A note on privacy in racquet sports apps

Privacy policies are written to be unread. They’re long, they’re legal in tone, and they’re designed to disclose minimum required information in maximum required words. Most players using racquet sports apps have never read the privacy policy of any app they use, which means they have no idea what’s actually happening to their data.

This post is the version you’d actually want to read.

What most scoring apps collect

The business model of most racquet sports apps is some combination of: advertising, premium subscriptions, data licensing, and building network effects that make the platform more valuable to sell or partner with. Each of these creates pressure to collect data.

Accounts are mandatory. Accounts are required not primarily because the app needs them — it’s technically easy to build a scoring app without accounts — but because an account database is a business asset. It’s a list of people who play your sport, their engagement patterns, their demographics, and their willingness to pay. Accounts also enable the social graph, which is itself an asset.

Your match data is theirs. When you record a match on most apps, that match is uploaded to the company’s servers. Some policies say this data “may be used to improve the service,” which is the standard disclosure for “we use this to train our models.” Others license aggregated match data to third parties. Some share it with sports governing bodies or rating systems. Exactly what they do with it is in the policy you haven’t read.

Your health data is valuable. Heart rate data collected during matches is health data. Some apps connect to HealthKit or Google Fit, read your fitness data, and upload it alongside match data. This is worth money to insurance companies, advertisers, and others who value health metrics. Whether any specific app does this is, again, in the policy.

Your behaviour is tracked. In-app analytics — what screens you visit, what features you use, how long you spend in the app, what you search for — are collected by most apps via third-party SDKs. These SDKs are often operated by advertising companies. They combine your in-app behaviour with data from other apps and services they operate.

None of this is secret. It’s disclosed. But disclosed in a document designed not to be read is functionally the same as not disclosed.

What CourtSauce collects

Here’s what we collect, explicitly:

Match data is stored on your device. If you enable iCloud, it syncs to your other devices via your personal iCloud account. It does not go to our servers. We don’t have servers that hold your matches. We are technically incapable of reading your match history.

HealthKit data is read during matches to display heart rate and activity information in the app. It is not copied to our servers or to any file we control outside of HealthKit. Apple’s HealthKit permissions model requires explicit user consent, and the data stays in your HealthKit database.

Voice notes are stored as audio files on your device, with optional iCloud sync. Transcription happens on-device using Apple’s speech recognition framework — the audio is never sent to Apple’s servers or ours.

No account is required. The app works fully without sign-up or login. There is no account to create, no email address to provide, no profile to fill in.

No advertising. There is no advertising in the app. There are no third-party advertising SDKs. There is no behavioural tracking for advertising purposes.

No behavioural analytics. We don’t use third-party analytics SDKs that track your behaviour across sessions. We use basic crash reporting (through Apple’s standard frameworks) to identify technical issues. That’s it.

When you explicitly share a match — via the live web scoreboard or by sharing match data with another CourtSauce user in the same room — only the match data you chose to share leaves your device. Not your profile, not your history, not your identity.

Why architecture matters more than policy

A privacy policy is a promise. It tells you what a company says it does. Architecture is a constraint. It tells you what a company can do.

A company can change a privacy policy. Policies get updated when business models change, when the company is acquired, when legal requirements shift, or when the team decides a different trade-off makes more sense. “We don’t sell your data” has appeared in privacy policies of companies that later sold their data — after the policy was updated.

Architecture is harder to change. CourtSauce’s match data architecture stores data on devices and in personal iCloud accounts because that’s how the system is built — there’s no server infrastructure we could quietly enable to start collecting matches. Changing this would require significant engineering work and would be visible in the code.

This is deliberate. We wanted to build a system where “we don’t store your matches” is structurally true, not just promised. It’s a stronger commitment because it’s harder to break.

The trade-offs

Privacy-first architecture costs something. It’s worth being honest about that.

No cross-device history without iCloud. If you play on a device without iCloud enabled, your history stays on that device. We can’t restore it if you lose the device. We can’t sync it to a new phone. iCloud mitigates this but doesn’t eliminate it.

No social features. A social ladder, challenge system, or community feed requires a shared database. We don’t have one, so we don’t have those features. Players who want to challenge someone in their club network and track head-to-head records over time will need a different app for that.

No cloud backup recovery. If you delete the app and re-install, your match history is gone (unless you have iCloud sync enabled). There’s no “contact support to restore your history” — we don’t have your history.

No AI analysis of your match data. Server-side machine learning on match data requires server-side data. We don’t have it, so we can’t offer cloud AI features. On-device analysis is possible and we’re exploring it; cloud AI is off the table.

These are real trade-offs. We made them deliberately because the alternative — building the kind of system that could offer those features — requires the kind of data collection practices we wanted to avoid. The trade-offs are consistent with who we want to be.

Why now

The racquet sports app space is growing. Pickleball has driven the fastest player growth any racquet sport has seen in decades. New apps are entering the market constantly. The defaults being established now — what data is collected, how it’s used, what business models are sustainable — will shape the space for years.

We think the default can be better. Not every app needs to collect match histories to build a social graph, or read health data to sell it, or require accounts to create a retention mechanism. An app can be well-designed and financially sustainable without doing any of those things.

CourtSauce is an attempt to demonstrate that. If it works — if players find it useful, if the subscription model is sustainable, if the architecture proves out over time — it’s evidence that the defaults can be different.

We’re early enough that it’s still a bet. But it’s the bet we want to make.

---

Read the full CourtSauce Privacy Policy for the legal version of what’s described here.