GSCaddie

Privacy Policy

GSCaddie — Privacy Policy

Last updated: 2026-04-29 Effective date: 2026-04-29

This Privacy Policy describes how M5 Software Solutions LLC ("GSCaddie," "we," "our," or "us") collects, uses, and shares information when you use the GSCaddie desktop app and web dashboard. By using GSCaddie, you agree to this Policy.

GSCaddie is an independent, third-party companion tool for GSPro users. It is not affiliated with, endorsed by, or connected to GS-Pro or any launch monitor vendor.

Core principle: the data is yours. GSCaddie reads performance data that you generated — your swing, measured by your launch monitor hardware, written to your own computer's local disk. We treat that data as your property, and we treat anything GSPro has encrypted, locked, or otherwise protected as GSPro's property and leave it alone.

1. What we collect

1.1 Data you provide directly

  • Account information: email address, display name, password (stored hashed via our auth provider).
  • Billing information: processed by our payment provider; we do not store full card numbers.
  • Profile settings: handicap, club assignments, launch monitor model, preferences.
  • User content: shot notes, round tags, practice plan configurations, anything you type into GSCaddie.

1.2 Data GSCaddie reads from your local computer (your data)

GSCaddie's desktop app reads files that GSPro and/or your launch monitor already write to your own local disk during normal operation. This data describes your athletic performance on your equipment and belongs to you. Specifically, we read:

  • GSPro shot/round data (e.g., ball speed, launch angle, spin, carry, club used, result coordinates, per-hole scores) from GSPro's local SQLite database and/or its diagnostic log file.
  • Round metadata (course name as reported locally, date, weather settings as reported locally, players).
  • Optionally, data from the documented GSPro OpenAPI (GSProConnect) if you enable it.

We do not read or upload:

  • Encrypted columns in GSPro's database (e.g., RoundData, RoundSettings). We do not decrypt them and do not attempt to.
  • GSPro course files, course graphics, course geometry, or any other GSPro-authored content.
  • Files outside the specific GSPro and launch monitor data paths described in our documentation.
  • Arbitrary files on your computer.

1.3 Data collected automatically

  • App telemetry: version, OS version, anonymized crash reports, feature usage counts. Used to improve reliability.
  • Web analytics: standard server logs (IP, user agent, request paths, timestamps) for the web dashboard.
  • Cookies / local storage: authentication tokens and UI preferences.

1.4 What we do NOT collect

  • We do not collect your GSPro subscription credentials or launch monitor credentials.
  • We do not collect contents of other applications, browsing history, keystrokes, screen captures, microphone, or camera.
  • We do not harvest data from GSPro's servers, the GSPro web portal, or the GSPro community site.
  • We do not sell your data to advertisers, brokers, or anyone else.

2. How we use your data

We use the data described above to:

  • Provide and operate GSCaddie (sync your shot/round data across devices, render analytics, surface trends and drill recommendations).
  • Authenticate you and secure your account.
  • Process payments and manage subscriptions.
  • Diagnose bugs and improve reliability.
  • Communicate with you about service updates, security issues, and support requests.
  • Comply with legal obligations.

We do not sell your data, and we do not share it with third parties for their own marketing or training purposes.

4. Who we share data with

We share data only with service providers who help us operate GSCaddie, and only to the extent they need to perform their function:

  • Cloud / database: Supabase (hosting, database, auth)
  • Payment processing: Stripe
  • Email / transactional messaging: Brevo
  • Error monitoring / analytics: Sentry (if enabled)

We do not sell, rent, or trade your personal data. We may disclose data if required by law, subpoena, or to protect rights, safety, or property.

If we undergo a merger, acquisition, or asset sale, your data may be transferred; you will be notified before your data becomes subject to a different privacy policy.

5. Where data is stored

Data is stored on servers operated by our cloud providers, primarily in AWS us-east-1. Data may be processed in other regions where our providers operate. We rely on standard contractual clauses and provider safeguards for international transfers where applicable.

6. How long we keep data

  • Account and shot/round data: retained as long as your account is active. You may delete your account at any time; we will delete or anonymize personal data within 30 days of deletion, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, tax records).
  • Billing records: retained per legal/tax requirements (typically 7 years).
  • Logs and telemetry: typically retained 30–90 days.
  • Backups: rolling backups may retain data for up to 30 days after deletion before being overwritten.

7. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your data ("right to be forgotten")
  • Export your data in a portable format
  • Object to or restrict certain processing
  • Withdraw consent (where processing is based on consent)
  • Lodge a complaint with a data protection authority

You can exercise most of these rights directly from the GSCaddie dashboard (export, delete). Otherwise email hello@gscaddie.com. We will respond within the timeframe required by applicable law (typically 30 days).

7.1 California residents (CCPA/CPRA)

We do not sell or share personal information as defined by California law. You have the right to know, delete, correct, and opt out of sale/sharing. Contact hello@gscaddie.com to exercise these rights.

7.2 EU/UK residents (GDPR/UK GDPR)

The legal bases for processing your data are: (a) performance of a contract (providing the service), (b) legitimate interests (improving reliability, preventing abuse), (c) consent (optional analytics, marketing emails), and (d) legal obligation (tax, fraud).

8. Security

We use industry-standard safeguards: TLS for data in transit, encryption at rest via our cloud provider, access controls, least-privilege service accounts, and audit logging. No system is perfectly secure; we cannot guarantee absolute security and you use GSCaddie at your own risk.

If we become aware of a breach that materially affects your data, we will notify you and relevant authorities as required by law.

9. Children's privacy

GSCaddie is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children under that age. If you believe we have, contact hello@gscaddie.com and we will delete it.

10. Local-only mode

GSCaddie can be used in a local-only mode that does not sync data to our servers. In that mode, shot and round data remain on your computer, and we collect only minimal app telemetry (version, crash reports) unless you opt out in settings.

11. Third-party links and services

GSCaddie may link to or interoperate with third-party services (GSPro, launch monitor vendors, etc.). This Privacy Policy does not apply to those services. Review their privacy policies separately.

12. Changes to this Policy

We may update this Policy from time to time. Material changes will be announced via the app, the website, or email. Continued use after the effective date constitutes acceptance.

13. Contact

For privacy questions, data requests, or concerns, contact M5 Software Solutions LLC at hello@gscaddie.com.