Privacy
Last updated May 15, 2026
Pre-launch draft · Lawyer review pending before App Store submissionGhostFingers Fish is a fishing intel app for the California coast. This page explains what data the app touches and what we promise never to do with it.
The headline promises
- Your catch log stays on your device. We do not have a copy. We do not sync it to a server. We do not broadcast catch locations to anyone.
- We do not sell, rent, or share your catch data, location data, or spot list with any broker, insurer, aggregator, or third party.
- We do not paywall the public-data layer. NOAA tides, NDBC buoys, SCCOOS sea-surface temperature, CDFW seasons, and computed solunar windows stay free on both tiers, forever.
- Pro tier removes all ads and all sponsorships. We do not show ads inside the Pro experience under any circumstance.
What stays on your device
Everything you create in GhostFingers Fish lives on the iPhone or iPad you entered it on. That includes:
- Your favorite spots and drop-pinned custom spots
- Your catch log entries (species, length, weight, photo, conditions snapshot, spot, date)
- Your gear catalog (rods, reels, lures, flies, terminal tackle)
- Your spot-by-spot tuning (productive tide stages, productive SST bands)
- Your pattern dashboard (computed locally from your own catches)
- Your visibility log (spear and lobster surface)
- Your generated trophy cards (both Vanilla and Punk variants)
There is no account in V1. There is no cloud sync. Restoring a backup of your phone restores your fish data via standard iOS backup encryption. If you uninstall the app, your data on the device goes with it.
What the app fetches from the internet
To produce a daily verdict, the app makes anonymous public-data requests to:
- NOAA National Data Buoy Center (buoy observations)
- NOAA CO-OPS (tide predictions)
- NOAA HRRR (wind, pressure, marine weather)
- CDIP UCSD (nearshore wave models)
- SCCOOS (sea-surface temperature, kelp canopy)
- UCSD HF radar (surface currents)
- Open-Meteo (general weather)
- USGS (streamflow and lake-level data, for freshwater spots)
- CDFW (season and bag-limit regulation data)
- Marine Management News RSS, BD Outdoors RSS, CalTrout RSS (Watch ribbon content)
These are public data sources. Each request includes a User-Agent string identifying the app. None of these requests include your name, email, or any personal information. Your IP address is visible to those services for the duration of the request, the same way it would be when you visit any website.
What the app may request from you
Location, when you tap "Use my current location." When you drop a pin to create a custom spot, GhostFingers Fish asks iOS for your latitude and longitude one time to fill the coordinate fields. The reading is used immediately and not stored anywhere off-device. You can decline the prompt and enter coordinates manually or pick a spot on the map. You can revoke the permission any time in iOS Settings.
Photos, for the catch log and Catch Trophy. When you log a catch, the app asks for camera or photo library access so it can attach a photo to the catch entry. Catch Trophy uses Apple's on-device Vision framework for the Vanilla blur, and a third-party AI image API (Black Forest Labs / Replicate) for the Pro-tier Punk Trophy. When you generate a Punk Trophy, your photo and a generation prompt are sent to that API. The result is returned and saved locally. No catch metadata (spot coordinates, species, date) is sent with the image. The third party may briefly log the request per its own terms.
Notifications, when you opt in. If you allow notifications, the app schedules local-only push alerts on your device when one of your favorite spots crosses into a Chewing or BLITZ tier, when a regulation change affects a species you target, or when a seasonal opener fires. No notification content is sent through Apple's servers. The cap is three notifications per week. Quiet hours are 9 PM to 5 AM by default.
What we do not collect
- We do not track your in-app screen views or taps.
- We do not run third-party analytics SDKs (Mixpanel, Amplitude, Google Analytics, etc.).
- We do not have a server for your catch data, spot list, or gear catalog.
- We do not include third-party social-login SDKs.
Crash reporting
The app may include Sentry crash reporting for V1. Crash reports are opt-in: the first time the app crashes, you will be asked whether to send the report. If you accept, Sentry receives a stack trace and device model. No personal information, no catch data, no spot data, no location data is included in the crash report. You can revoke crash reporting at any time in Settings.
Ads + sponsorships on the Free tier
The Free tier is supported by a combination of programmatic ads, direct brand sponsorships, named-source field reports, event-card sponsors, and affiliate gear recommendations. This is how we keep the public-data layer free.
Programmatic ads. The Free tier may include programmatic display ads served via Apple Ads, AdMob, or a similar standard SDK. Apple's App Tracking Transparency framework applies: when an ad SDK requests tracking permission, you will be prompted, and you can decline. If you decline, you will see contextual rather than personalized ads, and the rest of the app continues to work normally.
Direct sponsorships. Brands like Cito Wraps, Salty Crew, Ballast Point, AFTCO, and California freshwater brands sponsor specific surfaces in the Free tier (event cards, named-source field reports, gear-rec slots). Sponsored surfaces are clearly attributed. Sponsorships are editorial-attribution only and never bias the rating engine or the tackle recommender. A sponsor cannot pay to make their product the "today's pick" or their landing the "today's spot."
Affiliate links. Some gear recommendations in the tackle recommender are affiliate links. If you tap one and buy the item, we may receive a small revenue share. Affiliate links are FTC-disclosed and never bias the recommendation engine.
Pro tier. Pro at $19.99 per year removes all of the above. No ads, no sponsorships, no affiliate slots, no named-source sponsored content. Pro is the no-ads surface.
Children
GhostFingers Fish is not directed at children under 13 and does not knowingly collect any data from children under 13. The App Store age rating is 12+ for the data infrequent/mild references content rating.
California residents (CCPA + CPRA)
Because the app does not transmit your catch data, spot data, or gear catalog off-device, there is no off-device personal information for us to disclose, delete, or stop selling. The waitlist email database is self-hosted on Cloudflare Workers KV (the same backend as the GhostFingers surf app waitlist; no third-party email service is involved). It holds your email address, the page you signed up from, the referring URL if available, your IP address, and a timestamp. The email is used for sending one launch email and one TestFlight invite. To request deletion of your waitlist email, contact [email protected].
Changes to this page
If our practices change, we will update this page and revise the date at the top. Material changes will be surfaced in-app.
Contact
Questions about privacy: [email protected]