Privacy Policy

1.Information We Collect

Account Information

When you sign up we collect your email address. We use a one-time passcode (OTP) flow — no password is ever stored.

Session & Performance Data

When you log a pickleball session we collect the details you provide: date played, duration, games played, wins, losses, venue, session type, and any notes or photos you attach.

Wearable & Health/Fitness Data (Google Health API)

If you choose to connect your Fitbit device, Pickle Strive accesses your fitness activity data through the Google Health API using OAuth 2.0. The data we request is limited to:

• Tennis-mode workout sessions (used as a proxy for pickleball until a native activity type is available)
• Session start time, end time, and duration
• Calories burned (when available)
• Heart rate summary, including average heart rate and zone breakdown — light, moderate, vigorous, and peak (when available)
• Steps and distance covered during the session (when available)
• Active zone minutes (when available)

We do not request or store medical records, sleep data, weight, reproductive health data, or any other health information beyond the workout activity data described above.

Photos

Photos you attach to session posts (up to 3 per session, 5 MB each) are stored on Cloudflare R2 object storage and are associated with your account.

Usage & Log Data

We collect standard server logs including IP address, browser/device type, pages visited, and timestamps. This data is used for security, debugging, and service improvement. Logs are retained for 90 days and then deleted.

2.How We Use Your Information

• Provide the service — display your session history, pickling activity feed, leaderboards, and social features.
• Sync wearable data — import Fitbit Tennis-mode sessions and map them to Pickle Strive session records.
• Authentication — verify your identity via OTP email and maintain your login session with an HttpOnly JWT cookie.
• Transactional email — send OTP codes and account-related notifications. We do not send marketing email without your explicit opt-in.
• Safety & abuse prevention — detect and respond to fraudulent or abusive activity.
• Service improvement — analyze aggregated, anonymized usage patterns to improve features.

We do not sell your personal information or health/fitness data to third parties. We do not use your data for advertising targeting.

3.Google API Services — Limited Use Disclosure

Pickle Strive’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• Data obtained from Google APIs is used only to provide or improve the pickleball session-tracking features described in this policy.
• We do not transfer Google user data to third parties except as necessary to provide the service (e.g., storing data in our own infrastructure) or as required by law.
• We do not use Google user data for serving advertisements.
• We do not allow humans to read your Google user data unless you have given us explicit permission, it is necessary for security/debugging purposes, or we are required to do so by law.
• Google Health/Fitbit data is used solely to create and enrich your Pickle Strive session records. It is never combined with third-party data for profiling or sold to any party.

4.How We Store and Protect Your Information

• Database — session records, account info, and OAuth tokens are stored in a PostgreSQL database hosted on Supabase (AWS infrastructure). Data is encrypted at rest and in transit.
• Photos — stored on Cloudflare R2 object storage with private-by-default access controls.
• OAuth tokens — Google Health API refresh tokens are encrypted before being written to the database. Access tokens are never logged.
• Cookies — your session JWT is stored in an HttpOnly, Secure, SameSite cookie — it is not accessible to client-side JavaScript.
• Retention — your data is retained for as long as your account is active. See Section 5 for deletion options.

No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately at contact@picklestrive.com.

5.Your Rights and Choices

Disconnect your wearable

You can disconnect your Fitbit/Google Health integration at any time from Settings → Wearables. Disconnecting revokes Pickle Strive’s OAuth access and stops future syncing. Previously imported session data remains in your account unless you request deletion.

Delete your account and data

To permanently delete your account and all associated data (sessions, photos, reactions, and wearable tokens), email contact@picklestrive.com with the subject line “Delete my account.” We will process your request within 30 days. In-app self-serve deletion is on our roadmap.

Access and portability

You may request a copy of your data by emailing contact@picklestrive.com. We will provide an export within 30 days.

Correct your information

You can edit session details directly in the app. For account-level corrections (e.g., email address), contact us at the address below.

6.Data Sharing

We share your data only in these limited circumstances:

• Infrastructure providers — Supabase (database hosting), Cloudflare (photo storage and CDN), Vercel (app hosting), and Resend (transactional email). Each is bound by its own data processing terms.
• Legal compliance — if required by law, court order, or to protect the rights, property, or safety of Pickle Strive, our users, or the public.
• Business transfer — in the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you via email before your data is subject to a different privacy policy.

We do not share personal information or health/fitness data with advertisers, data brokers, or analytics companies beyond the infrastructure providers listed above.

7.Children's Privacy

Pickle Strive is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us and we will delete it promptly.

8.Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Effective date” at the top of the page. For material changes, we will notify you by email at least 7 days before the change takes effect. Continued use of Pickle Strive after that date constitutes acceptance of the updated policy.

9.Contact Us

Questions or concerns about this policy? Reach us at: