Privacy Policy

Fishing Codex is a mobile fishing app and web marketplace for anglers worldwide, published and operated by FISHINGCODEX LIMITED. We are the controller for the personal information described in this policy.

Fishing Codex is offline-first. The amount of information we hold depends on which features you use.

2.1 Account & sign-in

• Sign in with Apple / Google sign-in identifier: a stable, anonymous string Apple or Google gives us when you sign in. We never see your Apple ID or Google password.
• Email address: your real email, Apple's private relay address, or your Google account email. Used for transactional notices.

2.2 Spots, catches, and photos

• Spot data: pin name, free-text notes, species tags, tide-station assignment, public/private flag, and the GPS coordinates of the pin.
• Catch logs: species, length, weight, date/time, conditions notes.
• Photos: EXIF metadata (camera serial, device fingerprint, embedded GPS, original timestamps) is stripped on upload. Stored photos are compressed image files with EXIF stripped.

2.3 Tracks (local only)

If you record a foreground track, the GPS breadcrumbs are stored only on your device. Track data is never uploaded.

2.4 Web marketplace purchase data

When you purchase on fishingcodex.com, your payment is processed by Stripe on behalf of the creator. Stripe handles all card data and billing details directly — FCL never sees your card number or full billing address. We receive from Stripe: a Payment Intent ID, the amount paid, the product purchased, and charge confirmation, used solely to grant your access entitlement and for financial reconciliation.

For App Pro in-app purchases via Apple or Google, we receive a store receipt and transaction identifier to grant the entitlement.

2.5 Crash and diagnostic data (Sentry)

On unhandled errors we send Sentry: app version + build, OS version, device model, your account ID, a coarse region code, and a stack trace. Sentry Session Replay is disabled. Sentry events do not include spot data, photos, GPS coordinates, catch notes or free-text content.

2.6 Creator data (Stripe Connect only)

If you become a paid creator and connect a Stripe Standard account, Stripe (not FCL) collects your KYC data directly on its hosted pages. See § 8 below.

2.7 What we do NOT collect

• Contacts, calendar, microphone, motion or health data.
• Advertising identifiers (IDFA) or behavioural fingerprints.
• Third-party tracking pixels or ad SDKs.
• Background location. We use foreground-only While Using location access.
• Card numbers, full billing addresses, or payment credentials of any kind (these go directly to Stripe or Apple/Google).

Stripe handles KYC, tax reporting, and payouts for creators. End-users who only consume content have no direct relationship with Stripe beyond the payment transaction, which Stripe processes under its own privacy policy.

• To run the app's core features (save spots, log catches, sync, tide stations).
• To grant entitlements for purchases made on the web or through Apple/Google IAP, and to record creator earnings.
• To compute the public heatmap.
• To diagnose crashes (via Sentry).
• To detect fraud and abuse on the marketplace.
• To meet NZ tax and accounting record-keeping obligations.
• To respond to support and privacy requests.
• To comply with the law on receipt of a lawful production order.

We do not use your information for advertising, profile-building, or sale to third parties.

We do not sell, rent or licence your data to any other party. We have no advertising relationships.

6.1 On your device

A local SQLite database holds your spots, catches, photo metadata, sync queue and app settings. iOS Data Protection encrypts on-device data at rest.

6.2 In the cloud

• Supabase Postgres in Sydney: account record, spots, catch data, photo metadata, entitlements, purchase records. Encrypted at rest; TLS 1.2+ in transit. Row-Level Security restricts queries to your own data.
• Cloudflare R2 (APAC): photo files with EXIF stripped. Served only via signed URLs.

6.3 Who can see your data

GPS coordinates are never displayed as text anywhere in the app.

You have rights over your personal information under the NZ Privacy Act 2020, the AU Privacy Act 1988, and the EU/UK GDPR if you are in those jurisdictions.

We aim to respond fully within 20 working days (NZ) or 30 calendar days (AU).

If you list paid or subscription spots you must connect a Stripe Standard account. Stripe collects your legal name, date of birth, residential address, tax identifier, bank account, and identity document directly on its hosted pages. FCL never sees your full bank account number or full government ID. We receive only your Stripe Connect account identifier, verification status, and payout summaries.

As the merchant of record for your sales, you are directly responsible for your Stripe account compliance and tax obligations. Stripe's Privacy Notice and Connected Account Agreement govern Stripe's processing of your creator data.

• All API traffic uses TLS 1.2 or higher.
• Database access is restricted by Row-Level Security.
• Photos are served only via time-limited signed URLs.
• GPS coordinates are never placed in URLs, query strings, or share-sheet content.
• Sentry Session Replay is disabled.

If you discover a vulnerability, email hello@fishingcodex.com — do not exploit it. We will respond within 48 hours.

We will update this policy when we add features that collect new data types or when the law changes. For material changes we will surface an in-app notice on the next launch.

Privacy enquiries: hello@fishingcodex.com · FISHINGCODEX LIMITED (NZBN 9429053662774).