Privacy Policy

Effective date: June 14, 2026  ·  Frontier Forge LLC

ArrowForge ("we", "our", or "us") is developed and operated by Frontier Forge LLC. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what choices you have — including how to delete your account and data.

ArrowForge is designed as a local-first app. The core app is fully functional without an account. An optional account unlocks cloud backup and future Pro features. We collect only what is necessary to provide those services.

1. What information we collect

Without an account (default)

ArrowForge runs entirely on-device with no account required. In this mode:

• Build data — your bow, arrow, archer, and sight setup details (draw weight, arrow weight, spine, goal date, elevation, etc.) are stored locally on your device using AsyncStorage. This data does not leave your device except through the location and elevation lookups described below.
• Location data — if you use the training location or destination search, your search query and approximate coordinates may be sent to Nominatim (OpenStreetMap) for geocoding and to the Open-Elevation API for elevation lookup. These are one-time lookups triggered by your action; we do not store or log your location independently.

No account information, no email address, and no personal identifiers are collected when you use ArrowForge without signing in. The only data that leaves your device in this mode is the location/elevation lookups above and the consent record described below — which uses a random per-install identifier, not your identity.

With an optional account

If you choose to create an account, we collect:

• Email address — collected at sign-up via email/password registration or Sign in with Apple. Used to identify your account, send transactional emails (e.g. password reset), and communicate service changes.
• Password — stored as a salted, hashed credential via Supabase Auth. We never store or have access to your plain-text password.
• Build data (server copy) — when signed in, your build data is synced to Supabase so it can be restored if you lose or replace your device. This data includes all bow, arrow, archer, and sight fields you have entered. It does not include your GPS coordinates or device identifiers.
• Account metadata — date your account was created, date of last sign-in, and your account tier (free / Pro). This is used to manage your subscription and support requests.
• Subscription and purchase status — if you subscribe to ArrowForge Pro, we and our subscription provider (RevenueCat) record your subscription status, plan, and renewal/expiry date, keyed to your ArrowForge account identifier, so we can unlock Pro features and restore them across your devices. The actual payment (Apple Account billing) is processed entirely by Apple — we never see or store your payment card details.

Consent records (with or without an account)

When you accept our Terms of Service and Privacy Policy, we store a record of that acceptance so we can demonstrate, if ever required, that consent was given. This applies whether or not you have an account. Each record contains:

• A random per-install identifier we generate (a UUID stored on your device) — this is not your name, email, or a hardware/advertising identifier (IDFA/IDFV), and it cannot be used to identify you personally
• The versions of the Terms and Privacy Policy you accepted, and the links to those documents
• The date and time of acceptance (recorded by our server)
• Your device platform, OS version, and the app version
• Your account identifier, only if you are signed in at the time

We deliberately do not store your IP address or any browsing/usage activity in these consent records. They are kept as an append-only log for legal compliance and are not used for analytics, profiling, or advertising.

Sign in with Apple

If you choose Sign in with Apple, Apple authenticates you and may share:

• A unique identifier for your Apple ID (used to link your ArrowForge account)
• Your name (first sign-in only, if you permit it)
• Your email address — either your real address or an Apple-generated relay address, depending on your privacy settings in iOS

We receive only what Apple sends. Apple's identity token is verified server-side; we do not receive your Apple ID password or any payment information. Apple's data practices are governed by the Apple Privacy Policy.

Sign in with Google

If you choose Sign in with Google (available on Android), Google authenticates you and shares a unique identifier for your Google account and your email address. We receive only what Google sends; we do not receive your Google password or any payment information. Google's data practices are governed by the Google Privacy Policy.

When you use Pro AI features

If you have a Pro subscription and run one of the AI assistants (bow autofill, arrow autofill, arrow recommender, sanity check, launch & impact insight, build score insight, or build plan), a subset of your build data is sent to our Supabase Edge Function, which forwards it to Anthropic's Claude API for processing.

The payload typically includes the field values relevant to the request — bow specs, arrow specs, archer pursuit / farthest distance, computed ballistics (KE, momentum, drop, FOC, spine) and your current Live Settings (range, wind). For the Build Plan synth, it also includes the cached outputs of the other AI features. The payload does not include your email address, account identifier, payment information, or device identifiers.

Each AI surface caches its response on your device against a hash of the payload it sent — pressing the AI button again with the same inputs returns the cached response without making a new network call. This is intentional, both for cost and to limit how often your build data is transmitted.

When you submit feedback

If you tap Profile → Send Feedback, the app sends a row to our database containing:

• The message you wrote, the category you chose (bug / idea / praise / other), the app version, and the device platform (iOS or Android)
• Your email address (so we can reply) and your account identifier
• By default, a snapshot of the build you currently have open — this is the same data described under "Build data" above, including any training / destination location names you have set. You can opt out of attaching the build snapshot before sending; the toggle is on the feedback sheet itself

Feedback rows are visible only to the developer through Supabase's service-role admin tools. They are not shared with third parties and are not used to train any model.

What we never collect

• Precise or continuous GPS location
• Device identifiers (IDFA, IDFV) or advertising IDs
• Analytics or behavioural tracking data
• Crash logs or diagnostics transmitted to us
• Camera, microphone, or contacts access
• Payment card numbers or billing details (handled entirely by Apple App Store or Google Play Store billing systems)

2. How we use your information

We use the information we collect only to:

• Operate the app and provide ballistics calculations entirely on-device
• Resolve training and destination location searches (geocoding + elevation)
• Authenticate your account and keep your session secure
• Sync and restore your build data across devices when you are signed in
• Generate AI-assisted recommendations when you trigger a Pro AI feature
• Triage feedback you send us through the in-app feedback sheet
• Send essential transactional emails (password reset, account confirmation, replies to feedback)
• Respond to support requests you send to us
• Manage your account tier and, in future, subscription status

We do not use your information for advertising, profiling, or sale to third parties — ever.

3. Third-party services

ArrowForge uses a small number of carefully chosen third-party services. We share only the minimum data each service requires.

Nominatim / OpenStreetMap

Used for geocoding when you search for a training location or destination by name. We send your search query and, if you tap "Use my location," your approximate device coordinates. Governed by the OSM Foundation Privacy Policy. No account data is sent to this service.

Open-Elevation

Used to look up elevation (metres above sea level) for a selected coordinate. We send only the latitude and longitude of the chosen location. No account or personal data is sent. Requests are triggered by your explicit location selection.

Supabase

Supabase provides authentication (sign-up, sign-in, password reset, Apple Sign In verification) and cloud database storage for accounts. When you create an account, your email address, hashed password, and build data are stored on Supabase-managed infrastructure hosted on Amazon Web Services (AWS) in us-east-2 (Ohio, USA). Supabase acts as a data processor on our behalf and is bound by a Data Processing Agreement. Governed by the Supabase Privacy Policy.

Apple (Sign in with Apple / App Store)

If you use Sign in with Apple, Apple authenticates your identity and passes a verified credential to our server. Apple may share your name and email address per your iOS privacy settings. We do not share any ArrowForge data back to Apple beyond standard App Store analytics that Apple collects from all apps. Governed by the Apple Privacy Policy.

Google (Sign in with Google / Google Play)

If you use Sign in with Google on Android, Google authenticates your identity and passes a verified credential to our server. Google shares your unique account identifier and email address. We do not share any ArrowForge data back to Google beyond standard Play Store analytics that Google collects from all apps. Governed by the Google Privacy Policy.

Anthropic (Claude API)

Anthropic powers all Pro AI features. When you trigger one of the assistants, our Supabase Edge Function forwards the request payload (the relevant subset of your build data — see Section 1 for what is included) to Anthropic's Claude API, which returns a response. Our Anthropic API key is held server-side only; it never ships in the app and the device never talks to Anthropic directly.

Per Anthropic's commercial API terms, customer inputs and outputs are not used to train Anthropic's models by default. Anthropic processes data in the United States; their handling is governed by the Anthropic Privacy Policy and the Anthropic Commercial Terms.

RevenueCat

RevenueCat manages ArrowForge Pro subscriptions. When you view or purchase a subscription, the RevenueCat SDK in the app communicates with RevenueCat's servers to fetch subscription offerings and to validate and track your entitlement. RevenueCat is provided with your ArrowForge account identifier (used as its app user ID) and the subscription/transaction details returned by the App Store; it is not given your email, build data, or payment card details. RevenueCat processes data in the United States; their handling is governed by the RevenueCat Privacy Policy.

Embedded SDKs and other network requests

All ballistics calculations run entirely on-device. The only embedded third-party SDK that makes network requests is RevenueCat (subscription management, described above). No usage analytics, crash reporters, ad networks, or social SDKs are embedded in ArrowForge.

4. Data storage and security

On-device data

Build data for users without an account is stored in AsyncStorage on your device. It is not encrypted at the application layer but is protected by your device's built-in encryption when a passcode, PIN, or biometric lock is enabled (iOS data protection on Apple devices; file-based encryption on Android devices). Uninstalling the app permanently removes all locally stored data.

Account data

Account credentials (email and hashed password) and synced build data are stored on Supabase's PostgreSQL database hosted on AWS us-east-2. Data is encrypted in transit (TLS 1.2+) and at rest. Authentication session tokens are stored in your device's secure storage via expo-secure-store — iOS Keychain on Apple devices and Android Keystore-backed storage on Android devices — which provides hardware-backed secure credential storage on both platforms.

Security breach notification

In the event of a security breach that compromises your personal data, we will notify you and any applicable regulatory authorities as required by applicable law. For Colorado residents, this means notification within 30 days of our becoming aware that a breach has occurred. Notification will be provided to the email address associated with your account. Where no account email is available, we will provide notice through a prominent posting in the app or on our website. Our notice will describe: the nature of the breach, the categories of data affected, the steps we are taking to address it, and the steps you can take to protect yourself.

What we do not do

• We do not store your plain-text password at any point
• We do not transmit your data to any country outside the United States
• We do not use your build data to train machine-learning models
• We do not sell or rent your data to any third party

5. Data retention

We retain your data for as long as your account is active or as needed to provide the service. Specific retention periods:

• Local build data — stored on your device until you delete it or uninstall the app
• Account and cloud build data — retained until you delete your account
• Authentication logs — Supabase retains sign-in logs for a limited period per their security practices
• In-app feedback rows — retained for up to 2 years to support triage and product improvement, then deleted. Feedback rows are also removed when you delete your account
• AI requests — once Anthropic returns a response, the app caches it on your device against the input hash; Anthropic retains the request for a short period for abuse monitoring per their policy. Cached responses are wiped when you delete your account or uninstall the app
• Support emails — retained for up to 2 years to assist with ongoing issues, then deleted

6. Account and data deletion

Account deletion removes:

• Your email address and authentication credentials from Supabase
• All build data synced to the cloud
• All in-app feedback rows you have submitted
• Your account preferences and subscription record

Deletion does not remove data stored locally on your device. To remove local data, delete the app from your device.

Note: if you signed in with Apple, revoking ArrowForge's access through your Apple ID settings (Settings → Apple ID → Password & Security → Apps Using Apple ID) will sign you out. To also delete your ArrowForge account data, email us as described above.

7. Your rights

Depending on where you live, you may have rights regarding your personal data, including:

• Access — request a copy of the personal data we hold about you
• Correction — ask us to correct inaccurate data
• Deletion — ask us to delete your account and data (see Section 6)
• Portability — request your build data in a structured, machine-readable format
• Objection — object to certain processing of your data

To exercise any of these rights, email support@frontierforgellc.com. We will respond within 30 days. We do not charge a fee for reasonable requests.

California residents (CCPA)

Under the California Consumer Privacy Act, California residents have the right to know what personal information is collected about them, to delete it, to correct it, and to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at support@frontierforgellc.com. We will not discriminate against you for exercising any CCPA rights.

Colorado residents (Colorado Privacy Act)

Under the Colorado Privacy Act (CPA), Colorado residents have the right to opt out of the processing of personal data for targeted advertising, the sale of personal data, and profiling in furtherance of decisions with legal or similarly significant effects. We do not engage in any of these activities. Colorado residents also have the right to appeal our response to a data rights request: if we deny your request, we will explain why in writing, and you may submit an appeal to support@frontierforgellc.com within 30 days. If your appeal is denied, you may contact the Colorado Attorney General's office for further review.

EEA, UK, and Switzerland (GDPR)

If you access the Service from the European Economic Area, United Kingdom, or Switzerland, the GDPR or equivalent legislation may apply to our processing of your personal data. Our legal basis for processing is performance of a contract (to provide the Service you signed up for) and our legitimate interests (security, fraud prevention, and improving the Service). In addition to the rights listed above, you have the right to restrict processing of your personal data and the right to lodge a complaint with your local data protection supervisory authority.

When you use ArrowForge from the EEA, UK, or Switzerland, your personal data is transferred to and processed in the United States, which the European Commission has not found to offer equivalent data protection to the EEA. We rely on Standard Contractual Clauses (SCCs) adopted by the European Commission to provide appropriate safeguards for these transfers, including through our data processors (Supabase and Anthropic). For questions about cross-border transfers or to request a copy of the applicable transfer mechanisms, contact us at support@frontierforgellc.com.

8. Children's privacy

ArrowForge is not directed at children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please email support@frontierforgellc.com and we will delete the account and all associated data promptly, without charge.

Users aged 13–17: A parent or legal guardian must agree to these Terms and this Privacy Policy before a user under 18 may access the Service. We do not use personal information from users under 18 for any purpose beyond operating the Service — no advertising, no profiling, no sale to third parties. A parent or guardian may contact us at support@frontierforgellc.com at any time to:

• Review the personal information we hold about their child
• Request correction of inaccurate information
• Request deletion of their child's account and all associated data
• Withdraw consent for ongoing data collection

We will respond to parental requests within 30 days and will not require a fee for reasonable requests.

Given that archery and bowhunting involve inherently dangerous equipment, we strongly encourage parents and guardians of users under 18 to actively participate in all equipment decisions informed by the app and to ensure appropriate adult supervision whenever their child handles archery equipment. The Service is an informational tool only — it is not a substitute for qualified, in-person adult supervision.

9. Changes to this policy

We may update this Privacy Policy as the app evolves — for example, when we add new features, integrations, or subscription tiers. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify signed-in users within the app. Continued use of ArrowForge after changes take effect constitutes acceptance of the updated policy.

The previous version of this policy (effective June 6, 2026) is available on request.

---