Privacy Policy

In plain language

Capt’ns Log is a private fishing journal and advisor. Your catches, fishing spots, and photos belong to you. We do not sell your data, we do not show ads, and we do not share your catch history with anyone. We do use a privacy-tight product-analytics tool (PostHog) to understand which features people use, but it only ever receives event names like “logged a catch”, never the contents of your catches, your locations, or your photos.

This policy explains exactly what we collect, why we collect it, and how to delete it.

Who we are

Capt’ns Log (“the app”, “we”, “our”) is an iOS application developed by Joe Benscoter. For questions about this policy or your data, contact:

• Email: privacy@captns-log.com
• Postal correspondence: available upon request via the email above

What data we collect

We collect only what the app needs to function, plus a limited set of product-analytics events to understand which features get used. We do not collect data for advertising or profiling, and our analytics never includes the contents of your catches, your locations, or your photos.

Account data

When you create an account, we store:

• Your email address (if you sign up with email and password)
• A provider identifier from Apple or Google if you sign in with Sign in with Apple or Sign in with Google (we never see your Apple ID password or Google password)
• A randomly generated user ID that links your account to your data

When you sign in with Apple, Apple may give you the option to hide your real email. If you do, we receive a relay address. That works fine for us; we never need your real email.

Catch data (the journal)

Every time you log a catch, the app stores:

• Species and any sub-species selection (for example, “rainbow trout”)
• Weight and length you enter
• Lure or technique notes you enter
• Optional photo from your camera or photo library
• Date and time of the catch
• Latitude and longitude of where the catch was logged
• Environmental conditions captured automatically at the time of the catch (weather, water temperature, tide phase, pressure trend, solunar period, and so on)

All of this is private to your account. No other user can see your catches. We do not share it with researchers, partners, or third parties.

Saved fishing locations

When you save a fishing spot, we store:

• A name you choose (or a default like “Lake Piru”)
• Latitude and longitude of the spot
• Water type (lake, river, or ocean)
• The nearest USGS gauge or NOAA tide station (for fetching forecasts)
• The US state the spot is in (used to filter species you can fish there)

Saved locations are private to your account.

Photos

If you attach a photo to a catch, the photo is stored locally on your device and uploaded to our backend (Supabase Storage) so it is available across your devices. Photos are private to your account and protected by row-level access controls.

When you delete a catch or delete your account, the associated photo file is deleted from our backend.

Device permissions we request

• Location: We use your current location to find nearby fishing conditions, auto-tag the coordinates of a catch, and look up the nearest weather and water stations. Your location is never streamed in the background and is only requested when you have the app open.
• Camera: Used to photograph a catch, only when you tap the camera button in the catch log.
• Photo library: Used to attach an existing photo to a catch, only when you tap to attach.

If you deny any of these permissions, the relevant feature is disabled but the rest of the app still works.

Subscription and purchase data

If you start a free trial, subscribe to Capt’ns Log Pro, or buy the lifetime unlock, our subscription provider (RevenueCat) processes the purchase on our behalf. See “RevenueCat (subscription management)” below for the specific fields involved. Apple separately processes the payment itself; we never see your full payment-card or Apple ID password.

Crash and performance data

When the app is built for the App Store, it includes a crash and performance reporting SDK (Sentry). It collects unhandled exceptions, stack traces, and sampled performance traces so we can find and fix bugs. Personally identifying fields (email, user ID, IP address) are scrubbed before any event leaves your device. Sentry runs in release builds only. See “Sentry (crash and performance monitoring)” below.

Product analytics data

When the app is built for the App Store, it includes a product-analytics SDK (PostHog) so we can see how people move through the app and where they get stuck. It records a small, fixed set of interaction events:

• App opened
• Onboarding completed
• Advisor screen viewed
• A catch was logged (the fact that a catch was logged, never the catch itself)
• The paywall was viewed (and which screen sent you there)
• A purchase or trial was started (the product and whether it was a trial)

Alongside those events, the SDK records standard device and app metadata (app version, OS version, device model, language, time zone) and a generated analytics identifier that we link to your account ID so we can measure the funnel per user. It does not receive your species, weights, lure notes, photos, coordinates, saved-location names, or any other catch or location content; the app strips everything except the event name and the few non-identifying properties listed above before anything is sent. PostHog runs in release builds only; development and TestFlight internal builds do not send analytics events. We do not collect an advertising identifier (no IDFA) and we do not use this data to track you across other apps or websites. See “PostHog (product analytics)” below.

What we do NOT collect

To be specific about what is not in the app:

• We do not run advertising or attribution SDKs (no Firebase Analytics, no Facebook SDK, no ad networks); our only analytics tool is PostHog, scoped as described above
• We do not feed your catches, locations, or photos to any analytics tool
• We do not show advertising and we do not embed any ad SDK
• We do not track you across other apps or websites
• We do not collect your contacts, calendar, microphone, health data, or motion data
• We do not collect device identifiers for advertising (no IDFA usage)
• We do not access your address book

How we use your data

We use your data only to operate the app for you. Specifically:

• Compute species-specific fishing condition scores at your saved locations
• Show your catch history and pattern insights in the Journal
• Sync your catches and saved locations across your iOS devices when you sign in
• Recover your data if you reinstall the app or switch devices
• Provide customer support when you contact us

We do not use your data to train AI models, profile users, or generate marketing audiences.

Third parties we share data with

We use a small number of essential service providers to run the app. Each one receives only the minimum information needed for its specific purpose.

Supabase (data storage and authentication)

We use Supabase (operated by Supabase, Inc.) to:

• Store your account, catches, saved locations, and photos
• Authenticate you when you sign in with email, Google, or Apple

Supabase processes this data under their privacy practices, available at https://supabase.com/privacy. Your data is stored in Supabase’s US-based infrastructure under our project. We apply row-level security policies so each user can only read and write their own data.

Apple (Sign in with Apple)

If you use Sign in with Apple, Apple processes the authentication request and sends us a token plus an optional email relay address. Apple’s privacy practices apply: https://www.apple.com/legal/privacy/.

Google (Sign in with Google)

If you use Sign in with Google, Google processes the authentication request and sends us a token plus your email address. Google’s privacy practices apply: https://policies.google.com/privacy.

RevenueCat (subscription management)

We use RevenueCat (operated by RevenueCat, Inc.) to manage subscriptions and the lifetime in-app purchase on iOS. When you start a free trial, subscribe, restore purchases, or buy the lifetime unlock, RevenueCat receives:

• Your Capt’ns Log user ID (the same randomly generated UUID we use as your account identifier)
• The transaction record from Apple (product, price, currency, country code, purchase date, expiration date, renewal status, trial status, refund status)
• Standard device and app metadata (app version, OS version, device model, language, time zone) used to compute eligibility for introductory offers
• Your IP address, as part of any standard HTTPS request

RevenueCat acts as a service provider on our behalf and does not share or sell this data to third parties. Their privacy notice is available at https://www.revenuecat.com/privacy. The full payment itself (your card number, full billing address, Apple ID password) is handled by Apple directly under Apple’s privacy practices; we never see it.

Sentry (crash and performance monitoring)

We use Sentry (operated by Functional Software, Inc. dba Sentry) to receive crash reports and sampled performance traces from the App Store build of the app. Sentry receives:

• Unhandled exception details and stack traces
• App release/version, device model, OS version, and locale
• Sampled performance traces for a small subset of sessions (the timing of operations like screen transitions and network calls)

Before any event leaves your device, we strip personally identifying fields: no email, no user ID, no IP address, no body content from network responses, no fragment from any URL. Sentry runs in release builds only; development builds and TestFlight internal builds do not send events. Sentry’s privacy notice is available at https://sentry.io/privacy/.

PostHog (product analytics)

We use PostHog (operated by PostHog, Inc.) to understand how people use the app so we can improve it. From the App Store build, PostHog receives:

• A fixed set of interaction events (the six listed under “Product analytics data” above)
• The few non-identifying properties attached to those events (which screen opened the paywall; the product purchased and whether it was a trial)
• Standard device and app metadata (app version, OS version, device model, language, time zone)
• A generated analytics identifier that we link to your account ID, plus your IP address as part of any standard HTTPS request

PostHog never receives the contents of your catches, your coordinates, your saved-location names, your photos, or any free-text you enter; the app sends only the event name and the listed properties. Your analytics data is stored in PostHog’s US cloud. PostHog acts as a service provider on our behalf and does not sell this data. Their privacy notice is available at https://posthog.com/privacy. PostHog runs in release builds only.

Weather, tide, and river data providers

To compute fishing conditions, the app sends the latitude and longitude of your saved fishing locations to the following free public services. These requests do not include your account, email, name, or any other identifier. Your IP address is visible to these services as part of any standard HTTPS request.

• Open-Meteo (open-meteo.com): hourly weather and marine forecasts. Privacy: https://open-meteo.com/en/terms
• NOAA Tides and Currents (tidesandcurrents.noaa.gov): tide predictions for ocean locations. US Government service.
• USGS Water Services (waterservices.usgs.gov): river flow and water temperature for river locations. US Government service.
• OpenStreetMap Nominatim (nominatim.openstreetmap.org): reverse geocoding to convert coordinates into place names when you save a fishing spot. Privacy: https://wiki.openstreetmap.org/wiki/Nominatim/FAQ

We do not pay these services, send them your account information, or receive marketing data from them.

Hosting and distribution

We use Apple’s standard TestFlight and App Store infrastructure for distribution. Apple may collect crash logs and basic diagnostic data per its own privacy practices. Crash and performance data we receive ourselves goes through Sentry (see the section above).

How we store and secure your data

• In transit: All network requests use HTTPS / TLS.
• At rest in Supabase: Stored in Supabase’s infrastructure. Row-level security ensures only your account can read your data.
• At rest on your device: Catches, locations, and cached environmental data are stored in a local SQLite database in the app’s iOS sandbox. iOS protects this from other apps. Authentication tokens are stored in the iOS Keychain via Apple’s standard secure storage.
• Photos: Stored in Supabase Storage under a per-user folder, with access controlled by your account’s authentication token.

Your rights and choices

Regardless of where you live, you have the following rights with respect to your data in Capt’ns Log:

• Access: You can see all of your catches and saved locations directly in the app. If you would like an export, email privacy@captns-log.com.
• Correction: You can edit or delete any individual catch or saved location from inside the app.
• Deletion: You can delete your entire account, including all catches, saved locations, photos, and the underlying authentication record, from Settings → Delete Account. This is a one-tap permanent deletion. If you have trouble using the in-app deletion, email privacy@captns-log.com.
• Sign out: You can sign out at any time from Settings → Sign Out.

If you are a resident of the European Economic Area, the United Kingdom, or Switzerland, you also have the right under GDPR to lodge a complaint with your local data protection authority.

If you are a California resident, you have the right under the California Consumer Privacy Act (CCPA) to request disclosure of categories of personal information collected, deletion of that information, and to opt out of any sale of personal information. We do not sell personal information.

Data retention

• Active account: We retain your catch data, saved locations, and photos for as long as your account is active, so the app keeps working for you.
• After account deletion: Your account, catches, saved locations, and photos are permanently deleted. We do not retain shadow copies for marketing.
• Backups: Supabase performs routine infrastructure backups for disaster recovery. Deleted data may persist in these backups for up to 30 days before being overwritten in the normal backup rotation.

Children’s privacy

Capt’ns Log is rated 4+ in the App Store and is suitable for general audiences. The app is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact privacy@captns-log.com and we will delete it.

International users

The app is operated from the United States. By using the app, you understand that your data will be processed in the United States, where data protection laws may differ from those in your country.

Changes to this policy

When we make material changes to this policy, we will:

• Update the “Last updated” date at the top of this page
• Note significant changes in this section
• For changes that expand the types of data we collect, notify you in the app on next launch

Change history:

• 2026-06-19: Added PostHog (privacy-tight first-party product analytics in release builds) to the list of third-party processors, and added a “Product analytics data” section describing the fixed set of interaction events collected. Analytics never includes catch contents, coordinates, saved-location names, or photos. Updated the “What we do NOT collect” list accordingly.
• 2026-05-24: Added RevenueCat (subscription and lifetime-purchase processing) and Sentry (crash and performance monitoring in release builds) to the list of third-party processors. Removed the “Continue as Guest” section: guest sign-in has been removed from the app; an account is now required.
• 2026-05-17: Initial version.

Contact us

For any privacy question, data export request, or account deletion help, email privacy@captns-log.com.