Privacy Policy

DerbyFish ("we," "our," or "us") values your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and protect the information you provide while using our mobile application ("App"). By using the App, you agree to the practices described in this Privacy Policy.

Information We Collect

When you use DerbyFish, we may collect the following types of information:

1. Device Permissions

• Camera Access: We request access to your device's camera to enable features such as capturing photos or videos within the App.
• External Storage Access: We request access to your device's external storage to save, retrieve, or manage media files (photos, videos, etc.) generated or used by the App.
• Location Access: We request access to your device's location during derbies to help prevent cheating and verify catches. This is essential for ensuring fair play and accuracy within the App's features.
• Microphone Access: We request access to your device's microphone to enable features such as recording audio during videos or photos within the App.
• Photo Library Access: We request access to your device's photo library for uploading photos or downloading media files within the App. This allows you to select and upload photos to the App, as well as download media content for your use.

2. Automatically Collected Information

• Information about your device, such as its operating system, device model, and unique identifiers, may be collected to improve the App's performance and functionality.

How We Use the Information

The information collected is used to:

• Enable the core functionality of the App (e.g., capturing photos or videos)
• Allow users to save, retrieve, or manage media files on external storage
• Improve the App's performance and user experience
• Provide support and respond to user inquiries

We do not sell, rent, or share your personal information with third parties for marketing purposes.

BAIT (In-App Currency)

BAIT is an in-app consumable used inside DerbyFish to pay for catch verification and related services. For clarity:

• BAIT is not cryptocurrency. It is not a blockchain token, is not held in any external wallet, and is not interoperable with any third-party network.
• BAIT has no cash value. It is not redeemable, refundable, or exchangeable for cash, fiat currency, or any other thing of monetary value outside DerbyFish, except where required by Apple App Store or Google Play store policies governing in-app purchases.
• BAIT is not transferable between user accounts.
• BAIT is purchased through Apple or Google's in-app purchase systems, or earned in-app through activities such as watching rewarded video advertisements or completing community-verification tasks. BAIT balances are stored against the user's profile in DerbyFish's database.
• BAIT consumed during verification is permanently spent and is not restored if a verification fails or is disputed, except per the dispute procedures described in the Terms of Service.

Verified Fishing Sessions (VFS) and Precise Location

A "Verified Fishing Session" (VFS) is a time-bounded session in which DerbyFish captures sensor and location data from the user's device to enable third-party-trustable verification of fishing activity.

• Precise location is sampled only while a VFS is active. When no VFS is running, DerbyFish does not collect precise GPS coordinates from the device, even if the app is foregrounded.
• A VFS is started only with the user's explicit action (tapping "Start Verified Session") and ends when the user ends the session, the session timer expires, or the OS suspends location permission.
• Location samples taken during a VFS are stored against the session record and the resulting catch record(s) and are used to: (a) confirm the catch occurred inside a valid derby/league boundary, (b) detect anti-fraud signals, and (c) populate the FishCard's location field if the user has not chosen to hide it.
• Retention of raw GPS traces: Raw GPS and location traces captured during a VFS are retained for up to 90 days, after which they are deleted or anonymized. This is separate from the single per-catch coordinate embedded in a FishCard: that one coordinate is retained for the life of the associated FishCard and is user privacy-controlled — the angler can hide the catch location so it is not displayed publicly.
• Users may at any time revoke location permission in OS Settings; doing so will prevent further VFS verification but does not affect already-verified catches.

A "Free Session" (FS) is the default mode and does not collect precise location. Catches logged in a Free Session are not eligible for verification.

FishCards (Verification Certificates)

A FishCard is an immutable, versioned digital certificate generated only after a catch is verified. FishCards are stored in DerbyFish's database and are scoped to the issuing user.

• FishCards are immutable snapshots: once minted, the contents of a given card version cannot be altered. Verification upgrades or new league/derby contexts produce a new card version; older versions are preserved.
• FishCards expose a structured list of verified attributes (species, length, weight, location, time, etc.). For each attribute, the user controls a per-item privacy setting (visible / hidden). A hidden attribute is replaced with a "HIDDEN" placeholder when the card is rendered publicly; the underlying value remains in the user's private record.
• Public leaderboards recompute rankings from raw verified data; they do not mutate or expose hidden FishCard attributes.

Photo and Video Evidence

Catch photos and videos submitted for verification are:

• Stored in Supabase (DerbyFish's database and object-storage provider) under access controls that restrict reads to the submitting user, derby/league administrators with a legitimate need, DerbyFish's moderation systems, and DerbyFish staff with appropriate access.
• Used to: (a) verify the catch (including AI-assisted analysis), (b) populate the FishCard's imagery if the user elects, (c) support moderation review by DerbyFish's moderation tooling ("derbyfish-sheriff"), and (d) defend against fraud or abuse disputes.
• Not sold, not shared with advertisers, and not used to train third-party AI models. Catch images sent to OpenAI for catch-validation are sent without account identifiers (see the Apple App Privacy disclosure filed in App Store Connect).

Payments and Stripe

Subscription and one-time purchases initiated through the web (e.g., Compete Badge, Captain Badge, BAIT top-ups via web checkout) are processed by Stripe.

• DerbyFish does not store payment card numbers, full card details, or bank account numbers on its own servers.
• DerbyFish stores only the Stripe customer ID, subscription ID, payment intent / confirmation tokens, and the metadata necessary to reconcile the purchase with the user's account (e.g., last-4 of card for display in receipts as returned by Stripe).
• Purchases made through Apple or Google in-app purchase are handled entirely by Apple or Google; DerbyFish receives only the receipt / purchase token necessary to grant entitlement and never sees the underlying payment instrument.

Third-Party Services

DerbyFish uses the following third-party services, which may collect or process data for analytics, payments, storage, mapping, crash reporting, or functionality improvements. Each is governed by its own privacy policy:

• Supabase — database, authentication, and object storage for your account, catch records, and media.
• Stripe — payment processing for web-initiated subscriptions and purchases.
• PostHog — product analytics and usage measurement.
• Mapbox — map rendering for derby boundaries and catch locations.
• OpenAI — AI-assisted catch validation; catch images are sent without account identifiers.
• Google Analytics and Meta (Facebook) Pixel — aggregate web traffic and marketing-attribution measurement.

For a per-data-type breakdown of what is collected, how it is used, and whether it is linked to you, see our Apple App Privacy disclosure filed in App Store Connect and our Google Play Data Safety form. These store disclosures and this policy are intended to be consistent; in the event of conflict, the store disclosures govern the public representation and this policy will be updated.

Data Security

At AG Farms, we take the protection of your personal data seriously and employ reasonable security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include the use of encryption, secure servers, and other security practices designed to keep your data safe. However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee the absolute security of your data. We strive to implement commercially acceptable security measures, but there are inherent risks associated with the transmission of information over the internet.

Data Storage and Processing:
We store your data on secure servers hosted by trusted service providers, such as Supabase, which employs industry-standard encryption protocols to protect your data during both storage and transmission.

Access Control:
Only authorized personnel have access to your personal data. Access is granted based on the specific needs of our employees or contractors, and is managed through role-based access control systems, including multi-factor authentication (MFA).

Your Choices

You have control over the information and permissions you share with the App. Within your device settings, you can manage the app's access to features like your camera, external storage, location, and more. Please be aware that denying access to certain features, such as the camera or storage, may limit the functionality of the App, preventing certain features from working as intended.

Managing Permissions:
- Camera Access: You can choose to disable the App's camera access. However, doing so may prevent you from using features that require the camera.
- External Storage Access: You can manage access to external storage in your device settings, which may affect how the App saves or loads files from external storage.

Children's Privacy (COPPA)

The minimum age to hold a DerbyFish account is 13. The Service is not directed to, and we do not knowingly collect personal information from, children under 13, and we do not allow under-13 accounts. Anglers aged 13–17 ("Youth") may participate through the free Youth Badge; we encourage parental awareness of a Youth angler's use of the App. Because there are no under-13 accounts and we do not knowingly collect data from children under 13, COPPA verifiable-parental-consent is not required. If we become aware that we have inadvertently collected information from a child under 13, we will take steps to delete that information as soon as possible.

If you believe we have mistakenly collected data from a child under 13, please contact us immediately at team@derby.fish.

Family Youth Badge (Parent-of-Record Model)

DerbyFish offers a Family Youth Badge intended to allow a parent or legal guardian (the "parent-of-record") to log catches on behalf of a minor.

• No child personally identifiable information is collected by DerbyFish. The account is owned by the parent-of-record; the minor does not create credentials, does not have a login, and does not receive direct communications from DerbyFish.
• Catch entries logged under a Family Youth Badge are attributed to the parent-of-record's account, with an optional non-identifying display label (e.g., a first name or nickname chosen by the parent).
• Photographs submitted under a Family Youth Badge are subject to the same evidence handling as adult submissions (see Photo and Video Evidence above). Parents should not include image content that they do not wish to be reviewed by DerbyFish moderation staff.
• DerbyFish takes the position that the Service is not directed to children under 13 and does not knowingly collect personal information from children under 13. No child under 13 holds an account, and the parent-of-record — not the minor — owns and controls the account. Because no child personally identifiable information is collected from a child under 13, COPPA verifiable-parental-consent is not required for the Family Youth Badge.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time in order to reflect changes in our practices, technologies, or legal requirements. Any updates to this policy will be posted within the App, and the revised version will be effective immediately upon posting.

We encourage you to review this Privacy Policy periodically for any updates. Your continued use of the App after any modifications to this policy will signify your acceptance of those changes.

Data Retention and Data Deletion

You have the right to request the deletion of your personal data. You can delete your account directly from inside the app (Settings → Account → Delete Account), or follow the steps on our account deletion instructions page. You may also contact us directly at team@derby.fish. We will promptly process your request in compliance with applicable laws, and we will notify you once your data has been deleted.

Please note that in certain circumstances, we may be required by law to retain certain data for a specific period before it can be fully deleted (for example, transaction records retained for tax, accounting, or anti-fraud purposes, and moderation records retained to prevent ban evasion). Past derby and league leaderboard results may be preserved in anonymized or pseudonymized form for the integrity of the competition record. In such cases, we will inform you of the retention requirements. See our data deletion instructions page for the full breakdown of what is deleted, what is retained, and the applicable retention windows.

Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy, including data deletion or any privacy concerns, please feel free to contact us at:

team@derby.fish