Privacy Policy | FISHMARKS GPS Fishing App Data Protection

Effective Date: February 10, 2026 • Last Updated: March 9, 2026

Data Security

Complete Data Isolation

Every database query is enforced with Row-Level Security (RLS) — a PostgreSQL feature that guarantees you can only access your own data. This isn't application-level filtering that can be bypassed; it's enforced at the database engine itself. No other user can ever see your waypoints, catches, trips, or routes.

Encrypted at Rest & In Transit

All data stored in our database is encrypted at rest using AES-256 encryption. Every connection between your browser and our servers uses TLS (HTTPS), so your data is encrypted in transit as well. No one can intercept or read your information.

Optional Client-Side Encryption

For maximum protection, you can enable client-side encryption from Settings > Security. Your waypoint names, coordinates, and notes are encrypted in your browser using AES-256-GCM before they ever leave your device. Only you hold the passphrase — we never see it and cannot decrypt your data. Even if our database were compromised, your encrypted waypoints would be unreadable without your passphrase.

When you share a list, waypoints in that list are automatically stored as plaintext so recipients can view them. They are re-encrypted if you later remove all guests.

We Don't View Your Data

We do not browse, analyze, or mine your waypoints or any other personal data. We have no interest in where you fish. Our database infrastructure is managed by Supabase, an open-source platform with SOC 2 Type II compliance, meaning their security practices are independently audited.

Sharing is Always Opt-In

Your data is private by default. Nothing is ever shared unless you explicitly choose to share a list with another user. You control who has access and can revoke it at any time.

Your Data, Your Control

You can export all of your data at any time in GPX or CSV format. If you ever want to leave, you can delete all of your data permanently from Settings. We don't hold your data hostage.

Secure Payments

All payment processing is handled by Stripe, a PCI Level 1 certified payment processor. We never see or store your credit card number. Stripe handles billions of dollars in transactions annually for companies like Amazon and Google.

The data security features described above — including database encryption, row-level security, cloud storage, and client-side encryption — apply to paid subscriptions (Angler and Captain). Free accounts store data locally in the browser and do not use cloud-based security infrastructure.

AES-256 Encryption SOC 2 Type II (Supabase) PCI Level 1 (Stripe) Row-Level Security Client-Side Encryption

Privacy Notice

This Privacy Notice describes how Fishmarks™ ("we", "us", "our"), operated by Techlogic Advisors, LLC, collects, uses, and protects your personal information when you use our Service.

1. Information We Collect

Information you provide:

Account information (name, email address, mobile number, zip code)
GPS waypoints, lists, trip logs, catch records, and route data you create
Profile information including display name and avatar
Communications you send to us (contact form submissions, support requests)

Information collected automatically:

Login history (timestamps, browser/device information, login method)
Usage data (features accessed, subscription changes)
Browser type and user agent string

Information collected by third parties:

Payment information is collected and processed by Stripe. We do not store credit card numbers or full payment details on our servers.
If you sign in with Google, we receive your name, email, and profile picture from Google.

2. How We Use Your Data

We use the information we collect to:

Provide, maintain, and improve the Service
Process subscription payments and manage billing
Send service-related communications (account confirmations, billing notifications)
Respond to your support requests and inquiries
Monitor usage for abuse prevention and security purposes
Generate anonymized, aggregate statistics to improve the platform

We do not use your data for advertising purposes. We do not build advertising profiles from your fishing data or waypoint information.

3. Data Storage & Security

Your data is stored securely using industry-standard practices:

Cloud data is stored in a PostgreSQL database hosted by Supabase with Row-Level Security (RLS) ensuring users can only access their own data
Data is encrypted in transit (TLS/SSL) and at rest
Authentication is managed through Supabase Auth with secure token-based sessions
Free account data stored in browser localStorage is subject to the security of the user's device and browser

While we implement reasonable security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

4. Data Sharing

We do not sell, rent, or trade your personal information to third parties.

We share your information only with the following service providers, solely for the purpose of operating the Service:

Stripe — Payment processing (name, email, payment details)
Supabase — Cloud database and authentication infrastructure
Resend — Transactional email delivery (name, email, message content)
Google — Only if you use Google Sign-In (authentication data)

We may also share data if required by law, legal process, or to protect the rights, property, or safety of Fishmarks™, our users, or the public.

5. Your Rights

You have the right to:

Access your data: View all data associated with your account through the Service
Export your data: Download your waypoints, lists, and other data in GPX or CSV format at any time
Correct your data: Update your account information and waypoint data through the Service
Delete your data: Request deletion of your account and all associated data by contacting support at [email protected]
Cancel your subscription: Manage or cancel your subscription through your account settings

6. Cookies & Local Storage

The Service uses browser localStorage to store:

Free account waypoint and list data
User interface preferences (map layer, display settings, sidebar state)
Authentication session tokens

We do not use tracking cookies, advertising cookies, or third-party analytics cookies. We do not participate in cross-site tracking networks.

7. Children's Privacy

The Service is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information promptly. If you believe a child under 13 has provided us with personal information, please contact us at [email protected].

8. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or for operational, legal, or regulatory reasons. The "Last Updated" date at the top of this document indicates when the most recent changes were made. For material changes, we will provide notice through the Service or via email. Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Notice.

Contact

If you have questions about this Privacy Policy, please contact us:

Fishmarks™, a Techlogic Advisors, LLC solution
Based in Florida, United States of America
Email: [email protected]

Stripe® is a registered trademark of Stripe, Inc. Google® is a registered trademark of Alphabet Inc. Supabase™ is a trademark of Supabase, Inc. OpenStreetMap® is a registered trademark of the OpenStreetMap Foundation. Bing™ is a trademark of Microsoft Corporation. Esri® is a registered trademark of Esri. All other trademarks, service marks, and trade names referenced herein are the property of their respective owners.