Gimme

Privacy Policy

Effective Date: March 17, 2026 Last Updated: April 27, 2026

Gimme is a tee time monitoring and booking assistance service operated at gimmeteetimes.com (the "Service"). This Privacy Policy describes how Gimme collects, uses, shares, and protects your information when you use the Service.

Gimme is based in California. By using the Service, you agree to the practices described in this Privacy Policy.

1. Information Gimme Collects

Information You Provide

  • Account Information: When you create an account using Google OAuth, Gimme receives your name and email address from Google.
  • Golf Course Credentials: If you use the auto-booking feature, you may provide login credentials for third-party golf course booking websites. These credentials are encrypted at rest using AES-256-GCM encryption. See Section 5 for details.
  • Booking Profile Information: To complete tee time bookings, you may also provide additional profile information such as phone number, mailing address, postal code, and country. This information is stored alongside your credentials and transmitted to golf course booking systems when executing a booking on your behalf.
  • Watch Configurations: Courses, dates, times, player counts, and other preferences you set for tee time monitoring.

Information Collected Automatically

  • Server Logs: The hosting provider (Vercel) automatically collects standard server log data, which may include your IP address, browser type, and the pages you visit. These logs are used for security and debugging purposes.
  • Push Notification Tokens: If you enable push notifications, Gimme collects and stores the push subscription endpoint and associated keys provided by your browser or device's push notification service. These are used solely to deliver notifications you have configured.

2. How Gimme Uses Your Information

Gimme uses the information collected to:

  • Provide the Service: Monitor tee time availability, send alerts, and execute bookings based on your configurations.
  • Communicate with You: Send transactional notifications including tee time alerts, booking confirmations, and email digests. These are core to the Service and are enabled by default. Push notifications may be delivered through your browser or device's push notification infrastructure (such as Apple Push Notification Service, Google Firebase Cloud Messaging, or Mozilla Push Service) and include payload content necessary to render the alert.
  • Process Payments: If paid tiers are introduced in the future, manage subscriptions and billing through a third-party payment processor.
  • Improve the Service: Analyze anonymized usage patterns to improve features and performance.
  • Maintain Security: Detect, prevent, and respond to fraud, abuse, and security incidents.

3. How Gimme Shares Your Information

Gimme does not sell, rent, or trade your personal information to third parties. Gimme does not share your data with advertisers or data brokers. Gimme does not use your data for profiling or targeted advertising.

Gimme shares information with the following categories of service providers who process data on behalf of the Service:

ProviderPurposeData Shared
SupabaseDatabase hostingAccount data, watch configurations, encrypted credentials
VercelApplication hostingServer logs (IP address, browser type, pages visited)
GoogleAuthenticationOAuth tokens (name, email)
ResendTransactional emailEmail address, notification content
StripePayment processing (if paid tiers are introduced)Email address, payment method
SentryError monitoringError traces, request metadata (personal data is minimized but its complete absence in error context cannot be guaranteed)
UpstashJob scheduling and rate limitingWatch and polling metadata, rate-limit counters keyed by user identifier
MapboxLocation search and geocodingSearch queries (city, ZIP code, or location text) entered when browsing courses
DiscordOperational monitoring (internal)System alerts containing watch identifiers and error codes (no direct personal data under normal operation)

Golf Course Booking Systems

When you enable auto-booking, your golf course login credentials and booking profile information (such as name, email, phone number, and address) are transmitted to the applicable third-party booking system to execute the booking you configured. This transmission is initiated by you through the Service. The specific fields transmitted vary by provider and may include your name, email address, phone number, mailing address, and postal code.

4. Cookies and Tracking Technologies

  • Essential Cookies: Gimme uses a session cookie to maintain your authenticated session. This cookie is necessary for the Service to function and cannot be disabled.
  • No Analytics Cookies: Gimme does not currently use analytics tools that set cookies or collect personal information.
  • No Third-Party Tracking: Gimme does not use third-party tracking cookies, advertising pixels, or similar technologies.

If analytics tools are added in the future, this policy will be updated accordingly.

5. Credential Security

Because the auto-booking feature requires storing your golf course login credentials, Gimme takes additional security measures:

  • Encryption at Rest: Credentials are encrypted using AES-256-GCM with a dedicated encryption key that is separate from other application secrets.
  • Encryption in Transit: All data transmission uses TLS encryption.
  • Limited Access: Credentials are decrypted only during active booking operations and are never stored in decrypted form.
  • No Logging: Credentials are never written to application logs, error reports, or monitoring systems.
  • Deletion on Request: You may delete your stored credentials at any time. Upon account termination, all stored credentials are permanently deleted.

While Gimme implements industry-standard security measures, no method of electronic storage or transmission is 100% secure. Gimme cannot guarantee the absolute security of your credentials, and you provide them at your own risk.

6. Data Retention

  • Account Data: Gimme retains your account information for as long as your account is active.
  • Credentials: Stored credentials are deleted promptly upon your request or upon account termination. Gimme aims to complete deletion within 24 hours under normal operating conditions.
  • Server Logs: Hosting and monitoring providers retain server logs for their standard retention periods, typically up to 90 days. Gimme does not independently control third-party log retention schedules.
  • After Account Deletion: Upon account deletion, Gimme will remove your personal data from active database systems within 30 days. Some data may persist in encrypted backups or third-party provider systems for a limited period as part of standard infrastructure operations. Data may also be retained as required by law.

7. Your Rights

You have the right to:

  • Access: Request a copy of the personal information Gimme holds about you.
  • Correction: Request correction of inaccurate personal information.
  • Deletion: Request deletion of your account and personal data by contacting privacy@gimmeteetimes.com. Upon request, Gimme will delete your data within 30 days, subject to legal retention requirements.
  • Credential Removal: Delete your stored golf course credentials at any time through the Service.
  • Communication Preferences: While tee time alerts and booking notifications are core to the Service, you can manage your notification preferences in your account settings.

To exercise any of these rights, contact privacy@gimmeteetimes.com.

8. Children's Privacy

The Service is not directed at children under the age of 13. Gimme does not knowingly collect personal information from children under 13. If Gimme becomes aware that personal information from a child under 13 has been collected, steps will be taken to delete that information promptly. If you believe Gimme has inadvertently collected information from a child under 13, please contact privacy@gimmeteetimes.com.

9. Security

Gimme implements reasonable technical and organizational measures to protect your personal information, including:

  • Encryption at rest and in transit (TLS)
  • Dedicated encryption for stored credentials (AES-256-GCM)
  • Access controls and authentication
  • Security monitoring and logging

Despite these measures, no system is completely secure. Gimme cannot guarantee the absolute security of your information.

10. Security Incidents

If Gimme becomes aware of a security breach that affects your personal information, you and any applicable regulatory authorities will be notified as required by law. Notification will be sent to the email address associated with your account. Where a breach involves stored credentials, affected users will also be notified directly with guidance on securing their third-party accounts.

11. California Residents

Gimme is based in California and provides the following disclosures for California residents.

Categories of Information Collected

  • Identifiers (name, email address)
  • Contact and profile information (phone number, mailing address, postal code — if provided for booking)
  • Internet or network activity (server logs)
  • Third-party account credentials (if provided for auto-booking)

Categories Shared with Third Parties

  • Identifiers are shared with service providers listed in Section 3 for the purposes described.
  • Credentials are shared with golf course booking systems only when you initiate a booking.

Gimme does not sell or share personal information as defined under the California Consumer Privacy Act. Gimme does not use personal information for profiling or automated decision-making. If Gimme meets CCPA/CPRA applicability thresholds in the future, this policy will be updated to comply with those requirements.

Do Not Track

The Service does not track users across third-party websites. Gimme does not respond to Do Not Track browser signals because Gimme does not engage in the type of cross-site tracking that such signals are designed to prevent.

Right to Know

California residents have the right to know what personal information is collected about them. Contact privacy@gimmeteetimes.com to make a request.

12. Changes to This Privacy Policy

Gimme may update this Privacy Policy from time to time. For material changes, at least 30 days notice will be provided via the email address associated with your account. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

Prior versions of this Privacy Policy will be made available upon request.

13. Contact

For questions or concerns about this Privacy Policy or Gimme's data practices, contact:

Email: privacy@gimmeteetimes.com