Privacy Policy
Last updated: 8 June 2026
1. Who we are
GreenSync is a golf course management platform operated by:
DriveLabs Sp. z o.o.
al. Józefa Piłsudskiego 17/4, 35-074 Rzeszów, Poland
Tax number: PL5170469508
Email: support@greensync.app
2. Roles under GDPR
GreenSync operates as a data processor on behalf of golf courses who use our platform. The golf course (club, organisation or company) is the data controller — they determine the purposes and means of processing their staff data.
If you are a staff member of a golf course using GreenSync, please also refer to your employer’s privacy notice. DriveLabs Sp. z o.o. acts as data controller for data collected directly from course administrators and visitors to greensync.app.
3. What data we collect
3.1 Account and profile data
- Name, surname, email address
- Role and permissions within the platform
- Avatar/profile photo (if uploaded)
- 2FA settings and PIN codes (stored hashed)
3.2 Operational data
Data entered by golf course administrators and staff in the course of using the platform, including:
- Daily tasks and work session logs
- Machine check records and service history
- Clock-in/clock-out times
- GPS location data captured at clock-in (latitude/longitude)
- Holiday requests and approvals
- Accident reports
- Spraying and chemical application logs
- Disease logs and treatment records
- Team chat messages
- Training progress and sign-offs
3.3 Location data
GPS coordinates are captured when a staff member clocks in or out. This is used to verify on-site presence and is visible to course administrators.
3.4 Device and notification data
- Push notification subscription tokens (device identifiers used to deliver notifications)
- Browser and device type for PWA installation purposes
- Session cookies and authentication tokens
3.5 Billing data
Payment information is processed exclusively by Stripe and is never stored on GreenSync servers. We retain billing history, invoice records and subscription status.
3.6 Website visitor data
When visiting greensync.app we may collect standard server logs (IP address, browser type, page visited, timestamp) for security purposes.
4. How we use your data
| Purpose | Legal basis |
|---|---|
| Providing and operating the GreenSync platform | Contract performance |
| User authentication and security | Legitimate interest |
| Sending transactional emails (holiday approvals, setup links) | Contract performance |
| Sending weekly AI-generated reports to course administrators | Contract performance / Legitimate interest |
| Processing payments via Stripe | Contract performance |
| GPS clock-in verification | Legitimate interest (as instructed by data controller) |
| AI-powered disease briefings and weekly summaries | Legitimate interest |
| Platform improvements and error monitoring | Legitimate interest |
| Compliance with legal obligations | Legal obligation |
5. AI processing
GreenSync uses artificial intelligence to provide daily disease risk briefings and weekly AI-generated reports summarising work hours, maintenance activity, machine issues and disease forecasts.
These are generated using the Anthropic Claude API (Anthropic, PBC, USA). Relevant operational data (task names, disease log entries, work session summaries, weather data) is transmitted to Anthropic’s API. No staff personal identifiers are included in AI prompts unless directly relevant.
Disclaimer: AI-generated content is provided for informational purposes only. It does not constitute professional agronomic, chemical or safety advice. Golf courses remain responsible for all operational decisions.
6. Who we share data with
We do not sell your data. We share data only with the following sub-processors:
| Sub-processor | Purpose | Location |
|---|---|---|
| Hetzner Online GmbH | Server hosting and storage | EU (Helsinki / Nuremberg) |
| Anthropic, PBC | AI report and briefing generation | USA |
| Stripe, Inc. | Payment processing | USA |
| Google LLC (Firebase Cloud Messaging) | Push notification delivery | USA |
| Open-Meteo | Weather forecast data (no personal data) | Switzerland |
For transfers to the USA, we rely on Standard Contractual Clauses (SCCs) and/or the EU–US Data Privacy Framework where applicable.
7. Data storage and security
- All course data is stored on servers in the European Union (Hetzner, Helsinki and Nuremberg)
- Each golf course’s data is stored in a separate isolated database
- Data is encrypted in transit (HTTPS/TLS)
- Passwords are stored using bcrypt hashing
- Access is controlled by role-based permissions
- Push notification tokens are removed automatically when no longer valid
8. Data retention
- Active accounts: Data retained for the duration of the subscription
- After cancellation: Data retained for 30 days, then permanently deleted unless export requested
- Billing records: Retained for 7 years as required by Polish accounting law
- Push notification tokens: Removed automatically on unsubscribe or delivery failure
9. Weekly email reports
Course administrators receive weekly AI-generated reports every Monday at 7:00am local time, sent to the course’s designated admin email address.
To opt out, go to Club Settings → Weekly email report within the platform, or use the unsubscribe link included in every report email.
10. Your rights under GDPR
As a data subject you have the right to: access, rectification, erasure, portability, restriction, objection, and to withdraw consent where processing is based on consent.
To exercise any of these rights, contact us at support@greensync.app. We will respond within 30 days.
You also have the right to lodge a complaint with the Urząd Ochrony Danych Osobowych (UODO) at uodo.gov.pl.
11. Cookies
| Cookie | Purpose | Duration |
|---|---|---|
| Session cookie | User authentication | Session / 30 days (if “remember me” selected) |
| CSRF token | Security protection | Session |
We do not use tracking cookies, advertising cookies or third-party analytics cookies.
12. Children
GreenSync is not intended for use by persons under the age of 16. We do not knowingly collect data from children.
13. Changes to this policy
We may update this policy from time to time. Material changes will be communicated to course administrators by email. The date at the top of this page indicates when it was last updated.
14. Contact
DriveLabs Sp. z o.o.
al. Józefa Piłsudskiego 17/4, 35-074 Rzeszów, Poland
Email: support@greensync.app