Privacy Policy
Last updated: June 3, 2025
BlueHouse Capital LLC (“we, us, our”) operates the Let’s Roll website, iOS/Android progressive-web app, and related services (collectively, the “Service”). We are committed to protecting your privacy. This policy explains what data we collect, how we use it, and the choices you have.
1. Information We Collect
| Category | Examples | Purpose |
|---|---|---|
| Account Data | Name, email, profile photo, belt rank | Create and secure your account, personalize the app |
| Gym & Listing Data | Gym name, address, tier, schedule, photos | Display locations, manage subscriptions, improve search ranking |
| Payment Data | Last 4 digits of card, tier purchased, billing country (via Stripe) | Process subscriptions, detect fraud, provide invoices |
| Usage Data | Page views, map events, clicks, error logs (via Firebase Analytics & Sentry) | Diagnose bugs, improve features |
| Device / Log Data | IP address, browser, OS, locale | Security, regional content, legal compliance |
| Cookies & Local Storage | Session token, cookie consent choice | Keep you logged in, remember preferences |
2. How We Use Your Information
- Provide the Service: authenticate users, show gyms on the map, process gear orders through Printful.
- Improve & Secure: monitor uptime, combat spam, run A/B tests, and apply rate-limiting with Firebase Functions.
- Marketing: send tier-upgrade offers or feature announcements (you can opt out anytime).
- Legal: comply with California Consumer Privacy Act (CCPA), GDPR, and other regulations.
3. Sharing & Third-Party Services
| Service | Reason | Data Shared |
|---|---|---|
| Firebase (Google LLC) | Hosting, auth, database, analytics | Account data, usage logs |
| Stripe, Inc. | Subscription payments | Billing tokens, purchase history |
| Printful | On-demand merchandise orders | Order details, shipping address |
| OpenLayers | Interactive maps | Geolocation coordinates (anonymized) |
We never sell your personal data. Partners receive only what’s needed to deliver their part of the Service and must keep it confidential.
4. Your Choices & Rights
- Access / Export: download your personal data in JSON or CSV by emailing support@letsroll.co.
- Delete: delete your account anytime in Settings → Delete Account or via email request.
- Opt-Out of Email: click “Unsubscribe” in marketing emails.
- Cookies: adjust cookie preferences in the banner or browser settings.
5. Children’s Privacy
Let’s Roll is not directed to children under 13. If we discover we have unknowingly collected data from a child under 13, we will delete it promptly.
6. Data Security
We use encryption in transit (HTTPS/TLS 1.3) and at rest (AES-256 on Firebase), principle-of-least-privilege access controls, routine penetration testing, and automatic alerts for suspicious activity.
7. International Transfers
We are based in San Diego, CA, USA. Data may be processed in the United States or other countries where our vendors operate. We rely on Standard Contractual Clauses and similar safeguards for cross-border transfers.
8. Changes to This Policy
We may update this policy. We’ll post the new version here and, if changes are significant, notify you by email or in-app banner at least 7 days before they take effect.
9. Contact Us
Questions? Email privacy@letsroll.co or write to:
BlueHouse Capital LLC