Effective Date: May 23, 2026 ยท Developer: John Steinmetz
This Privacy Policy explains how John Steinmetz ("we," "us," or "our"), based in North Carolina, USA, handles information in connection with the CaddieOS mobile application for iPhone and Apple Watch (the "App"). We designed CaddieOS to be private by default: most of your data stays on your device or in your own iCloud account, and our servers never store your name, email, or Apple ID.
Questions? Contact us at [email protected].
a. Account information (Sign in with Apple). When you sign in, Apple gives us an account identifier, and โ only if you choose to share them โ your name and email address. These are stored locally on your device to create your profile. Our backend never receives your name, email, or Apple identifier (see Section 5).
b. Gameplay and profile data. Rounds, scores, shots, per-club distances, clubs, course selections, achievements, and handicap. This is stored on your device.
c. Location data. With your permission, the App uses precise GPS location to show distances to greens and hazards, record where shots are taken, and discover nearby courses. Location is used while the App is in use and in the background during an active round, so distances keep working with your phone in your pocket. Shot coordinates are stored on your device. Coordinates you deliberately mark as course features (tees, greens, pins, hazards) may be contributed to our community course database (see Section 5).
d. Motion and fitness data (Apple Watch). With your permission, the App uses Apple Watch motion sensors to detect golf swings and help auto-log shots (a subscription feature). Motion processing happens on your device. If you opt into "swing training" capture, a file of motion samples is saved locally on your watch to help improve swing detection; it is not uploaded automatically.
e. Health data (HealthKit). With your permission, the App reads workout and heart-rate data to enrich round insights and writes a "Golf" workout to Apple Health. Health data stays on your device and in Apple Health; it is not sent to our servers.
f. Purchase and subscription data. When you subscribe, our payments partner RevenueCat receives an anonymous app-user identifier, your purchase/receipt and entitlement status, and standard device/SDK metadata (such as country, device model, and OS version) to manage your "CaddieOS Pro" access. Apple processes the actual payment; we never receive your payment card details. You can view your anonymous identifier in the App (shown as your "Support ID").
g. Game Center. If you use Game Center, Apple manages a leaderboard ("best round"), achievements, and (optionally) your friends list according to your Game Center settings.
h. Course data you contribute. If you mark tees, greens, pins, or hazards, the resulting coordinates and course details may be submitted to our shared course database. These contributions are tied only to an irreversible pseudonym โ never to your name, email, or Apple ID (see Section 5).
i. Diagnostic information. We may receive limited, non-identifying technical information through Apple and RevenueCat (for example, crash and purchase analytics) to keep the App working.
We use information to: provide GPS distances and shot tracking; record and display your rounds, stats, and achievements; provide subscription features and manage entitlements; build and serve the community course database; detect and prevent abuse and fraud; provide customer support; and comply with law.
Your detailed gameplay data is stored locally on your device. If you use iCloud, a limited set of data โ your display name, handicap index, and earned achievements โ is stored in your own private iCloud database, hosted by Apple. We cannot access other users' iCloud data. You control this through your Apple ID and iCloud settings.
CaddieOS includes a crowdsourced course-geometry database hosted on Cloudflare servers. It stores course names, coordinates, and hole geometry (tee, green, pin, and hazard locations and par) that users contribute, plus aggregated "canonical" geometry served to other users.
No personal data is stored on this server. Each contribution is associated only with a one-way, irreversible pseudonym (an HMAC hash derived from your Apple account identifier and then discarded). The server stores no name, email, or Apple ID. Geometry you contribute is aggregated into a shared dataset and made available to other CaddieOS users. Reading from and contributing to this database are subscription features.
We share information only as needed to operate these services:
We do not authorize these providers to use your information for their own marketing.
When you open or start a course, CaddieOS sends that course's geographic coordinates / bounding area to the public Overpass API (operated by OpenStreetMap community servers, including overpass-api.de and overpass.kumi.systems) to download publicly available golf-course map features (greens, tees, fairways, bunkers, water hazards, and cart paths). These requests disclose the approximate area you are viewing to those third-party servers, subject to their operators' own policies.
Map data is ยฉ OpenStreetMap contributors and is licensed under the Open Database License (ODbL) v1.0. CaddieOS displays the attribution "ยฉ OpenStreetMap contributors." Portions of our community course database may be derived from OpenStreetMap data and remain subject to the ODbL.
We are based in the United States and serve users worldwide. If you use the App from outside the United States, your information will be processed in the United States and other countries where we or our service providers operate, which may have different data-protection laws than your own. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for international transfers.
Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of your personal information, and to object to certain processing.
To exercise any right, email [email protected]. We will verify your request (see Section 12) and respond as required by law.
We keep on-device and iCloud data until you delete it or delete the App. Anonymous purchase records are retained as long as needed to provide and account for subscriptions and as required by Apple and applicable law. Pseudonymous course contributions are retained as part of the shared dataset.
To delete your account and associated data, email [email protected] from, or referencing, the email address you used to create your account. We require this so we can verify the request before acting. Upon verification we will delete the account data we can associate with you and disassociate your pseudonymous identifier; anonymous purchase history may be retained as required by Apple/law. Because course geometry you contributed is stored pseudonymously, contains no personal data, and cannot reliably be traced back to you, it may remain in the community dataset. Deleting the App removes all on-device data; iCloud data is controlled through your Apple ID.
We protect information using encryption in transit (TLS), authentication via Sign in with Apple, device integrity checks (App Attest) for our database, one-way pseudonymization (so no personal data is stored server-side), rate limiting, and moderation of community contributions. No method of transmission or storage is 100% secure, but we work to protect your information.
CaddieOS is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.
We may update this Privacy Policy from time to time. We will post the updated version with a new effective date and, where required, provide additional notice.
John Steinmetz โ North Carolina, USA