Privacy Policy

Last updated: May 8, 2026

poolcntrl (“we,” “us”) operates poolcntrl.com and the poolcntrl iOS app. This page describes what we collect, why, and what you can do about it.

What we collect

• Account data: your email and a hashed password (we never see the plaintext password — Supabase handles authentication).
• Pool data you enter: properties, pools, water test readings, chemical logs, maintenance logs.
• Subscription metadata: Stripe customer/subscription IDs, plan, current status. We do not store credit card numbers — Stripe holds those.
• Server logs: standard request logs (timestamp, route, status, latency) kept by our hosting providers for operational purposes.

What we don’t collect

• Location, contacts, calendar, photos beyond what you explicitly upload.
• Browsing history outside poolcntrl.com.
• Device identifiers used for cross-app tracking.
• Audio or video.

Why we collect it

Solely to provide the product: store your pool history, generate dosing recommendations, process subscriptions, and send transactional emails (account confirmation, password resets, payment receipts). We do not sell your data.

Subprocessors

We use the following third parties to operate the service:

• Supabase — database, authentication, storage. (US and EU regions.)
• Stripe — subscription billing.
• Vercel — web hosting and edge functions for poolcntrl.com.
• Fly.io — hosting for the API server.
• Sentry — error monitoring.

Each subprocessor receives only the minimum data required to perform its function. No subprocessor is authorized to use your data for any purpose other than serving you.

How long we keep your data

As long as your account exists. When you delete your account, we delete your account row, properties, pools, water tests, chemical logs, maintenance logs, and recommendations within 30 days. Anonymized aggregate metrics (e.g. “number of recommendations generated this month”) may persist for product analytics.

Your rights

You can:

• Export your data — every entity (pools, water tests, etc.) is available via the API; we’ll publish a one-click export endpoint before public launch.
• Delete your data — by deleting your account from within the app or by emailing the contact below.
• Correct your data — the app lets you edit pools, tests, and logs directly.
• Object or restrict processing — email us; we’ll respond within 30 days.

Children

poolcntrl is not directed at children under 13 and we do not knowingly collect data from them. If you believe a child has signed up, contact us and we’ll delete the account.

Cookies and tracking

poolcntrl.com uses functional cookies for authentication and session management only. We do not use advertising cookies or third-party trackers.

Security

Data is encrypted in transit (TLS 1.2+) and at rest (provider-managed). Database access is governed by row-level security: your rows are visible only to your authenticated session. Service-role access is restricted to our backend processes.

Changes

When we update this policy materially, we’ll bump the “Last updated” date and notify you by email if you have an account.

Contact

Questions, requests, complaints: email hello@poolcntrl.com.