Privacy

Last updated May 15, 2026

GhostFingers Fish is a fishing intel app for the California coast. This page explains what data the app touches and what we promise never to do with it.

The headline promises

What stays on your device

Everything you create in GhostFingers Fish lives on the iPhone or iPad you entered it on. That includes:

There is no account in V1. There is no cloud sync. Restoring a backup of your phone restores your fish data via standard iOS backup encryption. If you uninstall the app, your data on the device goes with it.

What the app fetches from the internet

To produce a daily verdict, the app makes anonymous requests to public data services run by government and public agencies, plus a few public RSS feeds for the Watch ribbon.

These are public data sources. Each request includes a User-Agent string identifying the app. None of these requests include your name, email, or any personal information. Your IP address is visible to those services for the duration of the request, the same way it would be when you visit any website.

What the app may request from you

Location, when you tap "Use my current location." When you drop a pin to create a custom spot, GhostFingers Fish asks iOS for your latitude and longitude one time to fill the coordinate fields. The reading is used immediately and not stored anywhere off-device. You can decline the prompt and enter coordinates manually or pick a spot on the map. You can revoke the permission any time in iOS Settings.

Photos, for the catch log and Catch Trophy. When you log a catch, the app asks for photo library access so it can attach a photo you pick to the catch entry, and for permission to save finished trophy cards back to your library. The app does not use the camera. Catch Trophy uses Apple's on-device Vision framework to process your photo. That processing happens entirely on your device. Your photo is not transmitted off the device.

Notifications, when you opt in. If you allow notifications, the app schedules local-only push alerts on your device when one of your favorite spots crosses into a Chewing or BLITZ tier, when a regulation change affects a species you target, or when a seasonal opener fires. No notification content is sent through Apple's servers. The cap is three notifications per week. Quiet hours are 9 PM to 5 AM by default.

What we do not collect

Crash reporting

The launch version sends no crash reports. The crash-reporting SDK ships in the binary but is disabled, and no data leaves the device. If a future version turns it on, crash reports will be opt-in: the first time the app crashes, you will be asked whether to send the report. If you accept, the crash service (Sentry) receives a stack trace and device model. No personal information, no catch data, no spot data, no location data would be included. You would be able to revoke crash reporting at any time in Settings, and this policy will be updated before crash reporting is enabled.

Ads + sponsorships

The launch version has none of the following. No ads, no sponsorships, no affiliate links, no named-source sponsored content. The section below describes how monetization would work IF and WHEN it is introduced in a later version, so the disclosure is on the record up front.

A future free tier may be supported by a combination of programmatic ads, direct brand sponsorships, named-source field reports, event-card sponsors, and affiliate gear recommendations, as a way to keep the public-data layer free.

Programmatic ads (future). A future free tier may include programmatic display ads served via Apple Ads, AdMob, or a similar standard SDK. Apple's App Tracking Transparency framework applies: when an ad SDK requests tracking permission, you will be prompted, and you can decline. If you decline, you will see contextual rather than personalized ads, and the rest of the app continues to work normally.

Direct sponsorships. Direct brand sponsorships would cover specific surfaces in a future free tier (event cards, named-source field reports, gear-rec slots). Sponsored surfaces are clearly attributed. Sponsorships are editorial-attribution only and never bias the rating engine or the tackle recommender. A sponsor cannot pay to make their product the "today's pick" or their landing the "today's spot."

Affiliate links (future). In a future free tier, some gear recommendations in the tackle recommender may be affiliate links. If you tapped one and bought the item, we would receive a small revenue share. Any affiliate links would be FTC-disclosed and would never bias the recommendation engine. The launch version contains none.

Paid tier (future). If monetization is introduced, a paid tier would remove all of the above: no ads, no sponsorships, no affiliate slots, no named-source sponsored content. Pricing is not set; these terms and the in-app disclosure would be updated before anything is charged or shown.

Children

GhostFingers Fish is not directed at children under 13 and does not knowingly collect any data from children under 13. The App Store age rating is 12+ for the data infrequent/mild references content rating.

California residents (CCPA + CPRA)

Because the app does not transmit your catch data, spot data, or gear catalog off-device, there is no off-device personal information for us to disclose, delete, or stop selling. The waitlist email database is self-hosted on Cloudflare Workers KV (the same backend as the GhostFingers surf app waitlist; no third-party email service is involved). It holds your email address, the page you signed up from, the referring URL if available, your IP address, and a timestamp. The email is used for sending one launch email and one TestFlight invite. To request deletion of your waitlist email, contact [email protected].

Changes to this page

If our practices change, we will update this page and revise the date at the top. Material changes will be surfaced in-app.

Contact

Questions about privacy: [email protected]