TL;DR — The Short Version
- What we collect: Account info, GPS location (while checked in to a stand — for hunter safety), photos, and chat messages.
- Why: To run the app and keep hunters safe in the field.
- Who sees it: Your club members (by design) and our infrastructure providers (Supabase, Mapbox, etc.).
- What we don't do: Sell your data, target ads at you, or track you outside the app.
Questions? Email privacy@hunt-club.cc
1. Information We Collect
A. Information You Provide
- Account data — Email address and password. Passwords are hashed and never stored in plaintext.
- Profile data — Display name, avatar photo, and phone number. All optional.
- Club membership — Which clubs you join and your assigned role (Owner, Admin, Member, or Guest).
- User-generated content — Chat messages, harvest logs, stand notes, event RSVPs and comments, photos, poll questions and votes, and reactions.
B. Information Collected Automatically
| Data Type | When Collected | Details |
|---|---|---|
| Check-in GPS | When you check in or out of a stand | Foreground only; shared with club members for hunter safety |
| Location ping | At check-in | Single foreground reading recorded when you check in; shared with club members |
| Trail recording GPS | During active trail recording | Background location only while recording; stops when you tap Save or Cancel |
| Auto check-in proximity | When enabled in Settings | Foreground only; opt-in feature |
| Harvest GPS | When logging a harvest | Single foreground location reading |
| Device info | On app launch | OS, app version — for crash diagnostics |
C. Information From Third Parties
None. We do not purchase or receive data from data brokers or other third-party sources.
2. How We Use Your Information
- Provide the service — Authenticate you, display club content, manage stands and reservations, and enable safety tracking.
- Hunter safety — Share your real-time check-in status and location with fellow club members.
- Communications — Transactional emails such as club invitations and email confirmation.
- Weather — Pass map coordinates to Open-Meteo for local forecasts.
- Improve the service — Aggregated crash reports and anonymized analytics.
- Legal compliance — Retain records as required by applicable law.
We do NOT:
- Use your data for advertising or ad targeting
- Sell your data to data brokers or third parties
- Build profiles for third-party marketing
- Perform automated decision-making that produces legal effects on you
3. How We Share Your Information
A. With Your Club Members
Sharing with club members is a core function. Club members can see your display name, avatar, check-in status, location while checked in, harvest logs, chat messages, event RSVPs, and reservations.
B. With Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase (US) | Database, authentication, file storage | All app data; encrypted at rest and in transit |
| Mapbox | Map tile rendering | Device location for map centering |
| Open-Meteo | Weather forecasts | Latitude/longitude of map center |
| Resend | Email delivery | Recipient email, club name, inviter name |
C. Legal Requirements
We may disclose your information if required by law, subpoena, or court order, or to protect the safety of our users or the public.
4. Data Retention
Background member locations are auto-purged after 6 hours. Stale check-ins auto-checkout after 24 hours. Club invite tokens expire after 7 days. Your account data is retained until you delete your account.
5. Your Rights & Choices
- Access — Request a copy of your personal data
- Deletion — Delete your account and associated data
- Location controls — Disable background sharing in settings
- Content removal — Delete harvest logs, event comments, reservations, and reactions yourself
EU/EEA/UK users have additional GDPR rights (rectification, portability, restriction, objection). California residents have CCPA/CPRA rights. Email privacy@hunt-club.cc to exercise any rights. We respond within 30 days.
6. Data Security
- All communication uses TLS/HTTPS
- Data encrypted at rest on Supabase infrastructure
- Row-Level Security (RLS) on every database table
- JWT-based sessions with automatic token refresh
- Passwords hashed; never stored in plaintext
- Service role keys restricted to server-side processes
7. Children's Privacy
HuntClub is intended for users aged 13 and older (16 in the EU). We do not knowingly collect personal information from children under 13. Contact privacy@hunt-club.cc if you believe a child has provided us with personal information.
8. International Data Transfers
HuntClub is operated from the United States. Data is stored on Supabase infrastructure in the US. EU/EEA/UK data is transferred under Standard Contractual Clauses (SCCs).
9. Changes to This Policy
We may update this policy from time to time. For material changes, we will provide at least 30 days notice via in-app notification or email. Continued use constitutes acceptance.
10. Contact Us
For privacy questions or data requests, email privacy@hunt-club.cc. We respond within 30 days.