Privacy Policy

1. Introduction

Welcome to HuntFishSport, operated by Fresh Logix LLC ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services located at huntfishsport.com (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

• Register for an account (name, email address, password)

• Subscribe to our Pro tier (billing information processed by Stripe)

• Save location preferences (geographic coordinates, location names)

• Contact us for support (email address, message content)

• Use our mobile applications (device identifiers for guest access, push notification tokens for Pro subscribers)

• Enable push notifications (Pro tier feature: device push token for alert delivery)

• Export calendar events (we collect and process event details you request to export)

2.2 Information Automatically Collected

When you access our Service, we automatically collect certain information about your device and usage:

• Device Information: IP address, browser type, operating system, device type

• Usage Data: Pages visited, features used, time spent on pages, clicks

• Cookies and Tracking: Session cookies, authentication cookies, CSRF protection tokens

• Location Data: Geographic coordinates when you search for or save locations

• Analytics Data: Page views, session duration, traffic sources, and user interactions collected via Google Analytics 4

2.3 Information from Third-Party Services

We integrate with third-party services that may collect information.

3. How We Use Your Information

We use your personal information for the following purposes:

• Provide Services: Deliver solunar data, weather forecasts, and location-based features

• Account Management: Create and manage your account, authenticate access, process subscriptions

• Payment Processing: Process payments and manage billing through Stripe

• Communication: Send password reset emails, subscription confirmations, service updates

• Personalization: Remember your saved locations and preferences

• Analytics: Understand usage patterns, improve features, optimize performance

• Security: Detect fraud, prevent abuse, enforce terms of service

• Legal Compliance: Comply with legal obligations, resolve disputes

• Advertising: Display contextual advertisements (free tier users only, via Google AdSense)

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: Third-party vendors who provide services on our behalf

• Business Transfers: In connection with a merger, acquisition, or sale of assets

• Legal Requirements: When required by law, court order, or government request

• Protection of Rights: To protect our rights, privacy, safety, or property, or that of our users

• Aggregated Data: Non-identifiable, aggregated data for analytics and research

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. See our Cookie Policy for detailed information.

Essential Cookies: Required for authentication, security (CSRF protection), and basic functionality

Analytics Cookies: Google Analytics 4 sets cookies (_ga, _gid, _gat) to distinguish users and throttle request rate. These cookies collect anonymized data about how visitors use our site.

Third-Party Cookies: Google AdSense may set cookies for advertising purposes (free tier users only)

You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

• Encryption: HTTPS/TLS encryption for data in transit, database encryption at rest

• Authentication: Secure password hashing (bcrypt), JWT session tokens with HTTP-only cookies

• Access Controls: Role-based access, admin-only features, database connection security

• Security Headers: HSTS, X-Frame-Options, Content Security Policy

• Rate Limiting: Protection against brute force attacks and abuse

• CSRF Protection: Token-based protection for state-changing operations

• Monitoring: Error tracking (Sentry) and security monitoring

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6.1 Mobile App Permissions

Our iOS and Android mobile applications request specific permissions to deliver core features. These permissions are optional and can be managed through your device settings:

• Location Permissions (iOS & Android): Required to calculate accurate solunar data and find hunting/fishing spots near you. We collect your precise geographic coordinates. Background location access is only used for Pro subscribers who have opted into peak solunar activity push alerts — we use this to send timely notifications when peak times occur in your area.

• Calendar Permissions (iOS & Android): Used only when you explicitly choose to export a solunar prediction or hunting/fishing day to your device calendar. We do not automatically write to your calendar. Calendar data is processed locally on your device and not sent to our servers.

• Contacts Permissions (iOS): Available for future features that allow you to invite others to hunting and fishing events. Currently not actively used.

• Push Notification Tokens (Pro feature): When you enable push notifications on the mobile app (Pro tier only), we collect and store your device's push notification token. This token allows us to send you timely peak activity alerts and Pro feature notifications. The token is deleted when you disable notifications or unsubscribe from the Pro tier.

Platform Note: Mobile app permission prompts appear when you first access a feature requiring that permission. You can deny permissions or revoke them later through device settings. If you deny location permissions, we cannot provide solunar calculations. If you deny calendar permissions, you will not be able to export events to your calendar.

7. Data Retention

We retain your personal information only as long as necessary for the purposes described in this Privacy Policy:

• Account Data: Retained while your account is active and for 30 days after deletion request

• Payment Records: Retained for 7 years for tax and accounting purposes (Stripe handles payment data)

• Usage Logs: Retained for 90 days for analytics and troubleshooting

• Guest Tokens: Expired tokens deleted automatically after expiration date

• Push Notification Tokens: Retained only while your Pro subscription is active and notifications are enabled. Tokens are deleted when you cancel your subscription, disable notifications, or request account deletion. Expired or inactive tokens are automatically cleaned up after 30 days of device non-engagement.

• Location History: Your saved locations are retained as part of your account data. Real-time location data used to calculate solunar predictions is not stored server-side.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of your personal information

• Correction: Request correction of inaccurate or incomplete information

• Deletion: Request deletion of your personal information (right to be forgotten)

• Data Portability: Receive your data in a machine-readable format

• Opt-Out: Opt out of marketing communications (future feature)

• Restriction: Request restriction of processing in certain circumstances

• Objection: Object to processing based on legitimate interests

To exercise these rights, please contact us at [email protected]. We will respond within 30 days of receiving your request.

8.1 GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to lodge a complaint with a supervisory authority

• Right to withdraw consent at any time

• Legal basis for processing: consent, contract performance, legitimate interests

8.2 CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected

• Right to know if personal information is sold or disclosed

• Right to opt-out of sale of personal information (we do not sell personal information)

• Right to non-discrimination for exercising CCPA rights

9. Children's Privacy

Our Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your country.

We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses approved by the European Commission

• Service providers with adequate data protection measures

• Encryption and security controls for data in transit

11. Third-Party Services

Our Service integrates with third-party services that have their own privacy policies:

• Stripe: Stripe Privacy Policy

• Visual Crossing Weather: Visual Crossing Privacy Policy

• GeoNames: GeoNames Privacy Policy

• Google Analytics 4: We use Google Analytics to understand how visitors interact with our site. Google Analytics collects anonymized usage data including pages visited, session duration, and traffic sources. Data is processed in accordance with Google's Privacy Policy. You may opt out via Google Analytics Opt-out Browser Add-on.

• Google AdSense: Google Privacy Policy

• Sentry: Sentry Privacy Policy

We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies.

11.1 Mobile App Platform Differences

HuntFishSport is available as a web app (huntfishsport.com) and as native iOS and Android mobile apps via Capacitor. There are minor differences in data handling across platforms:

• Web App: All data is transmitted via HTTPS to our servers. Session cookies are used for authentication. Location data is collected and processed server-side. No local data persistence beyond session storage.

• Mobile Apps (iOS & Android): Apps load the same web app content but run in a native WebView with access to device permissions (location, calendar, contacts, notifications). Location data can be accessed by the device OS for permission requests. Calendar export events are written directly to your device's native calendar app without server transmission. Push notification tokens are stored server-side for alert delivery.

• Guest Mode (Mobile Only): On mobile apps, users can access the app without creating an account using a device identifier for session persistence. Guest mode has limited feature access and no push notifications or saved locations.

• Background Activity (Mobile Pro Feature): When background location for push alerts is enabled (iOS & Android Pro subscribers), the mobile OS may collect location data periodically to support alert delivery. This is controlled by your device's location settings and the app's notification permissions.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Updating the "Last Updated" date at the top of this policy

• Posting a notice on our website for 30 days

• Sending an email notification (for significant changes)

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We will respond to your inquiry within 30 days of receipt.

14. Attribution

Location data provided by © GeoNames, licensed under Creative Commons Attribution 4.0 International License.