Privacy Policy
Plain English: what we collect, why, and what we don't do with it.
Poolside is a software service for neighborhood pool clubs. This policy covers how we handle data that flows through the service — for both the board admins running a club, and the members applying to or belonging to one.
The short version
- We collect what we need to run the club: contact info, household details, payment status, photos members upload.
- We never sell data. We don't show ads. We don't allow third-party advertising trackers on member-facing pages.
- We share data with a small set of vendors that make Poolside work (hosting, email, SMS, payments). They're listed below.
- You can export or delete your club's data at any time by emailing doug@poolsideapp.com.
What we collect
From board admins
- Email and phone number — for sign-in (magic links via email or SMS) and notifications.
- Display name — shown on the club's admin pages so other admins know who did what.
- Hashed password — if you signed up with email + password. We never store the password itself; we use bcrypt one-way hashing.
- Google account ID (a numeric string Google calls "sub") — if you signed in with Google.
- Sign-in audit log — last sign-in time, browser user-agent, and a partial IP address, kept for security review.
From members and applicants
- Family contact info — household name, primary contact name, email, phone, mailing address, ZIP code.
- Household roster — adults' names + emails + phones; children's names + dates of birth.
- Application form responses — anything the applicant typed, the policies they agreed to, and a typed signature when required for waivers.
- Payment status — what tier they're on, whether dues are paid for the year, and the method (Stripe, Venmo, check, etc.). We never see card numbers — Stripe handles those directly.
- Optional uploads — photos members submit for the gallery, documents (waivers, IDs) admins archive.
- Gate-access records — if the club has the keyfob/gate add-on, a log of unlock requests with timestamp and member ID.
How we use it
- To run the club's operations: tracking who's a member, who's paid, who's been approved, what's scheduled.
- To send transactional messages: sign-in links, payment receipts, application confirmations, board-meeting invites, gate-bridge outage alerts.
- To bill the club for its Poolside subscription (paid tiers only).
- To improve the product based on aggregate, non-identifying patterns (e.g., "X% of clubs use the parties feature"). We do not use individual member data to train AI models.
Who we share it with
We use a small set of vendors to make Poolside work. Each one is listed below with what they see and why.
| Vendor | What they see | Why |
|---|---|---|
| Vercel | Web traffic, IP addresses | Hosts the Poolside web app + handles HTTPS |
| Supabase | All stored data (database + uploaded files) | Database, file storage, authentication. Encrypted at rest. |
| Stripe | Payment data (card details, billing address) | Processes member dues + Poolside subscription. Card numbers never touch Poolside servers. |
| Resend | Email recipient address + message body | Sends transactional email (sign-in links, receipts, notifications) |
| Twilio | Phone number + SMS message body | Sends sign-in codes by text + renewal reminders |
| Drive folder + spreadsheet contents you create through Poolside (only if you connect Drive auto-archive); your name + email if you Sign in with Google | Auto-archives applications to your club's own Drive; OAuth-based sign-in |
Data from Google APIs (required disclosure)
Some clubs choose to connect their own Google account so Poolside can auto-archive applications to their Drive and append rows to a roster spreadsheet. When you connect Google Drive:
- Poolside requests
drive.file(limited Drive access — only files Poolside creates) andspreadsheets(read/write the roster spreadsheet Poolside creates). - We use these scopes only to create the yearly application-archive folder, upload PDF copies of approved applications, and write rows to the roster spreadsheet.
- We do not read files in Drive that we didn't create, transfer Google data to other services beyond what's needed for the integration, use Google data for advertising, or use it to train AI/ML models.
- We store the encrypted Google refresh token plus the Drive folder ID and spreadsheet ID, so we can keep writing to the same place. You can disconnect any time from Settings → Integrations, which revokes our access.
Limited Use disclosure: Poolside's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
SMS / text messaging (required disclosure)
Some flows on Poolside use SMS — notably one-time sign-in codes (OTP), dues reminders for unpaid renewals, and account-status notifications such as application approvals.
- What we collect: the phone number you provide on a club's membership application form (e.g.
https://yourclub.poolsideapp.com/apply.html) or sign-in page (https://yourclub.poolsideapp.com/m/login.html). - How we use it: to send transactional SMS — sign-in codes you request, payment reminders, and account-related notifications. We do not send marketing or promotional text messages.
- Frequency: typically 1–5 messages per active member per month. Opt-out at any time by replying STOP to any message; reply HELP for help. Standard message and data rates may apply.
- Sharing — explicit non-sharing disclosure: mobile information (phone numbers, SMS opt-in consent, message content) is not shared with third parties or affiliates for marketing or promotional purposes. The only third parties that receive your phone number are SMS-delivery infrastructure providers (Twilio) and only for the purpose of delivering the message you requested. No mobile information is shared with advertising networks, data brokers, or for any non-transactional purpose.
- Carrier disclaimer: carriers (AT&T, T-Mobile, Verizon, etc.) are not liable for delayed or undelivered messages.
- Opt-in mechanism: by entering your phone number on a club's apply form or sign-in page and submitting the form, you consent to receive transactional SMS messages from Poolside on behalf of your club. The form clearly states what kinds of messages will be sent before you submit.
How long we keep it
- While the club is active, we retain everything to keep the service running.
- If a club is deleted, the entire dataset (households, applications, photos, audit logs) is hard-deleted from our database within 30 days. Backups roll off after 30 more days.
- Individual members can ask their club admin to remove them; the admin can delete the household from their dashboard, which cascades to all related rows.
- Email-deliverability logs (held by Resend/Twilio) follow those vendors' retention windows, typically 30–90 days.
Your rights
- Export — Email doug@poolsideapp.com and we'll provide a CSV/JSON export of your club's data within 7 business days.
- Delete — Same email. Deletion takes effect within 30 days.
- Correct — Most fields are editable in the app directly. For things you can't edit (audit logs), email us.
- California (CCPA), EU (GDPR), other regional rights — We honor access, rectification, deletion, and portability requests. Contact us using the email above.
Security
- HTTPS-only (TLS 1.2+). We don't accept plaintext connections.
- Database encryption at rest (managed by Supabase).
- Passwords stored as bcrypt hashes; we never see your plaintext password.
- Sign-in tokens are HMAC-signed with a server secret; they expire and rotate.
- Stripe handles all card-number data — Poolside servers never receive PANs.
- Two-factor auth via SMS/email magic links is the default. Password is a fallback.
Children's data
Pool clubs naturally handle data about minors (kids who swim there). We collect that data only on behalf of the club, at the direction of the parent/guardian who fills out the membership application. The club, not Poolside, is the controller of that data. Poolside processes it only to run the club's operations — we don't market to kids, profile them, or use their data outside what the club needs.
Cookies and tracking
We use only first-party cookies/localStorage strictly needed for the service: sign-in tokens, theme preferences, dismissed-banner flags. No third-party advertising or analytics trackers.
Changes to this policy
If we make material changes, we'll notify each tenant's primary admin by email with at least 30 days' notice. Smaller clarifications get noted with a date stamp on this page.
Contact
Questions, requests, security reports — email doug@poolsideapp.com. We reply within one business day.