Legal
Privacy Policy
Last updated: June 6, 2026
Riffle is built by an angler, for anglers. We collect only what we need to make the app work, we never sell your data, and your fishing spots stay yours.
Who we are
Riffle is operated by Riffle Labs LLC ("we," "us," or "our"). If you have questions about this policy, contact us at hello@riffle.run.
What we collect
We collect only what's necessary to provide the Riffle experience:
- Account information. Your email address and, if you sign in with Apple or Google, the name and profile photo associated with that account.
- Location data. GPS coordinates captured when you log a catch and continuously while a trip is recording. Trip recording uses background location so your route keeps logging when your phone is locked or you're in another app. You can stop recording at any time from the Record tab. Your location is stored under your account and is never shared with other users or third parties.
- Catch and trip data. Species, size, weight, lure, notes, and any other details you choose to enter.
- Photos. Images you take or select from your library when logging a catch. Photos are stored securely in your account.
- Photo library access (optional). If you use the photo import feature, Riffle scans your library on your device using Apple's Vision framework to find photos that look like fish. The scan runs entirely on your phone. No photo data leaves your device during the scan; only photos you choose to import and save to a catch are uploaded.
- Device and usage data. Anonymized crash reports and basic performance data sent to Firebase Crashlytics so we can fix bugs. This does not include your catch, location, or photo data.
- Beta sign-up information. If you apply for beta access via our beta interest form, we collect your name and email address. This information is used only to notify you about beta access and is never shared or sold. You can ask us to remove it at any time by emailing hello@riffle.run.
What we do not collect
- We do not collect your contacts, calendar, or any data outside the Riffle app.
- We do not collect advertising identifiers or track you across other apps or websites.
- We do not sell, rent, or trade your personal data to any third party.
- We do not use your fishing locations or catch data for any purpose other than providing your personal log.
How we use your data
Your data is used solely to:
- Provide and sync your personal Riffle log across your devices.
- Display your trips, catches, and routes within the app.
- Improve app stability and performance using anonymized crash reports.
- Respond to support requests you initiate.
Third-party services
Riffle uses the following third-party services to operate:
- Firebase (Google). Several Firebase services power the core of Riffle. Your data is stored on Firebase's infrastructure. See Firebase's privacy policy.
- Firebase Authentication manages your account and sign-in.
- Cloud Firestore stores your catches, trips, spots, gear, and profile.
- Firebase Storage stores your catch photos.
- Cloud Functions handles email verification, password reset, and email change flows.
- Crashlytics collects anonymized crash reports and basic diagnostics so we can fix bugs. It does not include your catch data, location, or photos.
- Firebase Hosting serves this website and the email action pages at app.riffle.run.
- Google Sign-In. Optional sign-in method. If you use it, Google shares your name, email, and profile photo with Riffle. See Google's privacy policy.
- Sign in with Apple. Optional sign-in method. Apple shares your name and email (or a private relay email address, if you choose to hide your real one).
- Mapbox. Powers all maps in the app, including the live trip map, your saved routes, and detail views. Your device sends GPS coordinates to Mapbox so the right map tiles can be fetched, and the Mapbox SDK collects anonymized telemetry (general location, device type) by default to improve their maps. See Mapbox's privacy policy.
- Apple WeatherKit. Used to fetch weather conditions for your location during a trip. Only your GPS coordinates are sent to WeatherKit, and no personal data is transmitted.
- Apple MapKit. Used only when you tap "Open in Maps" from a saved spot, to hand off directions to Apple Maps.
- Resend. Delivers transactional emails (verification, password reset, email change). Your email address is passed to Resend so the message can be sent. See Resend's privacy policy.
- RevenueCat. If and when you upgrade to Riffle Pro, RevenueCat manages your subscription status. See RevenueCat's privacy policy.
- Tally. Used to collect beta sign-up submissions. Responses are stored on Tally's servers. See Tally's privacy policy.
Data storage and security
Your data is stored in Firebase, which uses industry-standard encryption in transit and at rest. Access to your data is restricted to your account. Other Riffle users cannot see your catches, routes, or photos.
Riffle is designed to work offline. When you're in the field without signal, data is saved locally on your device and synced to your account when you reconnect.
Your rights
You can:
- Access your data. All your catches and trips are visible within the app.
- Export your data. Use the export feature in Settings to download your catches as a CSV file.
- Delete your account. Use the "Delete Account" option in Settings to permanently delete your account and all associated data. This cannot be undone.
- Contact us. Email hello@riffle.run with any privacy questions or requests.
Children's privacy
Riffle is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
Changes to this policy
If we make material changes to this policy, we'll update the date at the top of this page and notify you within the app. Continued use of Riffle after changes are posted constitutes acceptance of the updated policy.
Contact
Questions? We're easy to reach: hello@riffle.run