Privacy Policy

Welcome to WCourt ("WCourt," "we," "our," or "us"). WCourt is a California-based company that operates the WCourt mobile application (the "App"), a social media platform designed exclusively for the tennis community, featuring artificial intelligence ("AI") powered coaching and analysis tools.

This Privacy Policy describes how we collect, use, disclose, retain, and protect your personal information when you use the WCourt App, our website at wcourt.com (the "Website"), and any related services (collectively, the "Services"). It also explains your rights regarding your personal information and how to exercise those rights.

By creating an account or otherwise using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services.

This Privacy Policy applies to all users of our Services, regardless of location. Certain sections of this Policy provide additional information relevant to residents of specific jurisdictions, including California, other U.S. states with comprehensive privacy laws, the European Economic Area ("EEA"), the United Kingdom ("UK"), and other international jurisdictions.

We collect information in several ways: directly from you, automatically when you use our Services, and from third-party sources. Below is a detailed description of each category.

2.1 Account Information

When you create an account, we collect:

• Full name, email address, and username
• Password (stored in hashed form)
• Profile picture and cover photo
• Date of birth (for age verification purposes)
• Phone number (optional, for account recovery)

2.2 User-Generated Content (UGC)

When you use social features of the App, we collect:

• Photos, videos, and live-stream recordings you upload or broadcast
• Posts, captions, comments, and replies
• Direct messages and group chat messages
• Stories and ephemeral content
• Likes, shares, saves, and other engagement interactions
• Content metadata (e.g., timestamps, geotags if enabled, hashtags)

2.3 Tennis Profile Data

To personalize your experience, we may collect:

• Self-reported skill level (e.g., NTRP rating, beginner/intermediate/advanced)
• Playing style and preferred hand (left/right)
• Preferred play times and availability
• Equipment preferences and racket details
• Match history and results (if voluntarily shared)
• Favorite courts, home court designation
• Coaching certifications (for coaches)

2.4 Device and Technical Information

We automatically collect:

• Device type, model, manufacturer, and operating system version
• Unique device identifiers (e.g., IDFV)
• App version and build number
• IP address and network type (Wi-Fi, cellular)
• Crash reports, diagnostic logs, and performance data
• Screen resolution, language, and time zone settings
• Session duration and frequency of use
• Features accessed, screens viewed, and in-app navigation patterns

2.5 Location Data

With your explicit permission, we may collect:

• Precise location: GPS-based location data for finding nearby courts and players (only when the App is in use and you have granted permission)
• Approximate location: City-level location derived from IP address for content relevance
• Court location data: Location of tennis courts you check into or tag

You can revoke location permissions at any time through your iOS device settings. Revoking location access may limit certain features such as nearby court and player discovery.

2.6 Camera and Microphone Data

With your explicit permission, we access:

• Camera: To capture photos and videos for posts, stories, live streams, and AI video analysis
• Photo library: To select existing media for sharing or AI analysis
• Microphone: For video recording with audio, live streaming, and live AI coaching sessions

We do not access your camera or microphone in the background. These permissions are only used while the App is actively in use and you have initiated a feature that requires them.

2.7 Purchase and Transaction Data

When you make in-app purchases of AI credits, we collect:

• Purchase history (credit packages purchased, timestamps, quantities)
• Credit balance and usage history
• Transaction identifiers provided by Apple

We do not collect or store your payment card information, billing address, or other financial details. All payment processing is handled entirely by Apple through the App Store.

2.8 AI Interaction Data

When you use our AI-powered features (Singularity AI Coach, Video Analysis, Live Coaching), we collect:

• Videos and images submitted for AI analysis
• Text-based queries and conversations with the AI Coach
• AI-generated analysis results and coaching recommendations
• Session logs including feature used, credits consumed, and duration
• User feedback on AI responses (e.g., ratings, corrections)

We use the information we collect for the following purposes:

3.1 Core App Functionality

• Create and manage your user account and tennis profile
• Enable you to create, share, and interact with tennis content (posts, videos, photos, stories, live streams)
• Facilitate direct messaging and group chats between users
• Help you discover and connect with other tennis players in your area
• Display nearby tennis courts and facilitate court check-ins
• Enable following, liking, commenting, and other social interactions

3.2 AI-Powered Features

• Process your tennis videos and images through our AI analysis engine to provide technique feedback
• Deliver personalized coaching recommendations via the Singularity AI Coach
• Provide real-time coaching feedback during Live Coaching sessions
• Track and visualize your skill development and progress over time
• Generate AI-powered training plans and drill recommendations

3.3 Personalization

• Curate your content feed based on your interests, skill level, and engagement patterns
• Recommend players, coaches, and courts relevant to you
• Tailor AI coaching recommendations to your skill level and playing style
• Customize notifications and content suggestions

3.4 Safety and Security

• Detect, prevent, and address spam, abuse, harassment, and other violations of our Terms of Service
• Moderate user-generated content for policy compliance
• Authenticate users and prevent unauthorized access
• Identify and mitigate fraudulent transactions and abuse of AI credits
• Protect the security and integrity of our Services

3.5 Communications

• Send transactional notifications (e.g., account verification, password resets, purchase confirmations)
• Notify you of social interactions (e.g., new followers, likes, comments, messages)
• Provide product updates, feature announcements, and service-related notices
• Respond to your support requests and inquiries
• Send promotional communications (with your consent; you can opt out at any time)

3.6 Analytics and Improvement

• Analyze usage patterns and trends to improve our Services
• Conduct A/B testing to optimize features and user experience
• Monitor App performance, stability, and uptime
• Develop new features and functionality based on user behavior and feedback
• Generate aggregated, de-identified analytics reports

Because WCourt offers AI-powered tennis coaching and analysis features, we want to be especially transparent about how your data is used in connection with these features.

4.1 Video and Image Processing

When you submit a video or image for AI analysis:

• Your media is securely transmitted to our servers and/or third-party AI processing infrastructure for analysis.
• Our AI models analyze your tennis technique, form, footwork, shot mechanics, and other aspects of gameplay.
• Analysis results are generated and stored in your account for future reference.
• Original media submitted for analysis is retained in your account unless you choose to delete it.
• Processing is performed on a per-use basis, consuming credits from your purchased balance.

4.2 AI Model Training and Improvement

To improve the accuracy and quality of our AI features, we may use de-identified and aggregated data derived from user interactions with our AI tools to train and refine our machine learning models. Specifically:

• Personal identifiers (name, username, profile picture, account details) are stripped from any data used for model training.
• We use technical measures to anonymize data before it enters any training pipeline.
• You have the right to opt out of having your AI interaction data used for model training. You may exercise this right at any time by emailing hellowcourt@gmail.com with the subject line "Opt-Out of AI Training." Opting out will not affect the quality or availability of AI features for your account.

4.3 Third-Party AI Providers

We work with third-party AI service providers to power certain features. When your data is processed by a third-party AI provider:

• Data is transmitted securely using industry-standard encryption (TLS 1.2+).
• Our agreements with these providers contractually prohibit them from using your data for their own purposes, including training their own models on your data.
• Third-party providers are required to delete your data promptly after processing is complete, unless otherwise required by law.
• We conduct regular reviews of our AI providers' privacy and security practices.

4.4 Anonymization Practices

We employ the following anonymization techniques for data used in AI model improvement:

• Removal of all personally identifiable information (PII) including names, usernames, and email addresses
• Stripping of metadata that could identify the user (e.g., geolocation, device identifiers)
• Aggregation of data points across multiple users to prevent re-identification
• Technical safeguards to prevent reverse engineering of anonymized datasets

4.5 AI-Generated Content Disclaimer

Content generated by our AI features (including coaching recommendations, technique analysis, training plans, and feedback) is provided for informational and educational purposes only. AI-generated content:

• Does not constitute professional medical, fitness, or coaching advice.
• May contain inaccuracies and should be verified by a qualified tennis professional when appropriate.
• Should not replace professional coaching, especially for injury prevention and rehabilitation.
• Is generated algorithmically and may not account for individual physical limitations, health conditions, or injuries.

5.1 Credits Model

WCourt's core social media features are free to use. AI-powered features (Singularity AI Coach, Video Analysis, and Live Coaching) are available on a pay-per-use basis through an in-app credit system. Users purchase credit packages and spend credits each time they use an AI feature.

5.2 Apple Handles Payments

All in-app purchases are processed exclusively through Apple's App Store payment infrastructure. WCourt does not collect, process, or store any payment card numbers, bank account details, or billing addresses. Apple's handling of your payment information is governed by Apple's own Privacy Policy and Terms of Service.

5.3 Purchase History

We maintain records of your purchase and credit usage history, including:

• Credit package type and quantity purchased
• Date and time of each purchase
• Apple transaction identifiers for reconciliation and refund support
• Credit consumption records (which AI feature used, credits deducted, timestamp)
• Current credit balance

This data is retained for the duration of your account and for a reasonable period thereafter as necessary for legal compliance, dispute resolution, and fraud prevention.

We do not sell your personal information. We have not sold personal information in the preceding twelve (12) months and have no plans to do so. We may share your information in the following limited circumstances:

6.1 With Other Users

Certain information is shared with other WCourt users as part of the social functionality of the App:

• Your public profile information (username, display name, profile picture, bio, skill level, home court)
• Content you post publicly (posts, videos, photos, stories, live streams)
• Your social interactions (likes, comments, follows) as configured in your privacy settings
• Direct messages are shared only with the intended recipient(s)

6.2 With Service Providers

We share information with trusted third-party service providers who assist us in operating, maintaining, and improving our Services. These providers are contractually obligated to use your information only as necessary to provide services to us and are bound by confidentiality obligations. Categories of service providers include:

• Cloud hosting and infrastructure providers
• AI and machine learning processing providers
• Analytics and performance monitoring services
• Push notification delivery services
• Content delivery networks (CDNs)
• Customer support tools

6.3 Legal Requirements

We may disclose your information if we believe in good faith that disclosure is necessary to:

• Comply with applicable law, regulation, legal process, or enforceable governmental request
• Enforce our Terms of Service, Community Guidelines, or other agreements
• Detect, prevent, or address fraud, security issues, or technical problems
• Protect the rights, property, or safety of WCourt, our users, or the public as required or permitted by law
• Respond to valid court orders, subpoenas, or other compulsory legal process

6.4 Business Transfers

In the event that WCourt is involved in a merger, acquisition, reorganization, bankruptcy, asset sale, or similar business transaction, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice in the App prior to any such transfer, and this Privacy Policy will continue to apply to your information until a new privacy policy is provided to you.

6.5 We Do Not Sell Your Data

WCourt does not sell, rent, or lease your personal information to third parties for monetary or other valuable consideration. We do not share your personal information for cross-context behavioral advertising. This applies to all users, regardless of jurisdiction.

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction.

7.1 Encryption

• In transit: All data transmitted between the App and our servers is encrypted using TLS 1.2 or higher.
• At rest: Personal data and user content stored on our servers is encrypted using AES-256 encryption.
• Passwords: User passwords are hashed using industry-standard one-way hashing algorithms and are never stored in plaintext.

7.2 Access Controls

• Access to personal information is restricted to authorized personnel on a need-to-know basis.
• We employ role-based access controls (RBAC) and multi-factor authentication for internal systems.
• Access logs are maintained and regularly audited.
• Third-party service provider access is limited through API scoping and least-privilege principles.

7.3 Incident Response

• We maintain an incident response plan for security breaches and data incidents.
• In the event of a data breach that affects your personal information, we will notify you and relevant regulatory authorities as required by applicable law.
• Notification will be made without unreasonable delay and no later than required by applicable law (e.g., 72 hours under GDPR, as soon as practicable under California law).
• We conduct regular security assessments, vulnerability testing, and code reviews.

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to implementing and maintaining commercially reasonable security measures.

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

8.1 Active Accounts

While your account remains active, we retain all information associated with your account, including your profile data, content, messages, AI interaction history, and purchase records. You may delete specific content (posts, messages, etc.) at any time, and such content will be removed from public view promptly.

8.2 Deleted Accounts — 30-Day Window

When you request account deletion:

• Your account is immediately deactivated and your profile becomes invisible to other users.
• You have a 30-day grace period during which you can reactivate your account by logging back in. All your data will be restored.
• After 30 days, your personal information is permanently deleted from our active systems.
• Content you posted publicly may persist in other users' feeds or caches for a limited period but will be attributed to a deleted account.

8.3 Legal Holds and Compliance

Certain data may be retained beyond the standard deletion timeline when required by:

• Applicable law or regulation (e.g., tax records, transaction data)
• Pending or anticipated litigation, investigation, or legal proceedings
• Fraud prevention and security purposes
• Enforcement of our Terms of Service

8.4 Anonymized Analytics Data

Aggregated, de-identified, and anonymized data that cannot reasonably be used to identify you may be retained indefinitely for analytics, research, and product improvement purposes. This data is not considered personal information and is not subject to deletion requests.

If you are a California resident, the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, "CCPA"), provides you with specific rights regarding your personal information. This section describes your CCPA rights and explains how to exercise them.

9.1 Right to Know

You have the right to request that we disclose:

• The categories of personal information we have collected about you
• The categories of sources from which we collected your personal information
• The business or commercial purposes for collecting your personal information
• The categories of third parties with whom we share your personal information
• The specific pieces of personal information we have collected about you

9.2 Right to Delete

You have the right to request that we delete your personal information, subject to certain exceptions provided by law (e.g., where the information is necessary to complete a transaction, detect security incidents, comply with a legal obligation, or for certain internal uses compatible with reasonable consumer expectations).

9.3 Right to Correct

You have the right to request that we correct inaccurate personal information that we maintain about you, taking into account the nature of the information and the purposes of the processing.

9.4 Right to Opt-Out of Sale or Sharing

WCourt does not sell your personal information and does not share your personal information for cross-context behavioral advertising. Therefore, there is no need to opt out. However, if our practices change in the future, we will provide a "Do Not Sell or Share My Personal Information" link and update this Policy accordingly.

9.5 Right to Limit Use of Sensitive Personal Information

To the extent we collect sensitive personal information (such as precise geolocation), you have the right to limit our use of that information to purposes necessary to provide the Services. You can limit geolocation collection through your device settings or by contacting us.

9.6 Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. We will not deny you goods or services, charge you different prices, provide you a different level or quality of goods or services, or suggest that you may receive a different price or quality of goods or services for exercising your rights.

9.7 How to Exercise Your Rights

You may submit a verifiable consumer request by:

• Emailing us at hellowcourt@gmail.com
• Using the in-app privacy settings and account management tools
• Contacting us at hellowcourt@gmail.com

We will respond to your request within 45 days. If we need additional time, we will inform you of the reason and extension period (up to an additional 45 days). We will deliver our response by mail or electronically, at your option.

9.8 Authorized Agents

You may designate an authorized agent to submit a request on your behalf. To do so, you must provide the authorized agent with signed, written permission to act on your behalf, and we may require you to verify your identity directly with us and confirm that you provided the agent with permission to submit the request.

9.9 Verification

To protect your privacy, we must verify your identity before fulfilling your request. We will ask you to provide information that matches information we already have on file. If we cannot verify your identity, we may deny your request. We will not collect additional personal information from you solely for the purpose of verifying your identity; we will use information already in our possession.

If you are a resident of one of the following states, you may have additional privacy rights under your state's law:

10.1 Virginia (Virginia Consumer Data Protection Act — VCDPA)

Virginia residents have the right to:

• Confirm whether we are processing your personal data and access that data
• Correct inaccuracies in your personal data
• Delete your personal data
• Obtain a portable copy of your personal data
• Opt out of targeted advertising, sale of personal data, and profiling in furtherance of decisions that produce legal or similarly significant effects

You may appeal a denial of your request by contacting us at hellowcourt@gmail.com.

10.2 Colorado (Colorado Privacy Act — CPA)

Colorado residents have similar rights to Virginia residents, including the right to:

• Opt out of targeted advertising, the sale of personal data, and certain profiling
• Access, correct, delete, and obtain a portable copy of personal data

Colorado residents also have a right to appeal a denial of any privacy request.

10.3 Connecticut (Connecticut Data Privacy Act — CTDPA)

Connecticut residents have rights similar to those provided under the VCDPA and CPA, including the right to access, correct, delete, and port their personal data, and to opt out of targeted advertising, the sale of personal data, and profiling.

10.4 Utah (Utah Consumer Privacy Act — UCPA)

Utah residents have the right to:

• Confirm whether we are processing your personal data and access that data
• Delete your personal data
• Obtain a portable copy of your personal data
• Opt out of targeted advertising and the sale of personal data

10.5 Texas (Texas Data Privacy and Security Act — TDPSA)

Texas residents have the right to:

• Confirm whether we are processing your personal data and access that data
• Correct inaccuracies in your personal data
• Delete your personal data
• Obtain a portable copy of your personal data
• Opt out of targeted advertising, the sale of personal data, and profiling

To exercise any of these rights, contact us at hellowcourt@gmail.com. We will respond within the timeframes required by your state's applicable law.

If you are located in the European Economic Area ("EEA"), the United Kingdom ("UK"), or Switzerland, the General Data Protection Regulation ("GDPR") and applicable local laws provide you with additional rights regarding your personal data.

11.1 Legal Basis for Processing

We process your personal data on the following legal bases:

• Performance of a Contract: Processing necessary to provide you with the Services you have requested (e.g., account creation, content sharing, messaging).
• Consent: Where you have given explicit consent, such as for location data collection, marketing communications, and optional AI model training.
• Legitimate Interest: Processing necessary for our legitimate interests (e.g., improving our Services, ensuring security, preventing fraud), provided that such interests are not overridden by your rights and freedoms.
• Legal Obligation: Processing necessary to comply with applicable laws and regulations.

11.2 Data Protection Officer (DPO)

For questions or concerns regarding our processing of personal data under GDPR, you may contact our Data Protection Officer at:

• Email: hellowcourt@gmail.com (Attn: Data Protection Officer)

11.3 Cross-Border Data Transfers

WCourt is based in California, United States. If you use our Services from outside the United States, your information will be transferred to, stored, and processed in the United States and potentially other countries where our service providers maintain facilities. We ensure appropriate safeguards for international transfers through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data processing agreements with all service providers that include appropriate transfer mechanisms
• Assessment of the laws and practices of recipient countries to ensure adequate protection

11.4 Your Rights Under GDPR

In addition to the rights described elsewhere in this Policy, EEA, UK, and Swiss residents have the right to:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete personal data.
• Erasure ("Right to be Forgotten"): Request deletion of your personal data under certain circumstances.
• Restriction: Request that we restrict processing of your personal data under certain circumstances.
• Data Portability: Receive your personal data in a structured, commonly used, machine-readable format.
• Objection: Object to processing based on legitimate interests or for direct marketing purposes.
• Withdraw Consent: Where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of prior processing.
• Lodge a Complaint: File a complaint with your local supervisory authority.

To exercise these rights, contact us at hellowcourt@gmail.com. We will respond within 30 days of receiving your request, as required by GDPR.

WCourt is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. Our Services are intended for users who are at least 13 years of age.

12.1 COPPA Compliance

In compliance with the Children's Online Privacy Protection Act ("COPPA"):

• We require users to confirm they are at least 13 years old during the account registration process.
• If we learn that we have collected personal information from a child under 13, we will take steps to delete that information as quickly as possible.
• We do not knowingly collect, use, or disclose personal information from children under 13 without verifiable parental consent.

12.2 Parental Rights

If you are a parent or guardian and believe that your child under 13 has provided personal information to us without your consent, please contact us immediately at hellowcourt@gmail.com. We will promptly investigate and delete any information that was collected in violation of COPPA.

12.3 Teen Users (Ages 13-17)

Users between 13 and 17 may use WCourt with the consent of a parent or guardian. We apply additional protections for teen users, including default privacy settings that limit the visibility of their profiles and content. We encourage parents and guardians to be involved in their teens' online activities and to review this Privacy Policy with them.

Our Services integrate with or rely on certain third-party services. Each third-party service has its own privacy policy, and we encourage you to review them. We are not responsible for the privacy practices of third-party services.

13.1 Cloud Infrastructure

We use third-party cloud hosting providers to store and process your data. These providers maintain industry-standard security certifications (e.g., SOC 2, ISO 27001) and are contractually bound to protect your data.

13.2 AI Processing Providers

We use third-party AI and machine learning services to power our AI coaching and analysis features. Data shared with these providers is limited to what is necessary for the specific AI function and is subject to contractual data protection obligations.

13.3 Analytics Services

We use analytics services to understand how our App is used and to improve our Services. Analytics data is collected in aggregate or pseudonymized form where possible.

13.4 Push Notification Services

We use Apple Push Notification Service (APNs) and potentially third-party notification services to deliver notifications to your device. You can control notification preferences through the App settings or your device settings.

13.5 Links to Third-Party Content

The App may contain links to third-party websites, services, or content that are not owned or controlled by WCourt. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party services you interact with.

This section applies primarily to our Website (wcourt.com). The WCourt iOS App does not use browser cookies.

14.1 Cookies We Use

• Essential Cookies: Required for the Website to function properly (e.g., session management, security tokens). These cannot be disabled.
• Analytics Cookies: Help us understand how visitors use our Website by collecting information in an anonymous form (e.g., pages visited, time on site, referral sources).
• Functional Cookies: Enable enhanced functionality and personalization (e.g., remembering your preferences, language settings).

14.2 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified before a cookie is set. Please note that disabling certain cookies may affect the functionality of our Website.

14.3 Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. We currently do not respond to DNT signals because there is no industry-standard protocol for interpreting them. We will update this Policy if and when a standard is established.

14.4 Mobile Tracking

In the iOS App, we respect Apple's App Tracking Transparency (ATT) framework. We will request your permission before tracking your activity across other companies' apps and websites for advertising purposes. You can change your tracking preferences at any time in your iOS Settings.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

15.1 Notification of Changes

When we make material changes to this Privacy Policy, we will notify you through:

• Email notification: We will send an email to the address associated with your account describing the changes.
• In-app notification: We will display a prominent notice within the App informing you of the updated Policy.
• Website posting: The updated Policy will be posted on our Website with the revised "Last Updated" date.

15.2 Advance Notice

For material changes, we will provide at least 30 days' advance notice before the changes take effect, unless a shorter notice period is required by law. During this notice period, you may review the changes and, if you do not agree with the updated Policy, you may delete your account before the changes become effective.

15.3 Continued Use

Your continued use of the Services after the effective date of a revised Privacy Policy constitutes your acceptance of the changes. If you do not agree with the revised Policy, you must stop using the Services and delete your account.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the information below:

We aim to respond to all inquiries within 30 days. For CCPA requests, we will respond within 45 days as required by law. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.