Skip to main content

Privacy Policy

How TPS collects, uses, and protects your information across our website and app.

Last updated: June 22, 2026

Overview

TPS Golf League (“TPS,” “we,” “us,” “our”) is a private, members-only golf league operated by Massfeller LLC (Boulder, Colorado). This Privacy Policy explains what information we collect, how we use it, and the choices you have. It applies to the TPS website at tpsleague.com, the TPS mobile app for iPhone and Apple Watch, and related services (together, the “Service”).

We built TPS for our own league — a small roster of members who play together each week. We do not run advertising, we do not use third-party trackers, and we do not sell your personal information. The Service talks only to TPS’s own servers and the handful of service providers named below.

Information We Collect

Account and profile information

  • Name — for your roster identity, leaderboards, and scoring
  • Email address — for sign-in and league communications
  • Mobile phone number — for tournament coordination by text (only if you opt in; see SMS below)
  • GHIN number — to look up your official USGA Handicap Index
  • Optional profile details you choose to provide — gender (for tee and rating selection), birthday, mailing address, emergency contact, time zone, and profile photo

Golf and gameplay data

  • Hole-by-hole scores, strokes, putts, fairways hit, and similar gameplay stats
  • Your Handicap Index and handicap history
  • Payment status for dues and weekly pots (see Payments — we record only whether and how you’ve paid, never card or bank numbers)

Location data (mobile app only) — see the dedicated Location Data section below.

Communications and content

  • In-app group chat (“Squawk”) and member-to-member messages you send
  • SMS consent records (your number, the consent language shown to you, and a timestamp) kept for carrier-compliance purposes
  • Feedback you submit through the app or website

Device and technical information

  • Push notification tokens (Apple Push Notification service and browser Web Push) so we can send you league notifications
  • Sign-in and session tokens
  • IP address and browser/device user-agent, recorded with security, error, and audit logs to keep accounts safe and to debug problems
  • NFC bag-tag identifier and tap records, if you use a TPS bag tag to sign in
  • Crash, hang, and performance diagnostics from the iPhone and Apple Watch app, provided by Apple’s built-in MetricKit framework (no third-party analytics SDK is used)

AI assistant interactions — if you use the “Nineteen” assistant, the questions you ask, relevant profile context, and any scorecard photo you submit (see The Nineteen AI Assistant below).

How We Use Your Information

  • Run the league: manage membership, schedules, registrations, and pairings
  • Score play: calculate scores, handicaps, leaderboards, and weekly payouts
  • Communicate with you by email, push notification, and (with your consent) text message
  • Show you and other members the things that make the league work — rosters, results, and your group’s position on the live course map during a round
  • Keep accounts and the Service secure, prevent abuse, and diagnose problems
  • Improve reliability using crash and performance diagnostics

Location Data

The TPS app uses your precise location only while you are using the app (“When In Use”). It never accesses your location in the background, and it only requests location while a live scorecard is open during a round.

  • Why it needs to be precise: the app shows your distance to the green in yards, which requires an accurate GPS fix. It does not use your location in any low-power “approximate” mode for this, and it does not access location at all outside of an active round.
  • On your device only: your location is used to show your distance to the green (rangefinder), to advance the scorecard to the right hole automatically, and to display yardage in the Live Activity / Dynamic Island. This processing stays on your device.
  • Shared with the league: the one piece of location data that leaves your device is your group’s position on the live course map (the “Spotter” feature), sent at most once every 30 seconds and only while an active round is loaded. Other members and league organizers can see where your group is on the course during play. When no round is active, no location is sent.
  • We do not track your location in the background, record where individual shots land, sell location data, or use it for advertising.

You can turn location off at any time in your device’s Settings. The rest of the app continues to work; you simply lose the on-course distance and map features.

Authentication

We offer several ways to sign in, and we never see or store a password for any of them:

  • Sign in with Apple (mobile app) — we receive your Apple-provided identifier and, only if you choose to share it the first time, your name and email.
  • Google Sign-In (website) — we receive only your verified email address. We do not access your Google password or any other Google account data.
  • Email magic links — single-use sign-in links that expire after about 15 minutes.
  • NFC bag-tag tap — tapping your physical TPS bag tag to claim or access your member account.

On the mobile app, your sign-in token is stored securely in the device Keychain.

Push Notifications

If you allow notifications, we store a device push token (Apple Push Notification service for the app, or Web Push for the browser) so we can send round reminders, pairings, and league announcements. You can turn notifications off in your device or browser settings at any time.

Text Messaging (SMS)

Text messaging is optional and is never required to be a member. If you opt in, we use your mobile number solely to send tournament-coordination texts. Our SMS provider is Twilio. No mobile information is shared with third parties or affiliates for marketing. Reply STOP to any message to opt out at any time. Full details — message types, frequency, and opt-out — are on our SMS Terms & Consent page.

Handicaps and GHIN

We use your GHIN number to retrieve your official USGA Handicap Index for net scoring and payouts. TPS also offers an optional feature to post your tournament scores to GHIN/USGA on your behalf. If you turn this on, your GHIN login credentials are stored encrypted and used only to post your own scores — never for anything else. You can turn auto-posting off at any time.

The Nineteen AI Assistant

If you use “Nineteen,” the questions you ask, the relevant league context, and any scorecard photo you submit for reading are sent to Google’s Gemini API to generate the answer, voice reply, or score reading. We log these interactions to monitor quality and cost. Your AI interactions are never used for advertising, and Nineteen is entirely optional.

Payments

TPS does not process payments and does not store card or bank-account numbers. Membership dues and weekly pots are handled off-platform — for example by Venmo, Zelle, PayPal, or cash, directly between members and the league organizer. For bookkeeping, we record only whether you’ve paid, how much, and which method (e.g., “Venmo,” “cash”).

How Your Information Is Shared

We share information only in these limited ways, and we never sell it:

  • With other members of the league. Names, handicaps, scores, results, and your group’s on-course position are visible to other TPS members as part of normal league play.
  • With service providers that operate parts of the Service on our behalf, limited to what each needs to do its job:
    • Cloudflare — hosting, database, file storage, and search for the entire Service
    • Apple — Sign in with Apple and push notification delivery (APNs)
    • Google — Sign-In (email only) and the Gemini AI assistant
    • Twilio — sending and receiving SMS
    • Resend — sending email
    • GHIN / USGA — retrieving handicaps and, if you opt in, posting your scores
    • OpenWeather — course weather and frost-delay information (course location only, no personal data)
  • Publicly, in summary form. Weekly results may be shared to the TPS Facebook group as a link to a results page. No personal contact information is pushed to Facebook.
  • When required by law, or to protect the safety, rights, or security of our members and the Service.

We do not track you across other apps or websites, we do not use advertising identifiers (no IDFA), and we do not allow any third party to use your information for their own advertising.

Analytics and Tracking

TPS uses no third-party web or app analytics and no advertising or cross-app tracking. The only usage measurement we keep is first-party and internal: email open/click statistics (recorded with a truncated, partial IP address) and basic in-app feature-usage counts. Cookies are limited to keeping you signed in — we do not use advertising or tracking cookies.

Data Storage and Security

Your information is stored on Cloudflare’s infrastructure (D1 database, R2 file storage, and Workers) and is transmitted over encrypted HTTPS connections. Sensitive items such as stored GHIN credentials are encrypted, and access is limited to league organizers who need it. No method of transmission or storage is ever 100% secure, but we take reasonable measures to protect your information.

Data Retention

We keep your information for as long as you are a member and as needed to run the league, keep accurate records, and meet legal or carrier-compliance obligations (for example, SMS consent records). When information is no longer needed, we delete or anonymize it.

Your Rights and Choices

You may, at any time:

  • Access or correct your personal information
  • Withdraw consent for location (device Settings), push notifications (device/browser settings), or SMS (reply STOP)
  • Turn off GHIN auto-posting or use of the AI assistant
  • Request deletion of your personal information and your account

To exercise any of these, contact Ro Troia at ro@rotroia.com. We will respond and act on verified requests within a reasonable time.

Deleting Your Account

You can delete your account at any time from within the iOS app: open your account menu (tap your avatar) and choose Delete Account. For your security, we ask you to confirm with Sign in with Apple before the deletion proceeds.

When you delete your account, we permanently remove your sign-in and personal contact information — your email, phone number, address, GHIN number, date of birth, profile photo, and Apple sign-in identity — along with your device and notification records, and you will no longer be able to sign in. Because TPS is a competitive league, your name and past competition results (scores, standings, and payouts) are retained as part of the league’s historical record, the same as for any past member who has left. You can also request deletion by contacting Ro Troia at ro@rotroia.com.

Children’s Privacy

The Service is intended for adult league members and is not directed to children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us information, contact us and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we’ll revise the “Last updated” date at the top of this page, and we’ll let members know of any material changes. Continued use of the Service after an update means you accept the revised policy.

Contact

Questions about this Privacy Policy? Contact:

Massfeller LLC / TPS Golf League Boulder, Colorado ro@rotroia.com tpsleague.com