Last Updated: December 6, 2025
1. Information We Collect
1.1 Information from Google Sign-In
When you sign in with Google, we access and collect the following information from your Google account:
- Email address: Your primary Google account email address
- Profile information: Your name and profile picture (if available)
- Google User ID: A unique identifier for your Google account
Important: We only request access to your basic profile information and email address. We do not access your Google Drive, Gmail, Calendar, or any other Google services beyond authentication.
1.2 Information You Provide
- Booking information when you make facility reservations
- Contact details for event registration
- Payment information (processed securely through third-party payment processors)
1.3 Automatically Collected Information
- Usage data and analytics to improve our services
- Browser type and device information
- IP address and location data (for security purposes)
2. How We Access, Use, Store, and Share Google User Data
2.1 How We Access Google Data
We access your Google user data only when you explicitly choose to sign in with Google. This is done through Google OAuth 2.0, a secure authorization protocol. We receive your data directly from Google after you grant permission.
2.2 How We Use Google User Data
We use the information obtained from your Google account to:
- Create and manage your account: Your email address serves as your unique account identifier
- Authenticate your identity: To securely log you into our platform
- Personalize your experience: Display your name and profile picture in your account
- Send important communications: Booking confirmations, event updates, and service notifications to your email
- Provide customer support: To assist you with bookings and inquiries
2.3 How We Store Google User Data
Your Google user data is stored securely using industry-standard practices:
- Storage location: Data is stored in Supabase's secure database infrastructure (AWS-hosted)
- Encryption: All data is encrypted in transit (TLS/SSL) and at rest
- Retention: Your data is retained as long as your account is active. You can request deletion at any time
- Access controls: Only authorized personnel have access to user data, and only for legitimate business purposes
2.4 How We Share Google User Data
We do not sell, rent, or share your Google user data with third parties for marketing purposes. We only share your data in the following limited circumstances:
- Service providers: With Supabase (our authentication and database provider) to operate our services
- Legal requirements: When required by law, court order, or government request
- Protection of rights: To protect our rights, property, or safety, or that of our users
We will never share your Google email address or profile information with other users or external parties without your explicit consent.
3. Third-Party Services and Data Processing
We use the following third-party services to provide our platform:
These services have their own privacy policies and security measures. We carefully select providers that meet high security and privacy standards.
4. Data Security
We implement appropriate technical and organizational security measures to protect your personal information, including Google user data:
- Industry-standard encryption (TLS/SSL) for data in transit
- Encryption at rest for stored data
- Regular security audits and monitoring
- Access controls and authentication requirements
- Secure database infrastructure through Supabase (AWS-hosted)
However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
5. Your Rights and Data Control
You have the following rights regarding your data, including Google user data:
- Access: Request a copy of your personal data we have stored
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your account and all associated data
- Revoke access: Revoke our access to your Google account data at any time through your Google Account permissions page
- Opt-out: Unsubscribe from marketing communications (you will still receive essential service notifications)
- Data portability: Request your data in a portable format
To exercise any of these rights, please contact us using the information provided below.
6. Data Retention
We retain your Google user data and other personal information as follows:
- Active accounts: Data is retained while your account is active
- Deleted accounts: Upon account deletion, your data is permanently removed within 30 days
- Legal obligations: Some data may be retained longer if required by law
7. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Maintain your authentication session
- Remember your preferences
- Analyze site usage and improve user experience
You can control cookies through your browser settings. Disabling cookies may affect some functionality.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes to how we handle Google user data or other personal information:
- We will update the "Last Updated" date at the top of this policy
- We will notify active users via email
- For significant changes, we may require you to review and accept the updated policy
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
9. Children's Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
10. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your Google user data, please contact us:
We will respond to your inquiry within 30 days.