Privacy Policy

Last Updated: January 20, 2025

Nomad Path ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our hunting and fishing intelligence platform, including our website, mobile applications, and related services (collectively, the "Service").

By using Nomad Path, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

1. Information We Collect

1.1 Information You Provide

Account Information: Email address, username, password, full name, and primary state of residence
Profile Data: Avatar/profile photo, experience level, preferred activities (hunting/fishing), profile visibility settings, and subscription tier
Trip Information: Trip plans, planned dates, duration, target locations, species targeted, equipment checklists, participant information, and completed trip reports
Hunting Preferences: Tag tracking data, species of interest, hunting zone preferences, season alerts, and license information you choose to store
Fishing Preferences: Favorite water bodies, fish species preferences, stocking alert preferences, and fishing location history
User-Generated Content: Posts, comments, photos, ratings, trip logs, and other content you share on our community features
Alert Preferences: Tag availability alerts, fishing stocking notifications, season opening/closing updates, and weather alerts
Payment Information: Billing address and payment method details (processed securely through Stripe; we do not store full card numbers)

1.2 Information Collected Automatically

Usage Data: Pages viewed, features used, search queries, filters applied, maps viewed, and interaction patterns
Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution
Location Data: Approximate location based on IP address for state/county-based recommendations; precise GPS location only with explicit permission for map features
Cookies and Tracking: Session cookies for authentication, preference cookies for settings, and analytics cookies for service improvement
Log Data: Server logs including access times, error logs, and referring URLs

1.3 Information from Third Parties

State Wildlife Agencies: Public hunting season data, tag/license availability, regulations, and fishing stocking reports from Michigan DNR, Minnesota DNR, North Dakota Game and Fish, South Dakota Game Fish and Parks, and Wisconsin DNR
Mapping Services: Geographic boundary data, hunting zone polygons, water body locations, and topographic information from OpenStreetMap and similar providers
Weather Services: Current conditions, forecasts, and weather alerts from third-party weather data providers
Authentication Providers: Basic profile information if you choose to sign in through third-party services (e.g., Google)

2. How We Use Your Information

Provide and Maintain Service: Account management, trip planning tools, interactive maps, tag tracking, and all platform features
Personalized Content: Customized alerts for tags, stocking events, and seasons in your selected states and counties
Location-Based Recommendations: Suggest relevant hunting zones, water bodies, and opportunities based on your location preferences
Weather Integration: Provide weather forecasts and conditions for your planned trip locations
Communications: Service updates, subscription notifications, alert deliveries, and important announcements
Community Features: Display your posts, comments, and ratings to other users (based on your visibility settings)
Analytics and Improvements: Understand usage patterns, identify bugs, and enhance our Service
Security: Detect fraud, prevent abuse, enforce terms of service, and protect user safety
Legal Compliance: Comply with applicable laws, regulations, and legal processes
Marketing: Send promotional content about new features or services (you can opt-out at any time)

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

We may share your information in the following limited circumstances:

With Your Consent: When you explicitly authorize sharing
Public Content: Posts, comments, trip reports, and ratings you make public are visible to other users based on your privacy settings
Service Providers: Trusted third-party vendors who assist with hosting (Vercel), database services (Supabase), email delivery, payment processing (Stripe), error monitoring (Sentry), and analytics - all bound by confidentiality agreements
Business Transfers: In connection with mergers, acquisitions, bankruptcy, or asset sales, with notice to affected users
Legal Requirements: To comply with valid legal processes, court orders, subpoenas, or governmental requests
Safety and Security: To protect rights, property, or safety of Nomad Path, our users, or the public; to investigate potential violations of our terms
Aggregated/De-identified Data: Anonymized, aggregated statistics that cannot reasonably identify you (e.g., "X% of users fish for walleye")

4. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our Service:

Essential Cookies: Required for authentication, security, and basic functionality - cannot be disabled
Preference Cookies: Remember your settings, selected states, and display preferences
Analytics Cookies: Help us understand how users interact with our Service to make improvements

Managing Cookies: You can control cookies through your browser settings. Disabling certain cookies may limit functionality of the Service.

Do Not Track: Our Service does not currently respond to "Do Not Track" browser signals. However, you can opt out of analytics tracking by contacting us.

5. Data Security

We implement industry-standard security measures to protect your information:

Encryption in transit (HTTPS/TLS 1.3) and at rest (AES-256)
Secure authentication with bcrypt-hashed passwords
Row-level security policies in our database
Regular security audits and vulnerability assessments
Access controls limiting employee access to personal data on a need-to-know basis
Secure cloud infrastructure with redundancy, backups, and disaster recovery
Rate limiting and abuse prevention mechanisms

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information using commercially reasonable measures, we cannot guarantee absolute security.

Data Breach Notification: In the event of a data breach that affects your personal information, we will notify affected users within 72 hours of discovery via email and prominent notice on our Service, as required by applicable law.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

Access: Request a copy of your personal information we hold
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and personal data
Portability: Receive your data in a structured, machine-readable format (JSON)
Opt-Out: Unsubscribe from marketing emails or disable certain data collection
Restrict Processing: Limit how we use your information in certain circumstances
Object: Object to certain types of processing
Withdraw Consent: Where processing is based on consent, withdraw that consent at any time

To exercise these rights, please contact us at privacy@nomadpath.net or use the account deletion feature in your account settings. We will respond within 30 days (or sooner as required by law).

7. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you
Right to Delete: Request deletion of your personal information, subject to certain exceptions
Right to Opt-Out of Sale: We do not sell personal information, so this right does not apply
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

Categories of Information Collected: Identifiers (name, email), commercial information (subscription history), internet activity (usage data), geolocation data, and inferences drawn from this information.

To submit a CCPA request, email privacy@nomadpath.net with "CCPA Request" in the subject line. We may need to verify your identity before processing your request.

8. Automated Decision-Making

We use automated processes to provide personalized recommendations and alerts:

Alert Matching: Automatically match tag availability and stocking reports to your preferences
Location Recommendations: Suggest hunting zones and water bodies based on your selected states and past activity
Content Personalization: Display relevant seasons and opportunities based on your interests

These automated processes do not make decisions that produce legal effects or similarly significant effects on you. You can adjust your preferences at any time in your account settings.

9. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy:

Account Data: Retained while your account is active; deleted within 90 days of account deletion request
Trip Data: Retained as long as you maintain your account; deleted with account
Alert Preferences: Retained while your account is active; deleted with account
Posts and Content: Retained unless you delete them or request account deletion
Analytics Data: Individual data deleted after 24 months; aggregated data may be retained indefinitely
Payment Records: Retained for 7 years for tax, legal, and audit compliance
Security Logs: Retained for 12 months for security and fraud prevention

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@nomadpath.net. We will promptly delete such information from our systems.

Users between 13 and 18 years of age may use the Service only with parental or guardian consent and supervision.

11. International Data Transfers

Our Service is hosted in the United States and is intended primarily for users in Michigan, Minnesota, North Dakota, South Dakota, and Wisconsin. If you are accessing our Service from outside the U.S., please be aware that your information may be transferred to, stored, and processed in the United States where data protection laws may differ from your jurisdiction.

By using our Service, you consent to the transfer of your information to the United States. We will take reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

Posting the new Privacy Policy on this page with a new "Last Updated" date
Sending an email notification to your registered email address for significant changes
Displaying a prominent notice on our Service

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries: privacy@nomadpath.net

General Support: support@nomadpath.net

We will acknowledge your inquiry within 5 business days and aim to respond substantively within 30 days.

Review our Terms of Service

Loading

Preparing your outdoor adventure...