The Tennis Plan – Privacy Policy

Last updated: 3/01/26

1. Introduction

The Tennis Plan ("us," "we," or the "Company") is committed to respecting the privacy rights of its customers, visitors, and other users of the Company's mobile applications (the "App"). We created this Privacy Policy ("Privacy Policy") to give you confidence as you visit and use the App, and to demonstrate our commitment to fair information practices and the protection of privacy. This Privacy Policy is only applicable to the App, and not to any other websites that you may be able to access from the App, each of which may have data collection, storage, and use practices and policies that differ materially from this Privacy Policy.

2. Information Collection Practices

(a) Types of Information Collected

(i) Traffic Data

We automatically collect certain technical data when you visit the App, including:

• IP address

• Device type and operating system

• Browser type and version

• App usage and interaction data

This Traffic Data is anonymized and used for analytics, security, and improving user experience. We may use cookies and similar tracking technologies to personalize content, enhance security, and prevent fraud.

(ii) Personal Information

To access certain services or make purchases, we collect Personal Information, including:

• Contact Data (name, email, mailing address, phone number)

• Financial Data (credit card or payment details via third-party payment processors)

• Demographic Data (age, zip code, preferences)

We do not store payment information; all transactions are securely processed by Stripe, Apple Pay, and Google Pay. Their privacy policies can be found at:

• Stripe Privacy Policy: https://stripe.com/privacy

• Apple Pay Privacy Policy: https://www.apple.com/legal/privacy/

• Google Pay Privacy Policy: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice

We do not knowingly collect data from individuals under 13 years of age. If you believe a child has provided us with Personal Information, contact info@thetennisplan.com, and we will promptly delete it.

(iii) Google Calendar Data

When a coach connects their Google Calendar to the App, we access the following data via Google's OAuth 2.0 authorization:

• Calendar events (titles, dates, times, and availability status)

• Free/busy information (to display your availability to players)

• Calendar identifiers (to sync sessions and bookings to your calendar)

We access only the minimum data required to provide calendar sync functionality. We do not access the content of calendar events beyond what is necessary to display availability and manage tennis session bookings.

The specific Google OAuth scopes we request are:

• https://www.googleapis.com/auth/calendar.readonly — to read availability

• https://www.googleapis.com/auth/calendar.events — to create and update session bookings

3. How We Use Your Information

We process collected information for the following legitimate purposes:

• Providing and personalizing services – Matching users with hitting partners, coaches, and content.

• Processing transactions – Managing purchases securely through third-party payment systems.

• Marketing and communications – Sending updates, promotions, and tennis-related content, unless opted out.

• Analytics and performance improvements – Understanding how users engage with the App to enhance functionality.

• Legal and security compliance – Preventing fraud, enforcing Terms of Service, and complying with legal obligations.

Use of Google Calendar Data — Limited Use Policy

Our use and transfer of information received from Google APIs, including Google Calendar data, is subject to and complies with the Google API Services User Data Policy, including its Limited Use requirements.

Google Calendar data accessed through our integration is used solely to:

• Display coach availability within the App for booking purposes

• Create, update, or cancel calendar events related to tennis sessions booked through the App

• Sync confirmed bookings between the App and a coach's Google Calendar

We will not use Google Calendar data for the following purposes:

• Serving advertisements or building advertising profiles

• Selling, renting, or otherwise transferring the data to third parties for their own use

• Any purpose unrelated to providing the App's scheduling and booking features

• Allowing humans to read your Google Calendar data, except where you have given explicit consent, it is necessary for security purposes, or required by law

4. How We Share Your Information

We do not sell your Personal Information. However, we may share data in the following ways:

Who We Share With

Purpose

Service Providers (e.g., hosting, payment processing)

Securely process payments, store data, prevent fraud.

Marketing Partners (if consented)

Send promotions, personalized offers.

Legal & Security Compliance

Respond to law enforcement requests, enforce policies.

Google (Google Calendar API)

Calendar sync for coach scheduling, solely to provide booking features within the App. Subject to the Google API Services User Data Policy.

Users may opt out of marketing communications at any time via account settings or by emailing info@thetennisplan.com.

5. Data Security & Breach Notification

We use industry-standard encryption and secure servers to protect Personal Information. Despite these measures, no system is 100% secure. In the event of a data breach:

• Affected users will be notified via email and/or in-app notification within 72 hours.

• We will take immediate action to mitigate risks and comply with applicable data protection laws.

For security concerns, contact security@thetennisplan.com.

Disconnecting Google Calendar

Coaches may revoke the App's access to their Google Calendar at any time by:

• Going to Settings > Integrations > Google Calendar and selecting Disconnect within the App

• Visiting your Google Account security settings at myaccount.google.com/permissions and removing The Tennis Plan from the list of connected apps

Upon disconnection, we will cease accessing your Google Calendar data. Any previously synced session data stored in the App may be retained as part of your booking history, but we will no longer read from or write to your Google Calendar.

6. Your Rights & Choices

For California Residents (CCPA Compliance)

Under the California Consumer Privacy Act (CCPA), California residents have the right to:

• Request access to the categories of Personal Information we collect.

• Opt-out of data sharing with third parties.

• Request deletion of Personal Information (subject to legal exceptions).

To exercise your CCPA rights, email privacy@thetennisplan.com with "CCPA Request" in the subject line.

For European Users (GDPR Compliance)

If you reside in the EU/EEA, you have the following rights under the General Data Protection Regulation (GDPR):

• Right to Access – Request a copy of your data.

• Right to Correction – Correct inaccurate data.

• Right to Deletion – Request data removal.

• Right to Object – Restrict how we process your data.

To submit a GDPR request, contact privacy@thetennisplan.com with "GDPR Request" in the subject line.

7. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. If material changes are made, we will notify users via email or in-app notification at least 15 days before changes take effect.

Last updated: [Insert Date]

For questions about this Privacy Policy, email info@thetennisplan.com.