Privacy Policy

Last updated: March 12, 2026 (revised)

CatchVault ("we," "us," or "our") operates the CatchVault mobile application and the website at catchvault.co. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using CatchVault, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the app or website.

Information We Collect

Account Information

When you create an account, we collect your name, email address, and an optional profile photo. You can sign up with email and password, Apple Sign In, or Google Sign In. If you use Apple or Google Sign In, we receive only the information those services provide (typically your name and email).

Profile Information

You may optionally provide additional profile details including a display name, profile slug (username), and the states where you fish. You can set your profile to public or private at any time.

Catch Data

When you log a catch, we collect the information you provide: species, length, weight, fishing technique, lure or bait used, photos, and any notes. If you grant location permission, we record the GPS coordinates of your catch. Photos may also be analyzed on-device using AI for species identification and LiDAR-based length measurement on supported devices.

Weather Data

When you log a catch with location data, we automatically fetch weather conditions (temperature, wind, pressure, humidity, precipitation, cloud cover, UV index, and related atmospheric data) from Open-Meteo, a third-party weather service. Only your catch coordinates and timestamp are sent to retrieve this data.

Messages and Social Features

CatchVault includes social features such as direct messages, comments, likes, and the ability to follow other anglers. The content of messages you send, comments you post, and your social interactions are stored to provide these features.

Device and Usage Information

We may collect basic device information such as device type and operating system version to ensure app compatibility and improve performance. We use on-device caching to store images locally for faster loading.

How We Use Your Information

  • Provide the service — display your catches, populate leaderboards, enable social features, and show your profile to other users (if public).
  • AI Fishing Assistant — if you use the Finn AI assistant, your catch history and question are sent to our AI provider (Anthropic) to generate personalized fishing advice. This data is not used to train AI models.
  • Weather context — attach real-time weather data to your catches so you can identify patterns over time.
  • Species information — species names may be sent to Wikipedia to retrieve reference information displayed in the app.
  • Tournaments and events — if you join tournaments, your relevant catch data is used to calculate standings and rankings.
  • Improve the app — we may use aggregated, non-identifiable data to understand usage patterns and improve features.

Third-Party Services

We use the following third-party services to operate CatchVault:

  • Supabase — cloud database and file storage for all account data, catches, photos, and messages.
  • Anthropic (Claude API) — powers the Finn AI fishing assistant. Catch history and your question are sent to generate responses. Anthropic does not use this data to train models.
  • Open-Meteo — weather data provider. Receives GPS coordinates and timestamps to return weather conditions. Open-Meteo is a free, open-source weather API.
  • Wikipedia API — used to fetch species reference information. Only species names are sent.
  • Apple & Google — if you choose to sign in via Apple or Google, authentication is handled by their respective services under their own privacy policies.

We do not sell, rent, or share your personal information with advertisers or data brokers.

Affiliate and Brand Partnerships

CatchVault may participate in affiliate programs or brand partnerships with fishing tackle manufacturers, retailers, and other outdoor industry companies. This means we may earn a commission if you purchase a product or service through a link or recommendation within the app or on our website.

Affiliate and partner content will always be clearly identified. These partnerships do not affect how we collect, store, or use your personal data. We do not share your personal information with affiliate or brand partners unless you explicitly opt in to a specific offer or promotion that requires it.

Device Permissions

  • Camera & Photo Library — used to take or select photos of your catches. Photos are uploaded to our servers when you log a catch.
  • Location — used to tag catches with GPS coordinates and to fetch weather data. Location access is optional and can be revoked at any time in your device settings. We request approximate location accuracy (within about 1 kilometer).
  • LiDAR Sensor — on supported devices, used for on-device fish length measurement. LiDAR data is processed locally and is not uploaded.

Data Storage and Security

Your data is stored on Supabase-managed infrastructure with industry-standard encryption in transit and at rest. Photos are stored in secure cloud storage (S3-compatible). We use row-level security policies to ensure users can only access their own private data.

While we take reasonable measures to protect your information, no system is completely secure. We cannot guarantee absolute security of your data.

Your Rights and Choices

  • Access and update — you can view and edit your profile information and catches at any time within the app.
  • Delete catches — you can delete individual catches, comments, likes, and follow connections from within the app.
  • Delete your account — you can delete your entire account from the app settings. This removes your profile, catches, and associated data from our servers.
  • Profile visibility — you can set your profile to private at any time, which hides your catches and profile from other users.
  • Revoke permissions — you can revoke camera, photo, or location permissions at any time through your device settings.

California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

  • Right to know — you have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business purpose for collecting it, and the categories of third parties with whom it is shared.
  • Right to delete — you have the right to request deletion of your personal information. You can delete your account and all associated data directly from the app, or contact us to submit a deletion request.
  • Right to opt out of sale — CatchVault does not sell your personal information to third parties. Because we do not sell personal information, there is no need to opt out.
  • Right to non-discrimination — we will not discriminate against you for exercising any of your CCPA rights. You will not receive a different level of service or pricing for making a privacy request.

To exercise any of these rights, please contact us at support@catchvault.co. We will respond to verifiable requests within 45 days.

Children's Privacy

CatchVault is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of CatchVault after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy or your data, please contact us at support@catchvault.co.