Privacy Policy

We collect information that you provide directly to us, including:

• Account information. Name, email address, and a unique identifier from your OAuth provider (Apple, Google, or Facebook). We never collect or store a password — Racquet is OAuth-only.
• Profile information. Optional bio, profile photo, preferred sports, skill ratings (UTR, DUPR, FIP), preferred formats, competitiveness, home city, and play radius.
• Location data. Approximate latitude and longitude when you opt into "Near me" filtering or drop a pin on a map to create a venue. Exact coordinates are stored server-side only and never exposed to other users — peers see a coarse distance or city label.
• User content. Match posts, group messages, direct messages, RSVPs, tournament entries, venue and coach listings, scores, photos, and any text you submit through the app.
• Device and usage data. Device type, OS version, app version, language, time zone, push-notification token, IP-address-derived region (advisory only), and how you interact with our features.

We use Sign in with Apple, Sign in with Google, and Sign in with Facebook to verify your identity. We do not store passwords. When you sign in, your OAuth provider shares your name and verified email with us. We verify the cryptographic id_token against the provider's public keys before creating or matching your account.

Each Racquet account is bound to a single OAuth provider. If you sign in with a different provider that returns the same email, we will refuse the sign-in rather than silently link the accounts.

When you upload a profile photo, group photo, venue photo, coach photo, or tournament cover, the image is processed on our servers: we validate the magic bytes (so the file really is an image), re-encode it, and strip all EXIF metadata. This means GPS coordinates that your phone's camera embedded in the photo are discarded before the file is stored. We keep only the re-encoded image.

We use your information to:

• Provide, maintain, and improve the Services.
• Match you with other players, groups, coaches, venues, and tournaments at your level and within your area.
• Deliver match invites, group invites, coach inquiries, and direct messages between consenting users.
• Send push notifications you have opted into (scores, invites, reminders).
• Respond to your support requests and enforce our Terms of Service.
• Detect, prevent, and investigate abuse, spam, fraud, and security incidents.
• Comply with legal obligations.

We do not sell your personal information. We share information only as follows:

• With other users. Your public profile (display name, photo, sports, skill level, rating, preferred format, competitiveness, coarse distance or city) is visible to other authenticated users when you appear in directories, post a match, RSVP to an event, or accept an invite.
• With service providers. Cloud hosting, push-notification gateways (Apple Push, Firebase Cloud Messaging), map and geocoding providers (Google Maps Platform), OAuth identity providers (Apple, Google, Facebook), and analytics providers (Google Analytics 4). Each acts under contract and may only use your data to provide their service to us.
• For legal reasons. When required by law, court order, or valid government request, or to protect the rights, property, or safety of Racquet, our users, or the public.
• In a business transfer. In connection with a merger, acquisition, financing, or sale of assets, where the recipient agrees to honor this Privacy Policy.

When you ask Racquet to find nearby players, groups, venues, coaches, or tournaments, we use your device's location once to perform the search. Stored home-location coordinates are used server-side to compute the distance shown to other users; we never return another user's exact coordinates to your device.

Map tiles, place autocomplete, and reverse geocoding are powered by Google Maps Platform. Your interactions with maps may be subject to Google's policies.

Direct messages, group chats, match-invite threads, and coach-inquiry threads are stored to deliver them to the intended recipient and to support our moderation tools. We rate-limit cross-user contact (for example, capping match invites per sender and per recipient pair). Blocks are bidirectional: when one user blocks another, neither can contact, see, or invite the other.

We do not provide an open inbox — message threads only exist between users who have a shared context (accepted invite, group membership, coach inquiry).

We use industry-standard security practices, including TLS in transit, encrypted tokens at rest, server-side validation of all uploads, audit logs for administrative actions, and the iOS Keychain / Android Keystore for storing authentication tokens on your device. No security system is perfect, and we cannot guarantee absolute security.

You can:

• View, edit, or delete profile information from inside the app.
• Manage push-notification preferences from Settings.
• Block another user from any of their public surfaces.
• Delete your account from Settings → Delete account. Deletion removes your profile, your posts, your messages, and your media uploads, subject to short-lived backups and any data we are legally required to retain.
• Contact us at the email below to request access, correction, export, or deletion of your personal information.

We retain your information for as long as your account is active and as needed to provide the Services. When you delete your account, we delete or anonymize your personal information within 90 days, except where retention is required for legal, tax, audit, or security purposes.

Racquet is not directed to children under 13, and we do not knowingly collect personal information from children under 13. Users under 18 should use the Services only with the involvement of a parent or guardian. If you believe a child has provided us with personal information, contact us and we will delete it.

Racquet is operated in the United States. If you use the Services from another country, you consent to the transfer of your information to the United States and its processing under U.S. law.

Our website uses cookies and similar technologies (including Google Analytics 4) to understand how visitors interact with the site. You can control cookies through your browser settings. The mobile app does not use third-party advertising identifiers.

We may update this Privacy Policy from time to time. We will revise the "Last Updated" date and, for material changes, notify you through the app or by email. Continued use of the Services after a change means you accept the updated policy.

Questions, concerns, or requests regarding this Privacy Policy?