Privacy Policy for RailBird
Last Updated: January 6, 2026
Introduction
RailBird ("we," "our," or "us") is a mobile application owned and operated by Short Stack Software. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.
Information We Collect
Information You Provide to Us
Account Information
- First name and last name
- Username
- Email address or phone number
- Password (encrypted and stored securely)
- Profile photo (optional)
- Bio and preferred games/stakes (optional)
Session Data
- Poker session details (venue, game type, stakes, buy-in, cash-out, duration)
- Session notes
- Check-in and play notifications
- Rebuy information during active sessions
Social Information
- Friend connections and friend requests
- Private notes about friends (visible only to you)
- Crew memberships (when implemented)
- Activity preferences and visibility settings
Privacy Settings
- Profile visibility preferences
- Session visibility preferences
- Check-in visibility preferences
- Online status visibility
- Activity visibility
- Last name visibility
Information Collected Automatically
Usage Data
- Device information (device type, operating system, unique device identifiers)
- App usage statistics and analytics
- Error logs and crash reports
- Session duration and frequency of use
Location Data
- We do NOT collect precise location data
- Venue information is only collected when you manually enter it for session logging
How We Use Your Information
We use the information we collect to:
- Create and manage your account
- Track and display your poker session statistics
- Enable social features (friend connections, play notifications, activity feed)
- Send you notifications based on your preferences
- Improve app functionality and user experience
- Provide customer support
- Detect and prevent fraud or abuse
- Comply with legal obligations
Information Sharing and Disclosure
With Other Users
Based on your privacy settings, other users may see:
- Your profile information (name, username, photo, bio, preferred games)
- Your session statistics (if you set sessions to visible)
- Your check-ins and play notifications (if you set check-ins to visible)
- Your online status and activity (if not hidden)
You control what others see through your privacy settings. By default, only friends can see your detailed information.
With Third Parties
We may share information with:
Service Providers: Third-party companies that help us operate the app (hosting, analytics, push notifications, storage). These providers are contractually obligated to protect your data.
Legal Requirements: We may disclose information if required by law, subpoena, or other legal process, or to protect our rights, property, or safety.
Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred to the acquiring entity.
What We Don't Share
- We do NOT sell your personal information to third parties
- We do NOT share your private notes about friends with anyone
- We do NOT share your exact session profit/loss amounts with advertisers
- We do NOT provide your contact information to other users without your consent
Data Security
We implement appropriate technical and organizational security measures to protect your information, including:
- Encrypted password storage using bcrypt
- HTTPS encryption for all data transmission
- JWT token-based authentication with refresh mechanisms
- Secure database access controls
- Regular security audits and updates
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
Your Privacy Rights and Choices
Privacy Settings
You can control your privacy through the app settings:
- Set profile visibility (public, friends-only, private)
- Control who sees your sessions
- Control who sees your check-ins
- Hide your online status
- Hide your activity
- Hide your last name
Account Management
You have the right to:
- Access your personal information
- Update or correct your information
- Delete your account and associated data
- Export your session data
- Withdraw consent for certain data processing
To exercise these rights, contact us at [email protected].
Data Retention
- Active account data is retained while your account is active
- Deleted sessions are permanently removed within 30 days
- Deleted accounts and associated data are permanently removed within 90 days
- Anonymous usage statistics may be retained for analytical purposes
Children's Privacy
RailBird is not intended for users under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.
Push Notifications
If you opt-in to push notifications, we may send you:
- Friend check-in alerts
- Friend request notifications
- Crew activity alerts (when implemented)
- Game coordination matches (when implemented)
You can disable push notifications at any time through your device settings or app settings.
Third-Party Services
RailBird may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.
Third-Party Services We Use:
- Expo: Mobile app development framework
- Firebase Cloud Messaging: Push notifications (when implemented)
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy in the app
- Updating the "Last Updated" date
- Sending you a notification for material changes
Your continued use of RailBird after changes constitutes acceptance of the updated policy.
Contact Us
California Privacy Rights (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act:
- Right to Know: Request information about the personal data we collect, use, and disclose
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
To exercise these rights, contact us at [email protected].
European Privacy Rights (GDPR)
If you are in the European Economic Area, you have rights under the General Data Protection Regulation:
- Right of Access: Obtain confirmation of whether we process your data and access to that data
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion of your personal data
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to our processing of your personal data
- Right to Withdraw Consent: Withdraw consent at any time
Our legal basis for processing your data includes:
- Consent: You have given clear consent for processing
- Contract: Processing is necessary to perform our contract with you
- Legal Obligation: Processing is necessary to comply with the law
- Legitimate Interests: Processing is necessary for our legitimate business interests
To exercise these rights, contact us at [email protected].
Summary (Plain Language)
What we collect: Your name, contact info, poker session data, and social connections.
Why we collect it: To track your poker stats, connect you with friends, and make the app work.
Who sees it: Only the people you choose through your privacy settings. We don't sell your data.
Your control: You decide what's visible. You can delete your account anytime.
Questions?: Contact us at [email protected].