Privacy Policy
Last updated: 5 May 2026 · Effective: 5 May 2026
1. Who we are
Courtr is a mobile app that lets friend groups create and run padel leagues — handling session scheduling, draw generation, live leaderboards, and season standings. We’re based in the United Kingdom.
For the purposes of UK GDPR and the Data Protection Act 2018, the data controller is Courtr.
If you have questions about how we handle your personal data, contact us at privacy@courtr.co.uk.
2. What data we collect
We only collect data we actually need to run the app.
Name-only guests. If an organiser adds a guest player by name only (no account), we store only the display name you provide. No email address, no device data. These entries are not linked to any real-world individual unless they later create an account.
We do not collect location data, contacts from your phone, or any sensitive personal data as defined by UK GDPR.
3. How we use your data
4. Legal basis for processing
Under UK GDPR, we need a legal basis to process your personal data. We rely on:
- Contract — processing necessary to deliver the service you’ve signed up for (running your leagues, storing scores, sending session notifications).
- Legitimate interests — crash reporting and anonymous product analytics, where our interest in maintaining a reliable, improving product does not override your privacy rights.
- Legal obligation — where we are required to process or retain data by law.
- Consent — for push notifications, which require your explicit permission via your device’s operating system. You can withdraw this at any time in your device settings.
5. Third-party services
We use a small number of trusted third-party services to operate Courtr. Each is bound by contractual data processing terms consistent with UK GDPR.
- Supabase — our backend database and authentication provider. Your account data, league data, and session results are stored here. Supabase is GDPR-compliant and we have a Data Processing Agreement in place.
- Stripe — payment processing for the cost-splitting feature. Stripe handles all card data directly — Courtr never stores or sees your full payment details. Stripe is PCI DSS Level 1 certified.
- Sentry — crash reporting and error monitoring. Sentry may capture device type, OS version, and a stack trace when the app crashes. We configure Sentry to minimise the capture of personal data in error reports.
- Mixpanel / Amplitude — product analytics. We use one of these tools to understand how features are used — for example, how many leagues complete a full session. Events are tied to a pseudonymous ID, not your name or email address. To opt out, contact us at privacy@courtr.co.uk and we will action this promptly.
- Apple / Google — if you sign in with Apple or Google, their authentication services verify your identity. We receive only a token and the data you choose to share (typically name and email). Their own privacy policies apply to this step.
We do not share your data with any other third parties except where required by law.
6. Data retention
When a league is deleted, the data of players who are members of only that league will also be removed, subject to any legal retention obligations.
7. International transfers
Some of our third-party providers are based outside the UK. Where personal data is transferred outside the UK, we ensure that appropriate safeguards are in place — typically the International Data Transfer Agreement (IDTA) or Standard Contractual Clauses approved for UK transfers.
If you’d like details of the specific safeguards in place for any transfer, please contact us.
8. Your rights
To exercise any of these rights, contact us at the address in section 11. We will respond within one month. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk if you believe we have not handled your data lawfully.
9. Children
Courtr is not directed at children under 13 and we do not knowingly collect data from anyone under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.
Users aged 13–17 may use the app, but an organiser who adds a minor to a league is responsible for ensuring that parent or guardian consent has been obtained where required.
10. Changes to this policy
We may update this privacy policy from time to time. When we make material changes, we’ll notify you via the app or by email before the changes take effect. The “last updated” date at the top of this page will always reflect the most recent version.
Continued use of Courtr after a change takes effect constitutes acceptance of the updated policy.
11. Contact us
If you have any questions about this policy or want to exercise your data rights, you can reach us at: