Privacy Policy

Caddie AI  ·  Last updated: May 29, 2026

Caddie AI ("the app", "we", "our") is an iOS golf swing coaching app developed by Burton Griffin (com.burtongriffin.burton-app). This policy explains what information the app collects, how it is used, who it is shared with, and your choices and rights.

Information We Collect

Video frames and chat messages. When you record or upload a golf swing video for analysis, the app extracts a small number of key frames from the video and sends them, along with any accompanying chat messages, to our backend server (see "Service Providers" below), which relays them to the Anthropic Claude API to generate AI coaching responses. Your full original video stays on your device and is never uploaded in full.

Anonymous device identifier. The app uses RevenueCat to manage in-app subscriptions. RevenueCat assigns an anonymous identifier to your device to track subscription status. The app also uses your device's vendor identifier (provided by iOS) to communicate with our backend. These identifiers are not linked to your name, email address, or any account credentials.

Free-tier usage count. To enforce the limits of the free tier, our backend stores a count of how many free swing analyses have been used. This count is keyed to a one-way hashed (SHA-256) version of your device identifier — we cannot reverse the hash to identify you, and the record contains only a number. It is never associated with your videos, chats, name, or contact details.

App preferences, conversation history, and swing memory. Your coaching conversations, chat history, swing analysis history and profile ("swing memory"), and app preferences (such as club selection) are stored locally on your device. This data is not stored on our servers, and it remains on your device except as needed to generate AI responses as described above.

Network and log data. Like any internet service, when your device contacts our backend and the third-party services below, those servers automatically receive technical information such as your IP address and request metadata. Our hosting provider (Vercel) and our service providers may retain this information in server logs for a limited period for security, debugging, and operational purposes. We do not use this data for advertising or behavioral tracking.

How We Use Your Information

Service Providers

We do not sell, rent, or share your personal information with third parties for advertising or marketing purposes. The app and our backend communicate with the following service providers, each acting as a processor or infrastructure provider:

Subscriptions and Payments

Caddie AI offers optional auto-renewing subscriptions. All purchases, billing, and renewals are handled by Apple through the App Store; we do not receive or process your payment information. RevenueCat is used to validate and restore your subscription entitlement. You can manage or cancel a subscription at any time in your device's App Store subscription settings.

Data We Do Not Collect

Caddie AI does not collect:

The app contains no third-party analytics or advertising SDKs, and we do not engage in cross-app or behavioral tracking.

Video and Image Data

Video frames extracted for AI analysis are transmitted through our backend to Anthropic's API and are subject to Anthropic's data handling practices. Neither the app nor our backend retains copies of your video frames after a request is processed. Your original videos remain on your device and are not uploaded in full.

Data Retention and Deletion

On-device data. Your conversations, swing memory, and preferences are stored locally and can be cleared at any time by deleting the app from your device. This permanently removes all locally stored data.

Server-side data. We do not store your videos, video frames, or chat content on our servers after processing. The only server-side record we keep is the hashed free-tier usage count described above, plus automatically generated server logs (including IP addresses) retained for a limited period by our hosting provider. Because the usage record is keyed to a one-way hash and contains only a number, it is not personally identifying.

Requesting deletion. If you would like us to delete the hashed usage record associated with your device, or have any other data request, email us at bgriff95@hotmail.com and we will act on your request.

International Data Transfers

Caddie AI is operated from the United States, and your data is processed on servers located in the United States, including by Anthropic and Vercel. If you use the app from outside the United States — including the European Economic Area (EEA), the United Kingdom, or Switzerland — your information will be transferred to and processed in the United States, which may have data protection laws that differ from those of your country. Where required, such transfers are covered by appropriate safeguards (such as Standard Contractual Clauses) provided by our service providers.

Your California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect and how it is used (as described in this policy), to request deletion or correction of personal information we hold about you, and to not be discriminated against for exercising these rights. We do not sell or share your personal information, and we have not done so in the preceding 12 months. To exercise any of these rights, contact us at bgriff95@hotmail.com.

Your Rights in the EEA, UK, and Switzerland (GDPR)

If you are located in the EEA, the UK, or Switzerland, the data controller is Burton Griffin (bgriff95@hotmail.com). We process your personal data on these legal bases:

You have the right to access, correct, delete, restrict, or object to the processing of your personal data, and the right to data portability. You may also lodge a complaint with your local data protection authority. To exercise these rights, contact us at bgriff95@hotmail.com.

Children's Privacy

Caddie AI is not directed at children under the age of 13 (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided information through the app, please contact us and we will take appropriate steps to remove it.

Security

All data transmitted to our backend and external APIs is sent over HTTPS (TLS-encrypted) connections. Data stored on-device is protected by iOS's built-in data protection mechanisms.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be reflected on this page with an updated "Last updated" date. Continued use of the app after changes constitutes acceptance of the revised policy.

Contact

If you have any questions, concerns, or requests regarding this privacy policy or your data, please contact:

Burton Griffin
bgriff95@hotmail.com