PadelGod

Legal

Privacy Policy

Ultima actualizare: June 11, 2026

This policy explains what personal data we collect through the PadelGod app and website, why we use it, and what rights you have. We aim for full transparency and collect strictly what is needed to provide you the service.

1. Who we are (the data controller)

PadelGod is operated by Cosmin Trica (private individual, Romania). For any matter related to your data, you can contact us at contact@padelgod.ro.

2. What data we collect

  • Account: email, name, and (optionally) profile photo, received when you sign in with Apple or Google.
  • Player profile: city, game preferences, level, preferred time, added by you.
  • Phone number (optional): only if you choose to add it, so your friends can find you (see section 4).
  • Contacts (optional): only if you enable friend discovery, the numbers in your address book are turned into irreversible codes directly on your device and never reach the server in plain text (see section 4).
  • Location (optional): only if you grant permission and only on your phone, to show you nearby clubs and courts. It is not tracked in the background and we do not build a history of your locations.
  • Bookings and matches: booked courts, scores, match history (padel or tennis), partners.
  • Ranking data: for competitive matches confirmed by all players, we keep the match score and the rating derived from it (see section 6).
  • Activity and health data (HealthKit): only with your explicit permission, heart rate, calories, and pace during the match, including from Apple Watch (see section 5).
  • Technical data: device tokens for notifications, plus minimal operational and security data.

3. How we use the data

  • to provide you with bookings, matchmaking, and score keeping;
  • to show you your own statistics and match history;
  • to calculate the competitive ranking, exclusively from matches confirmed by all players;
  • to connect you with friends and playing partners;
  • to send notifications related to your matches and bookings;
  • to maintain security and prevent abuse.

We do not sell your data and we do not use it for advertising.

4. Contact discovery (via hashing, not in plain text)

The feature to find your friends on PadelGod is optional and protected by design. Your number and the numbers in your address book are transformed locally, on your device, into an irreversible code (SHA-256 hash of the last 9 digits). Only this code is compared on the server, the server never receives phone numbers in plain text. You can disable the option at any time, and the code associated with you is deleted.

5. Health data and Apple Watch (HealthKit)

If you grant permission, we read activity data (heart rate, energy, pace) during the match to display your statistics and fitness analysis. Detailed heart rate (second by second) is used only on your device and never leaves your phone.

If you optionally enable "Save fitness statistics" in Settings (off by default), we save to your account only aggregate values per match: average and maximum heart rate, calories, intensity score, and duration. We never save detailed heart rate. These aggregate data:

  • are private by default, only you see them (history, records, weekly load);
  • become visible to other players (as a summary) only if you separately enable "Show on public profile";
  • are not used for advertising, marketing, or commercial analysis;
  • are not shared with third parties and are not sold;
  • are handled in accordance with Apple HealthKit requirements. You can stop saving at any time from Settings → Fitness and health, and HealthKit access from Settings → Privacy → Health, on iPhone.

6. The competitive ranking and data visible to other users

The app includes a competitive ranking (rating per discipline and a tier visible from 1 to 7). The ranking includes only competitive matches in which all players have a PadelGod account and all confirm the score in the app. For these matches we process:

  • the confirmed match score and the team composition;
  • the rating derived from results and the tier calculated from it, per discipline (padel or tennis, singles or doubles).

Your tier and ranking position are visible to other users in the ranking and on your public profile, together with your name and profile photo. The scores of confirmed competitive matches are visible to the match participants. The self-declared level in your profile does not influence the rating.

7. Legal basis (GDPR)

  • Performance of the contract - for the operation of the service;
  • Consent - for phone, contacts, location, HealthKit, and notifications;
  • Legitimate interest - for security, abuse prevention (including in the ranking), and improving the app.

8. Who we share the data with

  • Supabase - our database and authentication provider (data processor, secure hosting).
  • Apple / Google - for authentication and notifications.
  • Cloudflare - for anti-spam protection of the forms on the site (Turnstile verification).
  • The clubs - receive the data needed for a booking you make with them (e.g. your name).

9. Security

Data is transmitted encrypted (HTTPS) and protected by row-level access rules (Row Level Security) in the database, so that each user sees only what they are entitled to.

10. Retention and account deletion

We keep your data as long as you have an active account, so we can provide you with your history, statistics, and ranking. You can request account deletion directly from the app. The account enters a 30-day period during which it is deactivated and hidden; if you sign in again within this interval, the deletion is canceled. After 30 days, the account and associated data are permanently deleted.

11. Your rights

You have the right of access, rectification, erasure, restriction, portability, and objection. You can write to us at contact@padelgod.ro. You have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP).

12. Where the data is hosted

The data is hosted in the European Union (Supabase infrastructure, Europe region - Ireland), so within the European Economic Area. If in the future certain data were to be processed outside the EEA, we ensure that adequate safeguards are in place (e.g. standard contractual clauses).

13. Minors

The service is not intended for children under 16 without the consent of their legal guardian.

14. Changes

We may update this policy. We will mark the date of the last update, and important changes will be announced in the app.

15. Contact

For any question related to your data: contact@padelgod.ro.