Privacy Policy

We collect several categories of information to provide and improve the Service. The types of information we collect depend on how you interact with Strokes Lost.

Account and Personal Information. When you create an account, we collect your name, email address, and password. You may optionally provide additional profile information such as your handicap index, home course, and golf goals.

Golf Performance Data. The core of our Service involves collecting detailed golf performance data that you input or that is generated through your use of the app. This includes: round scores and hole-by-hole data; strokes gained metrics across driving, approach, short game, and putting; fairways hit, greens in regulation, and putting statistics; post-round debrief responses; pre-round game plan data; and historical scoring trends.

Practice Data. We collect data about your practice sessions, including practice playbook usage, drill completion records, session duration, and self-reported focus areas.

Fitness and TPI Data. If you use the Golf Fitness Lab or complete a TPI movement screen (including through the Movement Blueprint Package), we collect your TPI screen results, identified movement limitations, fitness program assignments, workout completion records, and any medical history or physical restrictions you voluntarily provide to inform your programming.

Payment Information. When you subscribe to a paid plan or purchase a one-time service, we collect payment information including billing name, billing address, and payment card details. Payment card information is processed directly by our third-party payment processor (see Section 7) and is not stored on our servers.

Usage and Technical Data. We automatically collect certain technical information when you use the Service, including IP address, browser type and version, device type and operating system, pages visited and features used, session duration, and referring URLs. This information is collected using cookies and similar tracking technologies as described in Section 4.

Communications. If you contact us via email or in-app messaging, we retain the content of those communications to respond to your inquiry and improve our support.

We use the information we collect for the following purposes:

Providing the Service. Your performance, practice, and fitness data is used to power the core features of Strokes Lost, including generating strokes gained analysis, producing AI coaching insights through Ace, creating personalized practice playbooks, building pre-round game plans, and tracking your goals and momentum over time.

AI Coaching and Personalization. We use your data to train and operate the Ace AI coaching system. Ace analyzes your historical performance data to provide personalized insights, identify your highest-leverage improvement areas, and contextualize coaching recommendations. Your data is used to personalize your experience and is not used to train general AI models that are shared with or benefit other users without anonymization.

Analytics and Product Improvement. We use aggregated, anonymized data to understand how users interact with the Service, identify areas for improvement, and develop new features. This analysis does not identify you individually.

Account Management and Communications. We use your contact information to send transactional emails (account confirmations, subscription receipts, password resets), product updates, and, with your consent, marketing communications. You may opt out of marketing communications at any time.

Legal and Safety. We may use your information to comply with applicable laws, respond to legal process, enforce our Terms of Service, protect the rights and safety of our users and the Company, and detect and prevent fraud or abuse.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases under the General Data Protection Regulation (GDPR):

We use cookies and similar tracking technologies to operate and improve the Service. A cookie is a small text file placed on your device when you visit our website. We use two categories of cookies:

Essential Cookies (Always Active). These cookies are strictly necessary for the Service to function. They include cookies that store your authentication session, remember your cookie consent preference, and maintain basic site functionality. These cookies cannot be disabled without significantly impairing your ability to use the Service.

Analytics Cookies (Consent Required). With your explicit consent, we use analytics cookies to collect anonymized information about how visitors use our website, including pages visited, time spent on pages, and general usage patterns. This data helps us understand and improve the Service. Analytics cookies are only activated after you click "Accept All" in our cookie consent banner. If you click "Essential Only," no analytics cookies are set.

Managing Your Cookie Preferences. You may change your cookie preferences at any time by clicking "Cookie Settings" in the footer of our website. This will re-display the consent banner and allow you to update your choice. You may also control cookies through your browser settings, though disabling all cookies may affect site functionality.

We do not currently use advertising, retargeting, or social media cookies. If we add such cookies in the future, we will update this policy and request your consent before activating them.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We share your information only in the following limited circumstances:

Payment Processor. We use a third-party payment processor to handle subscription billing and one-time purchases. Your payment card information is transmitted directly to and stored by the payment processor under their own privacy and security standards. We receive only a tokenized reference to your payment method. Our payment processor is PCI-DSS compliant.

Analytics Provider. With your consent, we use an analytics service to collect anonymized usage data. Our analytics provider does not receive personally identifiable information and processes data only on our behalf.

Infrastructure and Hosting. We use cloud infrastructure providers to host the Service and store data. These providers act as data processors under appropriate data processing agreements and are contractually prohibited from using your data for their own purposes.

Legal Requirements. We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We will notify you of such requests to the extent permitted by law.

Business Transfers. In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

Active Accounts. All User Data (round data, practice data, fitness data, TPI screen results) is retained for the duration of your active subscription and for 90 days following account cancellation or termination, after which it is permanently deleted.

Account Information. Basic account information (name, email) may be retained for up to 3 years after account deletion for legal compliance, fraud prevention, and dispute resolution purposes.

Financial Records. Transaction records and billing information are retained for 7 years as required by applicable tax and accounting laws.

Anonymized Data. Aggregated, anonymized analytics data that cannot be used to identify you may be retained indefinitely for product improvement purposes.

You may request early deletion of your data at any time as described in Section 8.

We implement appropriate technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit (TLS/HTTPS), encryption of sensitive data at rest, access controls limiting employee access to personal data on a need-to-know basis, and regular security reviews.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

Depending on your location, you may have the following rights regarding your personal information:

Access. You have the right to request a copy of the personal information we hold about you.

Correction. You have the right to request that we correct inaccurate or incomplete personal information about you.

Deletion. You have the right to request that we delete your personal information, subject to certain exceptions (e.g., legal obligations, fraud prevention).

Portability. You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another service.

Objection and Restriction. You have the right to object to or request restriction of processing of your personal data in certain circumstances, including where processing is based on legitimate interests.

Withdraw Consent. Where processing is based on your consent (e.g., analytics cookies, marketing emails), you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us at [email protected]. We will respond to verified requests within 30 days. We may need to verify your identity before processing your request.

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have additional rights under the GDPR and applicable national data protection laws, including all rights described in Section 8. You also have the right to lodge a complaint with your local data protection authority (DPA) if you believe we have not handled your personal data in accordance with applicable law.

Where we transfer your personal data outside the EEA, UK, or Switzerland, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your data.

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information:

Right to Know. You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it.

Right to Delete. You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.

Right to Opt-Out of Sale. We do not sell your personal information. We do not share your personal information with third parties for cross-context behavioral advertising.

Right to Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights.

To submit a CCPA request, contact us at [email protected] with the subject line "CCPA Request." We will respond within 45 days. You may designate an authorized agent to make a request on your behalf.

The Service is intended for users who are 18 years of age or older. We do not knowingly collect personal information from individuals under the age of 18. If you are under 18, please do not use the Service or provide any personal information.

If we become aware that we have collected personal information from a person under 18 without verification of parental consent, we will take steps to delete that information as quickly as possible. If you believe we may have collected information from or about a child under 18, please contact us immediately at [email protected].

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, without regard to its conflict of law provisions. Any disputes arising under this Privacy Policy shall be subject to the dispute resolution provisions set forth in our Terms of Service.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Effective Date" at the top of this page and notify you via email or a prominent notice within the Service. We encourage you to review this Privacy Policy periodically.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our privacy team:

For GDPR-related inquiries, you may also contact your local data protection authority. A list of EEA data protection authorities is available at edpb.europa.eu.