BiteCast Privacy Policy

Last updated: June 30, 2026

This Privacy Policy explains how Ivan Silkin ("BiteCast," "we," "us," or "our") collects, uses, shares, and protects information when you use the BiteCast mobile application and related services (the "App"). Please read it together with our Terms of Service. By using the App, you agree to the practices described here.


1. Who We Are and How to Contact Us

The data controller responsible for your personal data is Ivan Silkin.

For any privacy question, request, or complaint, contact us at: contact@bitecast.fish.

We are established in the Republic of Cyprus, in the European Union. If you are in the European Economic Area or the United Kingdom, you can contact us directly using the email address above to ask a question or exercise your privacy rights.


2. Scope and Updates

This Policy covers personal data we process through the App, including its core features: the Fish Score and forecast tools, the photo species scanner, the catch log, the AI fishing coach, saved fishing spots, and the species encyclopedia. It does not cover third-party services that have their own privacy policies, which are listed in Section 6.

We may update this Policy from time to time. The "Last updated" date above shows when it last changed. See Section 14 for how we notify you of changes.


3. Privacy at a Glance

A few facts that limit what we collect about you:

  • Anonymous by default. You can use the App with an anonymous account. You are not required to give us your name or email unless you choose to upgrade to Sign in with Apple.
  • Your spots and catches are private by default. Fishing spots you save and catches you log are stored to your own account and are not made public by us.
  • You control your data. You can delete your account and associated data from within the App.

Details on how we handle the "sale" and "sharing" of personal information appear in Section 10.


4. Information We Collect

We collect only the categories of data described below. Each is tied to a real feature of the App.

4.1 Account and Authentication Data

When you first open the App, an anonymous account is created for you. We store a user identifier (a UUID), an anonymous-status flag, and session tokens used to keep you signed in. Session tokens are stored on your device.

If you upgrade to Sign in with Apple, Apple may provide us with a name and an email address (which may be an Apple private relay address) according to your choices in the Apple sign-in screen.

4.2 Profile and Onboarding Answers

We store the preferences and answers you provide during onboarding and in settings, which may include: an optional name, your units (metric or imperial), your water type preference (fresh, salt, both), the species you focus on, your fishing method ("craft"), a reference to your home spot, and your raw onboarding quiz answers. The quiz answers can include an age range, how you found the App, your fishing intent, experience level, frequency, fishing style, water body, depth, preferred time of day, goals, target fish, target size, spot priorities, difficulties, travel radius, and your home location (latitude, longitude, and a place name). We use the age range in part to confirm you are old enough to use the App (see Section 13).

4.3 Location Data

The App processes location data in two ways:

  • Saved fishing spots. When you save a spot, we store its coordinates (latitude and longitude), an optional name, a home flag, and the water mode. Your home spot location captured during onboarding is also stored.
  • Device location for scoring. With your permission, the App uses your device location to compute the current Fish Score and to show spots near you.

When you browse the map, the coordinates of the area you are viewing (the map viewport) are sent to two recipients for different purposes: to our backend to look up nearby fishing spots, and to the map provider to render the map tiles.

Precise geolocation is treated as sensitive personal information under certain laws (see Section 10).

4.4 Catch Log and Photos

When you log a catch, we store the entry you create, which may include: an optional photo, the species name (common and, where available, scientific), a confidence flag, whether you corrected the identification, length, weight, notes, lure, the conditions at the time (such as score, temperature, wind, pressure, weather code, and a nickname), the score at catch, the catch time, and the catch location. Catch photos are stored in a private storage bucket and accessed through signed URLs.

4.5 Scanner Photos and AI Coach Content

  • Scanner. When you use the photo species scanner, the image you select or capture is downsized and sent for AI identification. See Section 7 for the AI data flow.
  • AI coach. When you use the coach chat, your message text, recent conversation history, and relevant context (such as the selected spot coordinates, profile preferences, and recent catch data) are sent for an AI-generated response. See Section 7.

4.6 Camera and Photo Library Access

The scanner and catch log let you capture a photo with your camera or choose one from your photo library. The App requests camera and photo-library permission for these features. We only access the specific image you capture or select. You can change these permissions at any time in your device settings.

4.7 AI Usage, Subscription, and Feedback Data

  • AI usage. We track counts of your AI feature usage (scanner identifications and coach messages), including a lifetime total and daily counts, to enforce free-tier limits and prevent abuse.
  • Subscription status. We store your Pro entitlement status, including whether you are Pro and any expiry date.
  • Feedback and suggestions. If you submit feedback or suggest a species from Settings, we store the message, its kind, the species name you suggest, optional notes, the app version, and your account identifier.

4.8 Device, Diagnostic, and Analytics Data

  • Crash and error data. We use a crash and error monitoring service that receives error stack traces, navigation breadcrumbs, app version and build metadata, and a sample of performance data. This data is associated with your account identifier and does not include your name, email, or raw coordinates.
  • Product analytics. We use a product analytics service that receives your account identifier, app version, and event metadata (such as onboarding step progression, feature usage, error codes, quota status, and app lifecycle events). This identifier is the same one that keys your account, so the analytics data is linked to you; it does not include your name, email, or raw coordinates.

4.9 Locally Stored and Cached Data

The App stores data on your device for performance and offline use, including auth session tokens, app preferences, app state (such as your active spot, theme, and view preferences), cached weather and marine forecasts, a queue of writes to retry when you are offline, and an analytics event queue. This data stays on your device except where transmitted as described in this Policy.


Where the GDPR or UK GDPR applies, we rely on the legal bases shown below.

PurposeWhat this involvesLegal basis (GDPR / UK GDPR)
Provide the AppCreate and maintain your account, compute Fish Scores and forecasts, run the scanner and coach, store and sync your spots and catches, deliver Pro featuresPerformance of a contract (Art. 6(1)(b))
Save and use locationStore saved spots and use device location to score nearby conditionsPerformance of a contract (Art. 6(1)(b))
Enforce limits and prevent abuseTrack AI usage counts and apply free-tier capsLegitimate interests (Art. 6(1)(f))
Diagnose and improveCrash and error monitoring, product analyticsLegitimate interests, and consent where required by local law (Art. 6(1)(f)/(a))
Handle feedbackReview feedback and species suggestions you sendLegitimate interests (Art. 6(1)(f))
Manage subscriptionsTrack Pro entitlement statusPerformance of a contract (Art. 6(1)(b))
Legal complianceRespond to lawful requests and enforce our TermsLegal obligation and legitimate interests (Art. 6(1)(c)/(f))

Where we rely on consent, you can withdraw it at any time (see Section 9). Where we rely on legitimate interests, you can object (see Section 9).


6. Who We Share Information With

We work with the service providers below. Except where noted, these providers act as our processors and handle data on our behalf to run the App. Apple acts as an independent controller for App Store account, purchase, and subscription data it processes, under Apple's own privacy policy. We do not sell your personal data and do not share it for cross-context behavioral advertising.

ProviderWhat it receivesPurpose
SupabaseAccount identifier, saved spot coordinates, catch logs (species, date, location, length, weight, notes, photos), profile data, feedback and suggestionsAuthentication, database hosting, private photo storage, and hosting of the edge functions that make AI calls
Open-MeteoLocation coordinates only, sent via our edge functions; no personal identifiersWeather and marine forecast data used for scoring
Google (Gemini)A downsized JPEG image with EXIF metadata stripped server-side, sent via our authenticated edge functionAI fish species identification from photos
Anthropic (Claude)Your coach message text, recent conversation history, selected spot coordinates, profile preferences, and recent catch data, sent via our authenticated edge functionAI fishing coach responses
Google (Maps iOS SDK)Device location and map viewport coordinatesMap rendering and spot visualization
PostHogYour account identifier, app version, and event metadata; no name, email, or raw coordinatesProduct analytics and onboarding funnel analysis
SentryYour account identifier, error stack traces, navigation breadcrumbs, app version, and sampled performance data; no name, email, or raw coordinatesCrash and error monitoring
AppleSign in with Apple data you choose to share; App Store account, in-app purchase, and subscription dataOptional account sign-in and subscription billing (Apple acts as an independent controller)

These providers are located in the United States and other countries (see Section 8). We may also disclose information if required by law, to enforce our Terms, to detect or prevent fraud or abuse, or in connection with a merger, acquisition, or sale of assets.

Some processing happens entirely on your device. For example, when you save a home spot, a single coordinate pair may be reverse-geocoded on-device by Apple's iOS Location framework to create a readable place name, without contacting Apple's servers.

The App also uses open public datasets, including OpenStreetMap, GBIF, and Natural Earth, as inbound sources of map and species reference data. These are not recipients of your personal data.


7. AI Features and Your Content

Two features send your content to third-party AI providers through our backend:

  • Photo species scanner. Your selected image is downsized to a small JPEG and its location metadata is removed before the image is sent to Google's Gemini service for identification. The model returns a structured result, including a species name and a confidence level.
  • AI fishing coach. Your message text, recent conversation history, and relevant context (such as selected spot coordinates and profile data) are sent to Anthropic's Claude service to generate a response.

We send this content to these providers only to return a result to you. Their handling of the content is governed by their own terms and privacy policies. AI outputs may be inaccurate. See our Terms of Service for the binding accuracy and safety disclaimers, summarized in Section 16 below.


8. International Data Transfers

We and our service providers process your data in the United States and other countries outside the EEA and the UK, where data protection laws may differ from those in your country. The providers listed in Section 6, including Supabase, Open-Meteo, Google, Anthropic, PostHog, Sentry, and Apple, are or may be located in the United States and receive data there. Where we transfer personal data out of the EEA or the UK to these recipients, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum where applicable). You can request more information about these safeguards using the contact details in Section 1.


9. Your Privacy Rights

Subject to applicable law, you may have the following rights:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your data ("right to be forgotten").
  • Restrict or object to certain processing, including processing based on legitimate interests.
  • Portability of data you provided to us, where technically feasible.
  • Withdraw consent at any time, without affecting processing already carried out.

How to exercise your rights. You can delete your account and associated data from within the App. You can also email contact@bitecast.fish to make any request. We may need to verify your identity before acting. We respond within the time required by applicable law.

Account and data deletion. The App provides an in-app option to delete your account. When you delete your account, we delete your account record and associated data and initiate deletion of your stored photos. After deletion, residual copies (including any stored photos pending cleanup, and data in backups) may persist for a limited time before being overwritten, and we may retain limited records where required by law.

Complaints. If you are in the EEA or the UK, you have the right to lodge a complaint with your local data protection supervisory authority.


10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the right to know and access the personal information we collect, to delete it, to correct it, to opt out of any "sale" or "sharing" of personal information, to limit the use of sensitive personal information, and not to be discriminated against for exercising these rights.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

In the past 12 months, we have collected the categories described in Section 4, which map to these CCPA categories: identifiers (account identifier, and an optional name and email if you use Sign in with Apple); precise geolocation, which is treated as sensitive personal information; photos and audiovisual information (catch and scanner images); internet and app activity (analytics and diagnostic events); commercial information (subscription status); and inferences from the preferences you provide. We disclose these categories to the service providers listed in Section 6 for the business purposes described in this Policy.

Limiting sensitive personal information. We use sensitive personal information (precise geolocation) only to provide the features you request, such as scoring nearby conditions and saving spots, and not to infer characteristics about you, and we do not sell or share it. To exercise your right to limit the use of your sensitive personal information, or any other California right, email contact@bitecast.fish with the subject line "Limit My Sensitive Personal Information" or describing your request. We will honor your request as required by law. We will not discriminate against you for exercising your rights.

For the retention period of each category, see Section 11.


11. Data Retention

We keep personal data only as long as needed for the purposes in this Policy. By category:

  • Account and authentication data, profile and onboarding answers, saved spots, catch logs, catch and scanner photos, AI usage counts, subscription status, and feedback are retained for as long as your account remains active, and are deleted within a commercially reasonable period after you delete your account, subject to the backup and photo-cleanup note in Section 9 and any legal-retention requirement below.
  • Crash, error, and product analytics data are retained on a rolling basis, typically for up to 12 months, after which they are deleted or aggregated.
  • Cached forecasts and other on-device data persist on your device until you clear them, which you can do by deleting the App.

We may retain limited data longer where required to comply with legal obligations, resolve disputes, or enforce our agreements.


12. Security

We use reasonable technical and organizational measures designed to protect your data, including measures to protect data in transit and to restrict access to user data. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.


13. Children's Privacy

The App is not directed to children, and we do not intend it to be used by anyone under 13 years of age (or under the applicable minimum age in your country, which is between 13 and 16 in the EEA depending on the member state). During onboarding we ask for an age range in part to help confirm you meet the minimum age, and the App is intended only for users who do. We do not knowingly collect personal data from children under that age. If you believe a child has provided us personal data, contact contact@bitecast.fish and we will delete it, including by directing our service providers (such as our analytics and error-monitoring providers, which hold the same account identifier) to delete the associated records.


14. Changes to This Policy

We may update this Policy as the App or the law changes. When we make material changes, we will update the "Last updated" date and may provide additional notice within the App. Your continued use of the App after an update means you accept the revised Policy.


15. App Store Privacy Information

Apple requires app developers to disclose their data practices on the App Store product page (the privacy "nutrition label"). That summary is provided through App Store Connect and is intended to be consistent with this Policy. If you notice any discrepancy, this Policy and the in-app disclosures govern our actual practices.


16. Important Accuracy and Safety Notice

This notice is summarized here for your awareness; the binding terms are in our Terms of Service, which control in the event of any difference.

  • Fish Scores, bite windows, and forecasts are estimates produced by a model from weather and astronomy data. They are not guarantees of accuracy or of fishing success, and results vary.
  • Weather and marine data come from third parties, may be wrong, and must not be relied on for navigation, marine safety, real-time weather warnings, or any emergency or life-safety decision. Always consult official sources such as national weather and marine services, official charts, and the Coast Guard.
  • AI species identification can be wrong, especially at low confidence. Never rely on it to decide whether a fish is safe to eat, or legal to keep. Always confirm the species and any consumption advisories with authoritative local sources.
  • You are solely responsible for legal compliance, including obtaining required licenses and permits and following all catch limits, size limits, seasons, gear rules, protected-species rules, and local, state, national, and international fishing laws.
  • The AI coach provides general information only, not professional, legal, safety, medical, or biological advice, and may be inaccurate.

17. Contact

Questions, requests, or complaints about this Policy or your data:

Ivan Silkin

Email: contact@bitecast.fish

This Policy is governed by the laws of the Republic of Cyprus, without limiting any non-waivable rights you have under the laws of your country of residence.