This privacy policy applies to the RacketRate website and mobile app (including the Android app). It is intended to meet the disclosure requirements of Google Play and other app stores, and to give you a clear picture of your data and your rights.
1. Who we are
RacketRate ("we", "us") is the service that provides the RacketRate app and website (including racketrate.com). For platform operations (for example accounts, hosting, security and service communications), we act as a data controller. For club management data entered and managed by club organisers, those organisers/clubs may also act as controllers for their own member management activities. You can contact us via the website at About or by email at [email protected].
2. Data we collect
We collect and process the following data to run the service:
- Account data: When you sign up we store your email address and authentication identifier (via our auth provider). Sign-in may use email/password or third-party sign-in (for example Google / Apple).
- Age eligibility confirmation: At account sign-up we require you to confirm that you are aged 13 or over. We do not currently require date of birth at sign-up for this check.
- Profile data: In the profile setup step, only your display name (username) is required. Other profile fields are optional, such as first/last name, gender, badminton ability, bio, contact email, phone number, profile photo (avatar), and optionally a national sports body ID (for example Badminton England) if you choose to provide them. Some users may also have a date of birth stored if they provide it later in their profile.
- Club and membership data: Clubs you create or join, your role (owner, admin, member), club names and descriptions, session and match data (who attended, who played, scores), rankings and ELO ratings. Club owners/admins may be able to view member-provided profile details (for example name, date of birth and contact details) for club operations.
- Messaging and notifications: Direct messages, club messages, notification preferences, and (if you enable push notifications) device push tokens used to deliver notifications.
- Marketing consent records: We keep a record of whether you consented to or withdrew consent from more personalised marketing communications, including when the choice was recorded and where it was captured (for example profile setup or settings).
- Usage and device data: We use standard backend and hosting logs (for example requests and errors). Our app may use device identifiers as needed for authentication and security (for example session handling and push notification delivery).
3. How we use your data
We use your data to:
- Provide the app and website (sessions, matches, rankings, club management).
- Authenticate you and manage your account and profile.
- Store and display match history, ELO ratings and statistics.
- Operate clubs (members, roles, attendance, chat where available).
- Send service and activity notifications (in-app and, if enabled, push notifications), and apply your notification preferences.
- Send optional product updates and more personalised marketing communications if you opt in, and honour withdrawals of consent.
- Enforce age eligibility and safety rules for the service.
- Run and secure our systems (for example logs and fraud prevention).
- Comply with legal obligations and enforce our terms.
We will never sell your personal data.
4. Anonymised match data
We may create anonymised, non-identifiable datasets from match and session data (for example scores, formats and aggregates). Such data cannot be linked back to you. We may use this anonymised data for research, analytics or product improvement, and we may share it with third parties for those or similar purposes.
5. Advertising and marketing
We may show third-party rewarded video ads in parts of the app (for example to unlock access to selected features for a limited time). These ads are non-personalised: we do not use behavioural profiling or personalised ad targeting for in-app ads. We currently use profile and account preferences for service communications and optional more personalised marketing communications (where you explicitly opt in). We keep an audit record of marketing consent choices (including withdrawals).
6. Legal basis
We process your data:
- Where necessary to perform our contract with you (providing the service).
- Where we have a legitimate interest (for example security and improving the service), balanced against your rights.
- Where you have given consent (for example more personalised marketing communications and notification permissions on your device).
- Where required by law.
7. Storage and third parties
Your data is stored and processed using:
- Supabase (authentication and database), which may store data in regions chosen by the service. Their terms and privacy practices apply to that processing.
- Firebase Cloud Messaging (Google) for push notification delivery when you enable notifications on your device.
- Hosting and CDN (for example Netlify) to serve the website and app.
We may use other subprocessors for essential service operations (for example email). We choose providers that commit to appropriate security and confidentiality. We do not sell your personal data to data brokers.
8. Data retention
We keep your account and profile data for as long as your account is active. Club and match data is kept to provide the service and historical rankings. We may retain some data longer where required by law (for example tax or disputes) or for legitimate backup/recovery. When you delete your account, we will delete or anonymise your personal data in line with our retention rules and applicable law.
9. Your rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data (you can edit your profile in the app).
- Delete your data or request account deletion.
- Export your data in a portable format.
- Object or restrict certain processing.
- Withdraw consent where processing is based on consent.
- Lodge a complaint with a supervisory authority (for example the ICO in the UK or your local EU authority).
To exercise these rights, contact us using the details on the website. We will respond within the time required by applicable law (for example one month under GDPR). In some regions you also have the right to opt out of the use of your data for targeted or third-party advertising.
10. Security
We use industry-standard measures to protect your data (for example HTTPS, secure authentication, role-based access controls and database security). No system is completely secure; we will notify you and regulators where we are required to do so in the event of a breach affecting your data.
11. Children
Our service is not directed at children under 13 (or a higher age where required by law). We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it.
12. International transfers
Your data may be processed in countries outside your residence (for example where our providers operate). We ensure appropriate safeguards (for example standard contractual clauses or adequacy decisions) where required by law.
13. Changes to this policy
We may update this privacy policy from time to time. We will post the updated version on this page and, for material changes, we will notify you via the app or email where appropriate. The "Last updated" date below indicates when the policy was last revised.
Last updated: 7 March 2026.