Privacy Policy
Last updated: 1 July 2026 · Contact for any data query: support@teebooked.com
1. What we collect
| Data | Why | Where it lives |
| Name, email | Account creation, login, service communication | Supabase (auth + profile) |
| Club booking link + detected platform | To know which club/system to book on | Supabase |
| Game preferences (day, time window, group size) | To know what to book for you | Supabase |
| Your club account login | So we can log in on your behalf to check availability and book | Supabase, encrypted via Vault — see §2 |
| Payment details | To bill your subscription | Stripe only — we never see or store your card number |
| Basic usage/device data (browser, rough region via timezone) | Currency display, service reliability | Standard web logs; not sold |
We do not collect more than the above. We do not sell personal data.
2. How we protect your club credentials — specifically
- Credentials are encrypted at rest using envelope encryption (Supabase Vault) — never stored in plain text anywhere in our systems.
- Credentials are decrypted only momentarily, at the point a booking action is performed on your instruction.
- Every access to a stored credential is logged in an append-only access log (who/what/when), so any use is auditable.
- We never email or otherwise transmit your credentials outside the encrypted storage/retrieval flow, and never share them with any third party.
3. Legal basis for processing (UK/EU users)
- Contract: processing your club credentials, preferences, and payment details is necessary to provide the service you've subscribed to.
- Legitimate interest: basic usage data to keep the service secure and reliable.
- Consent: where required (e.g. marketing email — we don't send any without it).
4. Who we share data with
- Stripe — payment processing. We only receive confirmation of payment/subscription status.
- Supabase — our database and authentication provider, under their data processing terms.
- We do not sell, rent, or share personal data with advertisers or data brokers.
5. How long we keep your data
- Account and preference data: for as long as your account is active.
- Club credentials: deleted within 7 days of cancellation, unless you ask us to retain them for a future resubscription.
- Payment records: retained as required by tax/accounting law (via Stripe).
- Credential access logs: retained for 12 months for security and audit purposes.
6. Cookies & local storage
We use browser local storage (not third-party tracking cookies) to remember your currency preference and keep you signed in. We run no advertising or analytics pixels.
7. Your rights
Depending on where you live, you may have the right to: access the personal data we hold about you; correct inaccurate data; request deletion (including immediate deletion of stored club credentials); export your data; and object to or restrict certain processing. US state-law residents may also opt out of the sale/sharing of personal information — we do not sell personal information, so this is satisfied by default.
To exercise any of these, email support@teebooked.com. We respond within the timeframe required by applicable law (typically 30 days).
8. Children
TeeBooked is not directed at, and should not be used by, anyone under 18.
9. Changes to this policy
We'll update this page and, for material changes, notify you by email or in-app before they take effect.
← Back to TeeBooked · Terms of Service