Privacy policy

Effective Date: 28 November 2025

This Privacy Policy explains how POTENTIALLY GOLF LTD (referred to as “Potentially,” “we,” “us,” or “our”) collects, uses, and protects user data in connection with the Potentially App and related services.

We are committed to protecting your privacy and handling your data in an open and transparent manner, consistent with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR).

1. Information We Collect

We collect different types of information depending on how you use our services:

A. Information You Provide Directly

  • Account Information: When you create an account, we collect personal identifiers such as your name, email address, and authentication credentials.

  • Voluntary Information: Any other information you voluntarily provide, such as feedback, support inquiries, or information supplied for marketing campaigns (e.g., additional contact details or preferences).

B. Service Data

  • Usage and Performance Data: Data generated through your interaction with the app, including actions taken, app settings, performance metrics (e.g., statistical outputs from the Round Data Agent), goals set, and progress tracking information.

  • Technical Identifiers: User IDs generated by our underlying authentication and database platforms for tracking and service delivery.

C. Information Collected from Third-Party Tools

We use professional third-party services and platforms to run our back-end infrastructure and marketing operations. These platforms may collect and process information on our behalf:

  • Authentication and Database Services (e.g., Firebase): This includes data related to your user sessions, secure authentication tokens, and all structured Service Data stored in our database. This information is processed on enterprise-grade cloud infrastructure.

  • Marketing and Communications Platforms (e.g., Squarespace): This includes names and email addresses used to send newsletters, promotional materials, and product updates based on your consent or legitimate interest.

2. How We Use Your Information

We use the information we collect for the following purposes:

  1. To Provide and Improve the Service (Core Functionality): To manage user accounts, deliver the core functionality of the Potentially App (including running the multi-agent system, calculating performance metrics, and delivering personalised coaching plans). This includes processing your Service Data and sending it to secure external application programming interfaces (APIs) or AI models to generate the required analytic, strategic, and narrative feedback which forms your personalised coaching. We continuously analyse this data to enhance the app's efficiency, accuracy, and effectiveness.

  2. Security and Operations: To maintain the security, stability, and reliability of our back-end infrastructure, diagnose technical issues, and prevent fraud.

  3. Communication and Marketing: To respond to your requests, inform you about changes to our terms or policies, and send you marketing communications about new features or offerings, provided you have opted in or we have a lawful basis to do so.

  4. Research, Analytics, and Aggregated Insights: We may anonymise and aggregate Service Data (such as performance metrics, shot tracking, and statistical trends) to remove all personally identifiable indicators. We use this anonymous, high-level data to compile industry insights, conduct market research, and create analytical models that may be shared or commercialised with third-party partners.

3. Sharing, Selling, and Commercialising Your Information

We do not sell, rent, or trade information that personally identifies our users (such as your name, email address, account credentials, or specific individual round logs) to any third parties.

We may, however, use, share, and commercialise fully anonymised, de-identified, and aggregated datasets derived from your Service Data (such as macro performance metrics, anonymised shot tracking, and statistical coaching trends). Because this data is completely stripped of all personal identifiers, it does not constitute personal data under the UK GDPR, and we may license or sell these aggregated industry insights to third-party partners for research, commercial market analysis, and product development purposes.

We only share your personal data with third parties in the following limited, protected circumstances:

  • Service Providers: We share data with trusted third-party service providers (such as our cloud infrastructure partners, external AI models, database hosts, email marketing platforms, and analytics tools) who process data strictly on our behalf to help us operate our business. These providers are contractually obligated to protect your data and are forbidden from using it for their own purposes.

  • Legal Compliance: If required to do so by law, court order, regulatory body (including the Information Commissioner's Office), or governmental authority, we may disclose your personal information to comply with valid legal obligations.

  • Business Transfers: In the event that Potentially Golf Ltd undergoes a business transition, such as a merger, acquisition, restructuring, or sale of corporate assets, your personal information may be transferred to the acquiring or successor entity as part of the transaction's due diligence assets.

4. International Data Transfers

The data we collect may be processed and stored on servers located outside of the UK or European Economic Area (EEA), such as those used by our enterprise-grade cloud service providers (e.g., Google/Firebase, Squarespace).

When transferring your data internationally, we take appropriate steps to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws. This often includes implementing standard contractual clauses (SCCs) or relying on other legally approved transfer mechanisms.

5. Data Security

We implement appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, misuse, or alteration. We rely on the security protocols provided by our enterprise-grade infrastructure partners (such as Firebase) to ensure robust protection of your data.

6. Your Data Protection Rights (UK/EU)

Under UK GDPR and EU data protection laws, you have specific rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you.

  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.

  • Right to Erasure ('Right to be Forgotten'): You have the right to request the deletion of your personal data under certain conditions.

  • Right to Restriction of Processing: You have the right to request that we limit the way we use your personal data.

  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

  • Right to Object: You have the right to object to the processing of your personal data in certain situations, particularly where we rely on legitimate interests.

To exercise any of these rights, please contact us using the details below.

7. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection representative:

POTENTIALLY GOLF LTDEmail: clubhouse@potentiallygolf.com

Address: 19 South Grove, Sale, Manchester M33 3AT

You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO), if you believe your data protection rights have been violated.