Freedom Boat Club ("FBC", "we", "us") operates the FBC Fishing Companion ("the App") at fishing.freedomboatclub.ai. This Privacy Policy explains what information the App collects, how we use it, who we share it with, and the choices you have.
1. Information we collect
a. Real-time location (GPS)
If you grant the App permission, your device's GPS latitude and longitude are read in two ways:
- Point samples — taken when you open the chart, identify a fish, or look up regulations, so we can center the chart, resolve which fishing zone you are in, and fetch local weather/tide/current data for that point.
- Continuous breadcrumbs (Trip Log only) — while a trip is actively logging, the App records a GPS sample roughly every 2 seconds (or after ~10 m of movement) and stores the path on our servers as a sequence of
{lat, lon, timestamp, accuracy}rows so the trip can be replayed afterwards. Breadcrumbs are only collected while a trip is open; ending the trip stops the recording.
GPS access is optional. If you decline it, the App still works — you can pick your state or zone manually, and the Trip Log button will be unavailable.
b. Photos you submit for fish identification
When you tap "Identify a Fish", the photo bytes are sent to our server and forwarded to Anthropic's Claude Vision API for analysis. By default, we do not retain the photo itself — only a short non-reversible content hash, the predicted species, the model's top-3 alternatives, your photo-quality classification, and any GPS coordinates you let us read. The photo bytes are dropped after the API response.
If you turn on the "Save catch photos" toggle in Account preferences, photos you submit going forward are processed (auto-rotated, resized to a maximum of 1600 px on the long edge, EXIF metadata stripped including any embedded GPS, and re-encoded as JPEG) and stored in our object storage at Cloudflare R2 so you can revisit them later in your Account → Fish IDs view. The toggle is off by default and can be turned off again at any time. Turning it off does not delete photos uploaded before that point — to remove those, contact us at the email below.
c. Catch metadata, achievements, and gameplay
Each fish identification is stored as a row that records (in addition to the species/confidence above) any keep / released / escaped action you record, the regulation zone the catch fell in, the trip it was associated with (if any), and an internal timestamp. Signed-in members additionally accumulate:
- Badges — earned + in-progress state on the achievement catalog.
- Points ledger — an append-only history of point credits with a short reason label for each (e.g. "Conservation release · Seatrout").
- Challenges — the rotating challenge instances you've been assigned and which ones you've completed.
- Knot practice — when you check off a knot as practiced.
d. Leaderboards (opt-in)
The National leaderboard is off by default — your rank, points, and badges are not visible to other members until you turn it on under Account → Leaderboards. When you opt in, you may also pick a display handle (free-form, up to 32 characters); without one you appear as an anonymous "Angler ####" placeholder. You can opt out again at any time.
e. Private fishing spots
If you save a private fishing spot from the chart, the spot's lat/lon, name, and any description you enter are stored on our servers attached to your account. Private spots are visible only to you and are never surfaced to other members.
f. Assistant chat transcripts
Messages you send to the in-app Assistant, and its replies, are stored on our servers in association with a session identifier so the Assistant can follow a conversation thread. Cross-session memory is off by default; you can enable it under Account → Preferences ("Assistant memory") and disable or clear it again at any time. We review transcripts in aggregate to improve answer quality.
g. Anonymous device identifier
The App generates a random UUID on first launch and stores it in your browser's localStorage as fbc_device_id. This identifier lets us link a fish ID, a trip, and any subsequent keep/release action to the same anonymous device when you are not signed in, so the trip-log and per-catch features still work without an account. The identifier is not tied to your real-world identity, is local to that browser, and is wiped if you clear site data.
h. Device and usage information
We log standard web request information (IP address, browser user-agent, timestamps) and in-app events (feature tapped, errors encountered, map-layer toggled) so we can diagnose issues and prioritize improvements.
i. Account information (if you sign in)
If you sign in using Google, we receive your email address and basic profile information (name, profile picture URL). We do not receive your Google password. We store your email to associate your data across devices, to power achievements/leaderboards, and to restrict administrative access.
j. Push notification subscriptions (opt-in)
If you turn on notifications under Account → Notifications, your browser creates a push subscription and we store it on our servers: a subscription endpoint URL (issued by your browser or operating-system push service), the public encryption keys your browser generates for that subscription, and — if you are signed in — a link to your account so we can reach your devices. Notifications are off by default. You can turn them off at any time from the same toggle, or by revoking notification permission in your browser or device settings. On iPhone and iPad, push notifications are only available if you have added the App to your Home Screen.
2. How we use your information
- To provide the features of the App — fish identification, regulation lookup, tides, weather, currents, the Assistant chat, the Trip Log, achievements, and leaderboards.
- To resolve your fishing zone from your GPS so we can present the correct regulations.
- To diagnose and fix problems, and to improve accuracy of fish identification and regulations.
- To prevent abuse of the service (rate limiting, fraud detection, leaderboard integrity).
- To communicate with you about your account or material changes to the service.
- To send push notifications you have opted into — such as fishing-condition alerts, regulation changes, and Freedom Boat Club updates.
- To decide which opted-in members a given notification is relevant to, we may target it using your activity in the App — for example the regions you have fished, the species you have identified, or how recently you have been active — or send it to you individually. Targeting only uses data already described in this policy, and only members who have turned notifications on receive anything.
3. Who we share information with
We share information only with the service providers strictly necessary to operate the App:
- Anthropic, PBC — fish-identification and Assistant chat requests are sent to Anthropic's Claude API. See Anthropic's privacy policy.
- Cloudflare, Inc. — content delivery network and DDoS protection in front of the App; and (when you opt into "Save catch photos") Cloudflare R2 object storage where your processed catch photos are stored.
- NOAA / National Weather Service — requests for tide predictions, weather alerts, sea-surface temperature, and currents data. We send your approximate location but no identifying information.
- OpenWeatherMap — requests for weather conditions. Same as above.
- Google LLC — if you sign in with Google SSO, the authentication handshake uses Google's OAuth service.
- Apple, Google, or Mozilla — if you opt into push notifications, each notification is delivered through the push service operated by the maker of your browser or device (Apple for Safari/iOS, Google for Chrome/Android, Mozilla for Firefox) to reach your device.
- Railway Corp — hosting provider for our application and database.
We do not sell personal information. We do not share information with advertisers.
4. Cookies and local storage
We use a first-party cookie to keep you signed in (member session and administrative dashboard session) and browser localStorage for: the anonymous fbc_device_id described above, the in-progress trip's pending breadcrumb buffer (so a network gap doesn't lose points), and UI preferences such as your selected region, recent tide stations, and map-layer state. None of these are used for cross-site tracking.
5. Retention
- Catch identification rows (species/confidence/zone/keep-release/coords) — up to 24 months for accuracy review.
- Catch photos in R2 (opt-in only) — kept until you turn the toggle off and request deletion, or you ask us to delete them.
- Trip log + breadcrumbs — kept for the lifetime of your account so you can replay past trips. You can delete a trip at any time from Account → Trips, or have your whole gameplay history wiped via the request channel below.
- Achievements, points, challenges, knot practice — kept for the lifetime of your account so your level and badges persist; deleted on full account deletion.
- Assistant chat transcripts — up to 12 months. You can clear them yourself at any time under Account → Preferences.
- Analytics event logs — up to 36 months in aggregated form.
- Push notification subscriptions (opt-in only) — kept until you turn notifications off, or until your browser's push service reports the subscription has expired, at which point it is removed automatically.
- Anonymous device-keyed data (catches and trips logged without a sign-in) — retained 12 months from the device's last activity, then purged.
6. Your rights
You have the right to:
- Access the information we hold about you.
- Correct inaccurate information.
- Delete specific records (photos, trips, conversations) or your entire account and associated data.
- Object to specific uses of your information.
- Opt out of optional features at any time — the National leaderboard, Assistant cross-session memory, "Save catch photos", and push notifications all have in-app toggles, and GPS and notification permissions can also be revoked from your browser or device settings.
Several rights are self-service today: clearing chat history (Account → Preferences), deleting a private spot (Account → My Spots), and turning off photo retention (Account → Preferences). For everything else — including a full data export or full deletion — email [email protected]. We will respond within 30 days.
7. Children
The App is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us and we will delete it.
8. Security
We use TLS encryption for all traffic to and from the App. Database access is restricted to authorized systems. Photos uploaded to R2 are stored in a private bucket served via a Cloudflare-managed public URL prefix; we do not store passwords in plain text. No system is perfectly secure — if you believe your account has been compromised, contact us immediately.
9. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be announced in-app.
10. Contact
Freedom Boat Club
Email: [email protected]