Surfleaks Privacy Policy
Last updated: 21 June 2026
Surfleaks is an ad-free wind & surf forecast app. We collect as little as possible, never sell your data, run no advertising, and do no third-party or cross-app tracking. We do use first-party, privacy-respecting analytics to understand usage and improve the app (see below). This policy explains what we collect, how we use it, and the controls you have. It applies to the website and the iOS and Android apps.
Information we collect
- Hashed IP address. Your IP is hashed (HMAC-SHA256) before storage and used only for rate limiting and abuse prevention. The raw IP never lands in our database.
- Device token. A random identifier stored on your device, used as a rate-limit key. It is not linked to your identity.
- Content you submit. Comments, reactions, and photo or video uploads. For uploaded photos we strip EXIF metadata (including any embedded GPS) before serving; we use the photo's pixels — not its metadata — to verify it shows the ocean. Video files may retain location metadata recorded by your device, so only record clips you are comfortable sharing.
- Spots you create. If you add a private “friends” spot to a group, its name, the coordinate you place, and any notes you write are stored and shared with the members of that group.
- Approximate location. When you upload a clip at a spot, the app reads your device location to confirm you are near that spot (geofence). Location is used for that check and is not stored as a track of your movements.
- Camera. Used only while you are actively recording a clip to flag a spot. Clips are recorded without audio, and nothing is captured in the background.
- Account profile (only if you sign in). If you sign in with Google or Apple, we store your email and display name for your editable profile. Sign-in is optional for browsing forecasts; it is required to post content.
- Usage analytics & session replay. We use PostHog, a first-party product-analytics tool, to understand how the app is used and to fix problems. It records in-app events (which screens you open, taps) and session recordings of your interactions with the app interface, which may include content shown on screen and text you enter (password fields are masked). This data is first-party — used only to improve Surfleaks; it is never sold, never used for advertising, and never linked with third-party data for cross-app tracking.
How we use your information
- To run the surf-flag, forecast, and map features.
- To rate-limit and prevent abuse (the IP hash and device token are bucket keys, nothing more).
- To moderate content for safety, including the comment text filter and Google Cloud Vision SafeSearch image screening.
- To respond to content reports and enforce our terms.
- To understand how the app is used and to find and fix bugs, via first-party analytics and session replay (PostHog).
How information is shared
We do not sell your data and we serve no ads. We share data only with the service providers that operate the app:
- Supabase — database and authentication hosting.
- Google Cloud — media storage (Cloud Storage) and image moderation (Vision SafeSearch).
- Google and Apple — only if you choose to sign in with them, to authenticate you.
- PostHog — first-party product analytics and session replay, hosted on PostHog Cloud (USA). Used only to operate and improve the app; not for advertising or cross-app tracking.
We may disclose content if required by law or to protect users' safety.
Objectionable content, reporting & blocking
There is zero tolerance for objectionable content or abusive users. Every comment, photo, and video has a “⋯” menu to report it or block the user who posted it. Comments are screened for slurs and abusive language as they are posted, and image and video uploads are screened by Google Cloud Vision SafeSearch. We review reports and remove violating content and the users responsible within 24 hours.
Data retention
- Comments, photos, and videos are retained while the content is live; reported or hidden content is removed.
- Rate-limit keys (IP hash, device token) are short-lived and used only for abuse prevention.
Your choices and rights
- Delete your account. Signed-in users can permanently delete their account and personal data in-app from the profile menu (Delete account). This removes your profile and keys.
- Block users and report content at any time from the “⋯” menu on any item.
- You can browse forecasts without an account.
Children
Surfleaks is not directed to children. Because it allows user-generated content, it is rated for older audiences and is not intended for users under the age required by the applicable app store rating.
Security
Data is transmitted over HTTPS. We minimize what we store, hash IPs, and strip photo metadata before serving. No system is perfectly secure, but we design to collect and retain as little as possible.
Changes to this policy
We may update this policy as the app evolves. Material changes will be reflected here with a new “Last updated” date.
Contact & support
Questions, support requests, or content concerns: [email protected]. We aim to respond within 24 hours.