared | Purpose |
|---|---|---|---|
| Backend & Database | Supabase | User identifier (UUID), authentication tokens | User authentication and API gateway |
| Subscription Management | RevenueCat | User identifier (UUID), subscription status | Manage subscriptions, verify entitlements, communicate with Apple for receipt validation |
| Course Data | iGolf | Course search queries (name, location) | Provide golf course information |
| Weather | Apple WeatherKit | Course location coordinates | Display wind conditions on the course map |
| Analytics | Mixpanel (EU server) | Usage events (see Section 1.7) | Understand usage patterns to improve the App |
| Crash Reporting | Firebase Crashlytics (Google) | Crash logs, device info | Identify and fix app crashes |
| Attribution | Apple AdServices | Search Ads attribution token | Measure ad campaign effectiveness |
| Cloud Sync | Apple iCloud (CloudKit) | Scorecards, favorite courses | Synchronize your data across your Apple devices |
We do not share health or fitness data with any third party. Health data stays on your device in Apple Health.
05 Data Storage and Security
- Server-side: Authentication data is stored on Supabase servers. Subscription data is managed by RevenueCat. All communications use HTTPS/TLS encryption.
- On-device: Account credentials and subscription tokens are stored in the iOS Keychain (AES-256 encrypted, hardware-backed). Scorecards are stored locally via SwiftData and synchronized to your iCloud account via Apple CloudKit.
- Course data is fetched in real time from iGolf and is not cached or stored on your device.
- Analytics data is processed on Mixpanel's EU servers (api-eu.mixpanel.com).
06 Data Retention and Deletion
| Data | Retention | How to Delete |
|---|---|---|
| Account & all associated data | Until you delete your account | Settings > Account > Delete Account in the App, or contact us at contact@eigeninsight.io |
| Account data (Keychain) | Until you sign out, delete the App, or delete your account | Sign out in the App, delete the App, or use Delete Account |
| Subscription data (server) | Duration of subscription + as needed for support and legal compliance | Settings > Account > Delete Account in the App, or contact us at contact@eigeninsight.io |
| Scorecards (local + iCloud) | Until you delete them or delete your account | Delete individual scorecards in the App (deletion syncs across devices via iCloud), or use Delete Account |
| Favorite courses (local + iCloud) | Until you remove them or delete your account | Remove from favorites in the App (syncs via iCloud), or use Delete Account |
| Health & fitness data | Stored in Apple Health; we do not retain it | Delete via the Apple Health app |
| Analytics events | Up to 12 months (Mixpanel retention policy) | Contact us for deletion |
| Crash logs | Up to 90 days (Firebase retention policy) | Automatically deleted after 90 days |
07 Your Rights
Depending on your jurisdiction (including under the EU General Data Protection Regulation and California Consumer Privacy Act), you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate personal data
- Delete your personal data ("right to be forgotten")
- Export your data in a portable format (by request via email)
- Withdraw consent for data processing at any time
- Object to processing based on legitimate interest
- Lodge a complaint with your local data protection authority
To delete your account and all associated data, go to Settings > Account > Delete Account in the App. This permanently removes your subscription records from our servers and erases all local data from your device. For any other rights requests, email us at contact@eigeninsight.io. We will respond within 30 days.
You can also withdraw specific permissions at any time through your device settings:
- Location: Settings > Privacy & Security > Location Services > CaddyGo
- Health: Settings > Health > Data Access & Devices > CaddyGo
- Motion: Settings > Privacy & Security > Motion & Fitness
08 Children's Privacy
CaddyGo is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.
09 International Data Transfers
Your data may be processed in countries outside your country of residence, including the United States (Supabase, Firebase, RevenueCat) and the European Union (Mixpanel). We ensure that appropriate safeguards are in place in accordance with applicable data protection laws.
10 Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page. Your continued use of the App after changes are posted constitutes your acceptance of the revised policy.
11 Contact Us
If you have questions about this Privacy Policy, your data, or wish to exercise your rights, contact us at:
EigenInsight
Email: contact@eigeninsight.io
Website: www.eigeninsight.io
Back to EigenInsight