Privacy Policy

Last updated: November 11, 2024

By using Pitch Tracker Pro, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Service.

1. Information We Collect

1.1 Personal Information

When you create an account or use our Service, we may collect the following personal information:

• Account Information: Name, email address, password (encrypted), phone number (optional), date of birth, and profile picture
• Profile Information: Player position, throwing arm, height, weight, team affiliations, and coaching role (if applicable)
• Authentication Data: Biometric data (Face ID, Touch ID) stored locally on your device, OAuth tokens for third-party authentication (Google Sign-In)
• Payment Information: Processed through third-party payment processors (Apple App Store, Google Play Store, RevenueCat). We do not store credit card information.
• Subscription Information: Subscription tier, purchase history, subscription status, trial periods, and promotional code usage

1.2 Performance and Athletic Data

To provide our core pitch analysis services, we collect:

• Pitch Metrics: Velocity (MPH), spin rate (RPM), spin axis, release point coordinates (X, Y, Z), release angle, release height, extension distance, arm angle, shoulder rotation, arm velocity, release time, pitch type, horizontal break, vertical break, trajectory analysis, and plate location
• Video Recordings: High-speed video recordings of pitching sessions (up to 240fps), including slow-motion captures, frame-by-frame analysis data, and video metadata (timestamp, duration, resolution, frame rate)
• Biomechanics Data: 3D body tracking data (when using ARKit), skeletal joint positions, movement patterns, stride length, and biomechanical analysis results
• Session Data: Training session dates, locations, weather conditions (if provided), device information, camera settings, and analysis timestamps
• Analytics Data: Performance trends, velocity charts, spin rate distributions, pitch type breakdowns, strike zone accuracy, and comparative analytics

1.3 Team and Social Data

When using team management or social features:

• Team Information: Team names, rosters, player assignments, team statistics, and coach-player relationships
• Social Connections: Friend requests, friend connections, shared content, comparison data, and social activity
• Communication Data: In-app messages, notifications, invitations, and shared reports

1.4 Technical and Device Information

We automatically collect technical information to provide and improve our Service:

• Device Information: Device type (iPhone, iPad, Android), operating system version, device model, unique device identifiers, hardware capabilities (camera specifications, ARKit support, LiDAR availability)
• App Usage Data: Features used, screens viewed, time spent in app, session duration, button clicks, navigation patterns, and feature interaction logs
• Performance Data: App crashes, error logs, performance metrics, loading times, and system resource usage
• Network Information: IP address, network type (Wi-Fi, cellular), connection quality, and network provider information
• Location Data: General location information (city, state, country) derived from IP address or device settings (if location services are enabled). We do not track precise GPS location.

1.5 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies:

• Essential Cookies: Required for app functionality, authentication, and security
• Analytics Cookies: To understand usage patterns and improve our Service (anonymized data)
• Preference Cookies: To remember your settings and preferences
• Third-Party Analytics: We use services like Google Analytics, Sentry (error tracking), and Firebase Analytics (anonymized and aggregated data only)

2. How We Use Your Information

2.1 Primary Service Delivery

We use your information to:

• Provide Pitch Analysis: Process videos and sensor data to calculate velocity, spin rate, biomechanics metrics, and generate analysis reports
• Deliver Real-Time Detection: Enable live pitch tracking with instant feedback and animated overlays
• Generate Analytics: Create performance dashboards, trends, charts, heat maps, and comparative reports
• Enable Team Features: Facilitate team management, player tracking, coach dashboards, and team statistics
• Support Social Features: Enable friend connections, comparison reports, achievement sharing, and social notifications
• Store and Sync Data: Securely store your pitch history, videos, analytics, and sync across your devices

2.2 Service Improvement and Development

We use aggregated and anonymized data to:

• Improve AI analysis accuracy and speed through machine learning model training
• Develop new features based on usage patterns and user feedback
• Fix bugs, optimize performance, and enhance app stability
• Conduct research and analysis to improve our algorithms
• Test new features and functionality

2.3 Communication

We may use your contact information to:

• Send you important service updates, security alerts, and account notifications
• Respond to your support requests and provide customer service
• Send you marketing communications (only with your consent, and you can opt-out at any time)
• Notify you about new features, updates, and promotional offers
• Send achievement notifications, friend activity updates, and social notifications (based on your preferences)

2.4 Legal and Security

We may use your information to:

• Comply with legal obligations, court orders, and regulatory requirements
• Enforce our Terms of Service and protect our rights
• Detect, prevent, and address fraud, security threats, and abuse
• Investigate violations of our policies
• Protect the safety and security of our users and Service

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on:

• Contractual Necessity: To provide the Service you requested and fulfill our Terms of Service
• Legitimate Interests: To improve our Service, ensure security, and prevent fraud (balanced against your privacy rights)
• Consent: For marketing communications, optional features, and certain data processing activities (you can withdraw consent at any time)
• Legal Obligation: To comply with applicable laws and regulations

4. Data Sharing and Disclosure

4.1 Limited Sharing with Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Service, subject to strict confidentiality agreements:

• Cloud Storage Providers: Amazon Web Services (AWS), Railway, Cloudinary (for video storage and processing)
• Analytics Providers: Google Analytics, Sentry (error tracking), Firebase Analytics (anonymized data only)
• Payment Processors: Apple App Store, Google Play Store, RevenueCat (subscription management)
• Authentication Providers: Google (for Google Sign-In), Apple (for Sign in with Apple)
• ML/AI Processing: Our ML service providers for video analysis (data is processed and deleted after analysis)
• Email Service Providers: SendGrid, AWS SES (for transactional emails only)
• Push Notification Services: Expo Push Notification Service, Apple Push Notification Service, Firebase Cloud Messaging

All service providers are contractually obligated to:

• Use your data only for the specific purposes we authorize
• Implement appropriate security measures
• Comply with applicable data protection laws
• Not disclose your data to other parties

4.2 Team and Social Sharing

With your explicit consent and control:

• Team Sharing: Your coach and team members may view your pitch data, performance metrics, and analytics within your team
• Social Features: You may share achievements, comparison reports, and performance highlights with friends (you control what is shared)
• Public Profiles: If you enable a public profile, certain non-sensitive information may be visible to other users
• You can control privacy settings, revoke sharing permissions, and leave teams at any time

4.3 Legal Requirements

We may disclose your information if required by law or in good faith belief that such disclosure is necessary to:

• Comply with legal processes, court orders, subpoenas, or government requests
• Enforce our Terms of Service or investigate potential violations
• Protect the rights, property, or safety of Pitch Tracker Pro, our users, or others
• Prevent or investigate fraud, security threats, or abuse
• Respond to government requests for information

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets:

• Your information may be transferred to the acquiring entity
• We will provide notice to users before any such transfer
• The acquiring entity will be bound by this Privacy Policy
• You may have the right to request deletion of your data before transfer

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably identify you:

• For research purposes, industry reports, or statistical analysis
• To demonstrate Service effectiveness or market trends
• With partners, researchers, or academic institutions
• This data is completely anonymized and cannot be linked back to you

5. Data Security

5.1 Security Measures

We implement industry-standard technical and organizational security measures to protect your information:

• Encryption: All data is encrypted in transit using TLS/SSL (HTTPS) and at rest using AES-256 encryption
• Secure Infrastructure: Data stored on secure, monitored cloud infrastructure with regular security audits
• Access Controls: Strict employee access controls, role-based permissions, multi-factor authentication, and regular access reviews
• Authentication Security: Passwords are hashed using bcrypt, biometric data stored locally on device, OAuth tokens securely managed
• Network Security: Firewalls, intrusion detection systems, DDoS protection, and regular security monitoring
• Code Security: Regular security audits, vulnerability scanning, penetration testing, and secure coding practices
• Data Backup: Regular encrypted backups with disaster recovery procedures
• Incident Response: Security incident response plan, breach notification procedures, and regular security training for employees

5.2 Video Data Handling

Your pitch videos receive special protection:

• Videos are encrypted during upload and storage
• Videos are processed for analysis and automatically deleted from our servers within 30 days of processing
• Original videos remain on your device unless you choose to delete them
• Analysis results (metrics) are retained for your progress tracking
• You can request immediate deletion of videos at any time
• Videos are never shared with third parties except for processing purposes

5.3 Data Breach Notification

In the event of a data breach that may affect your personal information:

• We will notify affected users within 72 hours (as required by GDPR) or as soon as reasonably possible
• We will notify relevant data protection authorities as required by law
• Notifications will include: nature of the breach, data affected, potential consequences, and steps we're taking
• We will take immediate steps to contain and remediate the breach

5.4 Your Role in Security

You play an important role in protecting your information:

• Use a strong, unique password and enable biometric authentication
• Do not share your account credentials with others
• Keep your device and app updated to the latest version
• Be cautious when sharing data with teams or friends
• Report any suspicious activity immediately

6. Data Retention

6.1 Retention Periods

We retain your information for different periods depending on the type of data:

• Account Information: Retained while your account is active and for 30 days after account deletion (for recovery purposes)
• Pitch Data and Analytics: Retained while your account is active. You can request deletion at any time.
• Video Recordings: Deleted from our servers within 30 days of processing. Original videos remain on your device.
• Payment Information: Retained as required by law and payment processor policies (typically 7 years for tax purposes)
• Logs and Analytics: Retained for up to 2 years for security and service improvement purposes
• Legal Records: Retained as required by applicable laws (may be longer for legal compliance)

6.2 Deletion

You can request deletion of your data at any time:

• Delete your account through the app settings
• Contact us at support@pitchtrackerpro.com to request data deletion
• We will delete your data within 30 days of your request (subject to legal retention requirements)
• Some data may be retained in anonymized form for analytics purposes
• We may retain certain information as required by law or for legitimate business purposes

7. Your Rights and Choices

7.1 Access and Portability

You have the right to:

• Access: Request a copy of all personal data we hold about you
• Portability: Receive your data in a structured, machine-readable format and transfer it to another service
• Export: Download your pitch data, analytics, and reports through the app

7.2 Correction and Updates

You can:

• Update your personal information directly in the app
• Request correction of inaccurate or incomplete data
• Modify your profile, preferences, and settings at any time

7.3 Deletion and Right to be Forgotten

You have the right to:

• Delete your account and all associated data
• Request deletion of specific data categories
• Withdraw consent for data processing (where applicable)
• Object to processing based on legitimate interests

7.4 Restriction and Objection

You can:

• Request restriction of processing in certain circumstances
• Object to processing based on legitimate interests
• Opt-out of marketing communications (unsubscribe link in emails or app settings)
• Disable certain data collection features in app settings

7.5 Privacy Settings

Control your privacy within the app:

• Choose what data to share with teams and coaches
• Control video storage and analysis preferences
• Manage notification and communication settings
• Set data retention preferences
• Control social sharing and friend visibility
• Enable or disable analytics and error reporting

7.6 Exercising Your Rights

To exercise any of these rights:

• Use the privacy settings in the app
• Email us at support@pitchtrackerpro.com with your request
• Include your account email and specify which right you wish to exercise
• We will respond within 30 days (or as required by applicable law)
• We may verify your identity before processing requests

8. Children's Privacy (COPPA Compliance)

8.1 COPPA Compliance

We comply with the Children's Online Privacy Protection Act (COPPA):

• Parental Consent Required: For users under 13 years of age, we require verifiable parental consent before collecting personal information
• Minimal Data Collection: We collect only the minimum data necessary for app functionality
• No Behavioral Advertising: We do not show behavioral advertising to children
• Parental Rights: Parents can review, request deletion, or refuse further collection of their child's data
• No Disclosure: We do not disclose children's personal information to third parties except as necessary to provide the Service

8.2 Parental Controls

Parents have the right to:

• Review their child's personal information
• Request deletion of their child's data
• Refuse further collection or use of their child's information
• Revoke consent at any time
• Contact us at support@pitchtrackerpro.com with "COPPA Request" in the subject line

8.3 Age Verification

We may request age verification for users who appear to be under 13:

• We may ask for date of birth during registration
• If a user is under 13, we will request parental consent
• We use reasonable methods to verify parental consent

9. International Data Transfers

9.1 Data Transfer Mechanisms

Your data may be transferred to and processed in countries outside your country of residence:

• Primary Processing: Data is primarily processed in the United States
• Service Providers: Some service providers may process data in other countries
• Adequate Safeguards: We use Standard Contractual Clauses (SCCs) and other legal mechanisms to ensure adequate protection
• GDPR Compliance: For EEA users, transfers comply with GDPR requirements

9.2 Your Rights as an International User

Regardless of your location:

• You have the same privacy rights and protections
• You can file complaints with your local data protection authority
• We comply with applicable local data protection laws
• You can contact us to learn more about data transfer safeguards

10. California Privacy Rights (CCPA/CPRA)

10.1 California Consumer Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of categories and specific pieces of personal information collected, used, disclosed, or sold
• Right to Delete: Request deletion of personal information (subject to exceptions)
• Right to Opt-Out: Opt-out of the sale or sharing of personal information (we do not sell your data)
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit: Limit use and disclosure of sensitive personal information
• Non-Discrimination: We will not discriminate against you for exercising your privacy rights

10.2 Categories of Information

We collect the following categories of personal information (as defined by CCPA):

• Identifiers (name, email, device ID)
• Personal information categories (profile data, payment info)
• Protected classification characteristics (age, if provided)
• Commercial information (subscription history, purchase records)
• Biometric information (biomechanics data, body tracking data)
• Internet activity (app usage, analytics)
• Geolocation data (general location, if provided)
• Sensory data (video recordings, audio if recorded)
• Professional information (coaching role, team affiliations)

10.3 Exercising California Rights

To exercise your California privacy rights:

• Email us at support@pitchtrackerpro.com with "California Privacy Request" in the subject line
• Include your name, email, and specify which right you wish to exercise
• We will verify your identity and respond within 45 days
• You may designate an authorized agent to make requests on your behalf

11. European Privacy Rights (GDPR)

11.1 GDPR Rights

If you are in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

• Right of Access: Obtain confirmation of processing and access to your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we process your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing (where applicable)

11.2 Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer at support@pitchtrackerpro.com with "GDPR Inquiry" in the subject line.

11.3 Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated GDPR.

12. Third-Party Links and Services

12.1 Third-Party Services

Our Service may contain links to third-party websites or integrate with third-party services:

• We are not responsible for the privacy practices of third-party services
• We encourage you to review third-party privacy policies
• Your use of third-party services is subject to their terms and privacy policies
• We do not control how third parties collect or use your information

12.2 Social Media Integration

If you connect social media accounts:

• We may access information you've made public on those platforms
• You can revoke access at any time through your social media settings
• We only access information necessary for the integration

13. Changes to This Privacy Policy

13.1 Policy Updates

We may update this Privacy Policy from time to time:

• We will notify you of material changes via email or prominent in-app notice
• We will update the "Last updated" date at the top of this policy
• Continued use of the Service after changes constitutes acceptance
• You can always view the current policy in the app or on our website
• Previous versions are available upon request

13.2 Material Changes

Material changes include:

• Changes to how we collect, use, or share your information
• New purposes for data processing
• Changes to your rights or choices
• Changes to data security practices

14. Contact Information