Privacy Policy

Last updated: March 8, 2026

1. Introduction

PickLM ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website, mobile applications (iOS and Android), and related services (collectively, the "Service"). By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Account & Profile Information

When you create an account or update your profile, we collect:

  • Registration Data: First name, last name, email address, username, and profile photo (provided directly or via Google/Apple sign-in)
  • Location: Country, state/province, city, and ZIP/postal code — selected manually from dropdown menus. We do not access your device's GPS or location services.
  • Optional Profile Data: Phone number, date of birth, gender, street address, skill ratings (DUPR rating, club rating), and timezone preference
  • Terms Acceptance: A timestamp recording when you agreed to our Terms of Service

2.2 Activity & Gameplay Data

  • Club & Venue Data: Club memberships, join requests, member roles, court reservations, and booking history
  • League & Tournament Data: Enrollments, participation history, match schedules, bracket placements, seeding information, and partner selections
  • Match Scores & Results: Game scores, win/loss records, match completion timestamps, and submitted results
  • Player Ratings: PickLM ratings (auto-calculated from match results), rating history, tier classifications, and leaderboard rankings
  • Activity Feed: Posts, likes, comments, and interactions you create on the activity feed

2.3 Communications Data

  • Chat Messages: Direct messages between users and group chat messages within clubs, transmitted and stored via our real-time messaging service
  • Notifications: In-app and push notification delivery records, including read/unread status
  • AI Assistant: Conversations with our in-app AI assistant, including your queries and the assistant's responses

2.4 Safety & Moderation Data

  • User Reports: When you report a user or content, we store the reported user, reason, description, and content type
  • User Blocks: When you block a user, we store the block relationship and optional reason
  • Follow Relationships: Users you follow and users who follow you

2.5 Payment Information

Tournament entry fees are processed through Razorpay, our third-party payment processor. We store only payment status (paid, unpaid, refunded), payment link references, and transaction amounts. We do not collect, store, or have access to your credit card numbers, bank account details, or other payment credentials. All payment processing is handled directly by Razorpay under their own privacy policy and PCI-DSS compliance.

2.6 Information Collected Automatically

  • Device Information: Device type, operating system, platform (iOS, Android, Web), and app version
  • Push Notification Tokens: Firebase Cloud Messaging (FCM) device tokens for delivering push notifications
  • Authentication Tokens: Firebase authentication tokens for secure session management, automatically refreshed every hour
  • Timezone: Your device's timezone, used for displaying times in your local timezone
  • Client Type: Whether you are accessing the Service from a mobile app or web browser

2.7 Information from Third-Party Sign-In Providers

When you sign in using Google or Apple, we receive basic profile information (name, email, profile photo) as authorized by you through those services. Apple provides your name only on your first sign-in; we store it at that time. We do not receive or store your Google or Apple password. If you use Apple's "Hide My Email" feature, we receive your Apple relay email address instead of your personal email.

2.8 Invitation Requests

When requesting platform access through our website, we collect your name, email, city, country, and interest level. This data is used solely to process your invitation request.

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account, and authenticate your identity
  • Provide, maintain, and improve the Service
  • Facilitate club management, court reservations, league scheduling, and tournament operations
  • Calculate and display player ratings, rankings, standings, and match history
  • Enable real-time messaging between users via direct and group chat
  • Deliver push notifications about games, leagues, tournaments, and club activities
  • Process tournament entry fees through our payment provider
  • Moderate content, enforce our Terms of Service, and maintain community safety
  • Provide AI-powered assistant features to help you navigate the platform
  • Display times and schedules in your local timezone
  • Process invitation requests and manage waitlists
  • Ensure platform security, prevent fraud, and protect against abuse

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • With Other Users: Your profile name, username, profile photo, player ratings, match scores, standings, leaderboard positions, and activity feed posts are visible to other users of the Service. Users in the same clubs or leagues can view your participation and results.
  • With Club Administrators: Club owners and managers can view member profiles, activity, court reservations, and participation data within their clubs
  • With Tournament & League Organizers: Organizers can view your enrollment details, match results, and contact information for event coordination
  • Service Providers: We use the following third-party providers who process data on our behalf:
    • Google Cloud Platform — backend infrastructure and data storage
    • Firebase — authentication, push notifications, and web hosting
    • Razorpay — payment processing for tournament entry fees
    • RabbitMQ — message queuing for real-time chat delivery
  • For Safety & Moderation: When you report or block a user, we share relevant details with our moderation team for review and action
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request

5. Data Storage and Security

Your data is stored on secure servers provided by Google Cloud Platform (US region). We implement appropriate technical and organizational measures to protect your information, including:

  • Encrypted data transmission (HTTPS/TLS) for all API communications
  • Secure authentication via Firebase with automatic token rotation
  • Role-based access controls limiting data access to authorized personnel
  • Separate database storage for chat messages and core application data
  • Cached data stored locally on your device with automatic expiration (1 hour)

Authentication tokens and basic session data are stored locally on your device. No method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Chat messages are retained for the duration of the conversation participants' account activity. Match scores, ratings, and tournament results are retained as part of the platform's historical record. User reports and moderation actions are retained as an immutable audit trail for safety purposes. When you delete your account, your personal profile data is permanently removed from our systems. Some anonymized, aggregated data (such as platform statistics) may be retained for analytical purposes.

7. Your Rights and Choices

You have the following rights regarding your personal data:

  • Access: View your personal information through your profile in the app
  • Update: Edit your profile information, location, and preferences at any time
  • Delete: Delete your account and all associated data through the Settings screen in the app
  • Block Users: Block any user to prevent them from contacting you and to remove their content from your feed
  • Report Content: Report users or content that violates our Terms of Service
  • Notifications: Manage your push notification preferences through your device settings
  • Timezone: Set your preferred timezone for scheduling purposes
  • Withdraw: Unenroll from tournaments or leave clubs at any time, subject to event rules

8. User-Generated Content

The Service allows you to create and share content including chat messages, activity feed posts, comments, and profile information. By sharing content on the Service:

  • You acknowledge that other users may view your posts, comments, and public profile information
  • You agree not to post objectionable, abusive, or illegal content as outlined in our Terms of Service
  • We reserve the right to remove content that violates our zero-tolerance policy for objectionable content
  • Content from users you have blocked will be automatically removed from your view
  • We review all user reports and may take action including content removal and account suspension

9. Third-Party Services

The Service integrates with the following third-party services:

  • Firebase Authentication: For secure sign-in via Google, Apple, and email/password
  • Firebase Cloud Messaging: For delivering push notifications to your device
  • Firebase Hosting: For web application delivery
  • Google Cloud Platform: For backend infrastructure, database storage, and server hosting
  • Razorpay: For processing tournament entry fee payments (applicable in India)

Each third-party service has its own privacy policy governing their data practices. We encourage you to review them. We do not share your data with third-party advertisers or data brokers.

10. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly. Note: Apple child accounts (under 13) cannot use "Sign in with Apple" for third-party apps due to Apple's policies. If you believe a child under 13 has provided us with personal information, please contact us at hello@picklm.com.

11. Data We Do Not Collect

For transparency, the following data is not collected by our Service:

  • GPS or device location data — we only use manually selected location from dropdowns
  • Credit card numbers, bank details, or payment credentials — all payment processing is handled by Razorpay
  • Advertising identifiers or tracking pixels
  • Contacts, photos, or files from your device (unless you upload a profile photo)
  • Browsing history outside the app
  • Health or biometric data

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States where our servers are located. We serve users in India, the United States, Canada, and Australia. By using the Service, you consent to the transfer of your information to these countries. We ensure that any international transfers comply with applicable data protection laws.

13. California Privacy Rights (CCPA)

If you are a California resident, you have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, request deletion of your personal information, and opt out of the sale of your personal information (we do not sell personal information). To exercise these rights, contact us at hello@picklm.com.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy. For material changes, we will notify you via in-app notification or email. We encourage you to review this policy periodically.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at hello@picklm.com or through our Instagram page @picklm.official.