Privacy Policy

Last Updated: February 2025

Worm Burner, operated by Bayceline Enterprises LLC ("we," "our," or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Company Information

1. Information We Collect

We collect information you provide directly:

• Account Information: Email address and password (hashed)
• Profile Information: Name, date of birth, sex, handicap, home course, golf preferences
• Location Data: Zip code (optional) - converted to city/state for display
• Photos: Profile pictures and images shared in posts
• User Content: Posts, comments, and messages you create
• Connections: Your connections and connection requests
• Reports: Technical issue reports and user safety reports you submit
• Usage Data: Login timestamps, feature usage patterns
• Device Information: Browser type and version (for technical support)

2. How We Use Your Information

• To create and manage your account
• To match you with compatible golfers based on your preferences
• To display your posts to other golfers based on visibility settings
• To facilitate messaging between connected users
• To provide location-based features (finding nearby golfers)
• To display weather information for your area
• To investigate and respond to reports of misconduct
• To maintain platform safety and security
• To improve our services and user experience
• To send service-related communications (password reset, account verification)

• Only your city and state are visible on your profile
• Your exact zip code is stored securely for distance calculations only
• Location is optional - you can use the app without providing it
• We use Zippopotam.us API to convert zip codes to city/state - only the zip code is sent, with no personal identifiers
• Geographic coordinates are calculated locally for distance matching

4. Information Visible to Others

Other users can see:

• Your name and profile photo
• Your city and state (NOT your zip code)
• Your handicap, home course, and golf preferences
• Your posts (based on your visibility settings)
• Messages you send directly to them

5. Data Storage & Security

• Data is stored securely using Supabase (hosted on AWS infrastructure)
• All data transmission is encrypted via HTTPS/TLS
• Passwords are cryptographically hashed and never stored in plain text
• Row-level security (RLS) policies protect your data at the database level
• Account lockout protection after failed login attempts
• Regular security audits and monitoring

6. Data Retention

• Active accounts: Data retained while your account is active
• Posts: Displayed for 14 days in the feed, then archived
• Connections: Active connections retained; denied requests removed after 90 days
• Messages: Retained for the duration of the connection
• Reports: Safety reports retained for investigation and compliance purposes
• Blocks: Block records retained until you unblock the user
• Account deletion: All your data is permanently deleted when you delete your account

7. Your Rights & Controls

You have control over your data:

• Access: View all your profile information in settings
• Edit: Update your profile information at any time
• Visibility: Control who sees your posts (public or connections only)
• Delete content: Remove any posts or comments you've created
• Block users: Prevent specific users from seeing you or contacting you
• Delete account: Permanently remove all your data from our systems

8. Third-Party Services

We use the following third-party services:

• Supabase: Database, authentication, and file storage (AWS infrastructure)
• Vercel: Application hosting and deployment
• Zippopotam.us: Zip code to city/state lookup (only zip code sent)
• OpenWeatherMap: Weather data for golf conditions (location-based)
• Resend: Email delivery for account verification and password reset

9. Information Sharing & Disclosure

We do not sell your personal information. We may share information:

• With other users as described in this policy (profile information, posts, messages)
• With service providers who assist in operating our platform
• To comply with legal obligations or valid legal processes
• To protect the rights, safety, or property of Worm Burner or others
• In connection with a merger, acquisition, or sale of assets (with notice)

10. Do Not Track

We do not use third-party tracking cookies or analytics services. We do not respond to Do Not Track signals because we do not track users across third-party websites.

11. Children's Privacy

Worm Burner is intended for users 18 years of age and older. We do not knowingly collect information from anyone under 18. If we learn we have collected information from a minor, we will delete it immediately and terminate the associated account.

12. California Privacy Rights

California residents have additional rights under the CCPA, including the right to know what personal information we collect, the right to delete your information, and the right to opt-out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at support@wormburnerapp.com.

13. International Users

Worm Burner is operated in the United States. If you access our service from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your country.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice in the app or by email. Your continued use after changes become effective constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at support@wormburnerapp.com.