About KrazyPickles

Security and privacy

Protect the people behind the pickleball.

KrazyPickles stores contact details, private group context, and match history, so access control is product behavior, not a decorative policy page. These are the current practices and the channel for reporting concerns.

Last reviewed July 12, 2026

Authentication

KrazyPickles uses managed authentication, including magic-link and supported social sign-in flows. Passwords are not stored by the KrazyPickles application itself.

Data access

Application data is stored in Supabase. Access checks and row-level policies are used to limit sensitive operations, with elevated service credentials kept on the server rather than shipped to browsers.

Private group content

Detailed match recaps, personal context, and weekly krewe reports are intended for the relevant krewe members or match participants. Public pages focus on appropriate scores, product information, and court research.

Operational safeguards

Production is served over HTTPS through Vercel. Secrets are managed as server-side environment variables, admin actions are permission-checked, and security-focused tests are added around sensitive workflows.

Report a security or privacy concern

Email a clear description, affected URL or account, and reproduction steps. Please do not include passwords, API keys, or another player’s sensitive information in the message.

matches@krazypickles.com