Privacy Policy

Effective date: May 14, 2026  ·  Frontier Forge LLC

ArrowForge ("we", "our", or "us") is developed and operated by Frontier Forge LLC. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what choices you have — including how to delete your account and data.

ArrowForge is designed as a local-first app. The core app is fully functional without an account. An optional account unlocks cloud backup and future Pro features. We collect only what is necessary to provide those services.

1. What information we collect

Without an account (default)

ArrowForge runs entirely on-device with no account required. In this mode:

• Build data — your bow, arrow, archer, and sight setup details (draw weight, arrow weight, spine, goal date, elevation, etc.) are stored locally on your device using AsyncStorage. This data does not leave your device except through the location and elevation lookups described below.
• Location data — if you use the training location or destination search, your search query and approximate coordinates may be sent to Nominatim (OpenStreetMap) for geocoding and to the Open-Elevation API for elevation lookup. These are one-time lookups triggered by your action; we do not store or log your location independently.

No account information, no email address, and no personal identifiers are collected when you use ArrowForge without signing in.

With an optional account

If you choose to create an account, we collect:

• Email address — collected at sign-up via email/password registration or Sign in with Apple. Used to identify your account, send transactional emails (e.g. password reset), and communicate service changes.
• Password — stored as a salted, hashed credential via Supabase Auth. We never store or have access to your plain-text password.
• Build data (server copy) — when signed in, your build data is synced to Supabase so it can be restored if you lose or replace your device. This data includes all bow, arrow, archer, and sight fields you have entered. It does not include your GPS coordinates or device identifiers.
• Account metadata — date your account was created, date of last sign-in, and your account tier (free / Pro). This is used to manage your subscription and support requests.

Sign in with Apple

If you choose Sign in with Apple, Apple authenticates you and may share:

• A unique identifier for your Apple ID (used to link your ArrowForge account)
• Your name (first sign-in only, if you permit it)
• Your email address — either your real address or an Apple-generated relay address, depending on your privacy settings in iOS

We receive only what Apple sends. Apple's identity token is verified server-side; we do not receive your Apple ID password or any payment information. Apple's data practices are governed by the Apple Privacy Policy.

When you use Pro AI features

If you have a Pro subscription and run one of the AI assistants (bow autofill, arrow autofill, arrow recommender, sanity check, launch & impact insight, build score insight, or build plan), a subset of your build data is sent to our Supabase Edge Function, which forwards it to Anthropic's Claude API for processing.

The payload typically includes the field values relevant to the request — bow specs, arrow specs, archer pursuit / farthest distance, computed ballistics (KE, momentum, drop, FOC, spine) and your current Live Settings (range, wind). For the Build Plan synth, it also includes the cached outputs of the other AI features. The payload does not include your email address, account identifier, payment information, or device identifiers.

Each AI surface caches its response on your device against a hash of the payload it sent — pressing the AI button again with the same inputs returns the cached response without making a new network call. This is intentional, both for cost and to limit how often your build data is transmitted.

When you submit feedback

If you tap Profile → Send Feedback, the app sends a row to our database containing:

• The message you wrote, the category you chose (bug / idea / praise / other), the app version, and the device platform (iOS or Android)
• Your email address (so we can reply) and your account identifier
• By default, a snapshot of the build you currently have open — this is the same data described under "Build data" above, including any training / destination location names you have set. You can opt out of attaching the build snapshot before sending; the toggle is on the feedback sheet itself

Feedback rows are visible only to the developer through Supabase's service-role admin tools. They are not shared with third parties and are not used to train any model.

What we never collect

• Precise or continuous GPS location
• Device identifiers (IDFA, IDFV) or advertising IDs
• Analytics or behavioural tracking data
• Crash logs or diagnostics transmitted to us
• Camera, microphone, or contacts access
• Payment card numbers or billing details (handled entirely by Apple App Store and, in future, RevenueCat)

2. How we use your information

We use the information we collect only to:

• Operate the app and provide ballistics calculations entirely on-device
• Resolve training and destination location searches (geocoding + elevation)
• Authenticate your account and keep your session secure
• Sync and restore your build data across devices when you are signed in
• Generate AI-assisted recommendations when you trigger a Pro AI feature
• Triage feedback you send us through the in-app feedback sheet
• Send essential transactional emails (password reset, account confirmation, replies to feedback)
• Respond to support requests you send to us
• Manage your account tier and, in future, subscription status

We do not use your information for advertising, profiling, or sale to third parties — ever.

3. Third-party services

ArrowForge uses a small number of carefully chosen third-party services. We share only the minimum data each service requires.

Nominatim / OpenStreetMap

Used for geocoding when you search for a training location or destination by name. We send your search query and, if you tap "Use my location," your approximate device coordinates. Governed by the OSM Foundation Privacy Policy. No account data is sent to this service.

Open-Elevation

Used to look up elevation (metres above sea level) for a selected coordinate. We send only the latitude and longitude of the chosen location. No account or personal data is sent. Requests are triggered by your explicit location selection.

Supabase

Supabase provides authentication (sign-up, sign-in, password reset, Apple Sign In verification) and cloud database storage for accounts. When you create an account, your email address, hashed password, and build data are stored on Supabase-managed infrastructure hosted on Amazon Web Services (AWS) in us-east-2 (Ohio, USA). Supabase acts as a data processor on our behalf and is bound by a Data Processing Agreement. Governed by the Supabase Privacy Policy.

Apple (Sign in with Apple)

If you use Sign in with Apple, Apple authenticates your identity and passes a verified credential to our server. Apple may share your name and email address per your iOS privacy settings. We do not share any ArrowForge data back to Apple beyond standard App Store analytics that Apple collects from all apps. Governed by the Apple Privacy Policy.

Anthropic (Claude API)

Anthropic powers all Pro AI features. When you trigger one of the assistants, our Supabase Edge Function forwards the request payload (the relevant subset of your build data — see Section 1 for what is included) to Anthropic's Claude API, which returns a response. Our Anthropic API key is held server-side only; it never ships in the app and the device never talks to Anthropic directly.

Per Anthropic's commercial API terms, customer inputs and outputs are not used to train Anthropic's models by default. Anthropic processes data in the United States; their handling is governed by the Anthropic Privacy Policy and the Anthropic Commercial Terms.

No other third-party network requests are made by the app.

All ballistics calculations run entirely on-device. No usage analytics, crash reporters, ad networks, or social SDKs are embedded in ArrowForge.

4. Data storage and security

On-device data

Build data for users without an account is stored in AsyncStorage on your device. It is not encrypted at the application layer but is protected by iOS device encryption (when your device passcode is enabled). Uninstalling the app permanently removes all locally stored data.

Account data

Account credentials (email and hashed password) and synced build data are stored on Supabase's PostgreSQL database hosted on AWS us-east-2. Data is encrypted in transit (TLS 1.2+) and at rest. Authentication session tokens are stored in your device's iOS Keychain via expo-secure-store, which provides hardware-backed secure storage.

What we do not do

• We do not store your plain-text password at any point
• We do not transmit your data to any country outside the United States
• We do not use your build data to train machine-learning models
• We do not sell or rent your data to any third party

5. Data retention

We retain your data for as long as your account is active or as needed to provide the service. Specific retention periods:

• Local build data — stored on your device until you delete it or uninstall the app
• Account and cloud build data — retained until you delete your account
• Authentication logs — Supabase retains sign-in logs for a limited period per their security practices
• In-app feedback rows — retained for up to 2 years to support triage and product improvement, then deleted. Feedback rows are also removed when you delete your account
• AI requests — once Anthropic returns a response, the app caches it on your device against the input hash; Anthropic retains the request for a short period for abuse monitoring per their policy. Cached responses are wiped when you delete your account or uninstall the app
• Support emails — retained for up to 2 years to assist with ongoing issues, then deleted

6. Account and data deletion

Account deletion removes:

• Your email address and authentication credentials from Supabase
• All build data synced to the cloud
• All in-app feedback rows you have submitted
• Your account preferences and subscription record

Deletion does not remove data stored locally on your device. To remove local data, delete the app from your device.

Note: if you signed in with Apple, revoking ArrowForge's access through your Apple ID settings (Settings → Apple ID → Password & Security → Apps Using Apple ID) will sign you out. To also delete your ArrowForge account data, email us as described above.

7. Your rights

Depending on where you live, you may have rights regarding your personal data, including:

• Access — request a copy of the personal data we hold about you
• Correction — ask us to correct inaccurate data
• Deletion — ask us to delete your account and data (see Section 6)
• Portability — request your build data in a structured, machine-readable format
• Objection — object to certain processing of your data

To exercise any of these rights, email arrowforgeapp@tuta.io. We will respond within 30 days. We do not charge a fee for reasonable requests.

California residents: under the CCPA, you have the right to know what personal information is collected, to delete it, and to opt out of sale. We do not sell personal information.

8. Children's privacy

ArrowForge is not directed at children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please email arrowforgeapp@tuta.io and we will delete the account promptly.

9. Changes to this policy

We may update this Privacy Policy as the app evolves — for example, when we add new features, integrations, or subscription tiers. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify signed-in users within the app. Continued use of ArrowForge after changes take effect constitutes acceptance of the updated policy.

The previous version of this policy (effective May 6, 2026) is available on request.

---