Last updated: 2026-05-17 Effective: 2026-05-17
FishRadar.AI is published by Linkanlabs (trading name) and operated by Batuhan Küçükçelebi ("we", "us", "FishRadar"), an independent developer based in Romania (European Union). Batuhan Küçükçelebi is the data controller for personal data processed through the FishRadar mobile application.
Contact: [email protected] Country of establishment: Romania (EU member state — General Data Protection Regulation, Regulation (EU) 2016/679, applies) Lead supervisory authority (GDPR Art. 56): Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP) — dataprotection.ro
| Category | Examples | Lawful basis |
|---|---|---|
| Account data | email address, internal user identifier | Contract performance |
| Location data | GPS coordinates while using the app or while a location-based feature you've enabled (such as the anchor alarm or trip tracking) is running | Explicit consent |
| Region preferences | country code derived from your location, language preference, timezone offset | Contract performance / legitimate interest (used to show region-appropriate content and schedule notifications at your local time) |
| Voice and photo input | audio you record by activating voice mode; photos you submit for fish identification — used only to perform the requested feature and discarded after processing | Explicit consent |
| Catch logs | species, weight, length, location, optional photo, optional notes, timestamp | Explicit consent |
| Subscription data | subscriber identifier, entitlement status (Pro / Captain), purchase tokens | Contract performance |
| Diagnostic data | crash reports, device model, operating-system version | Legitimate interest |
| Device permissions metadata | photo-library / camera / notification grant state | Contract performance |
| Consent audit data | the IP address and device class associated with each consent grant or withdrawal — retained 24 months | Legitimate interest (defending against fraudulent consent claims; GDPR Art. 7 evidentiary obligations) |
| Map-interaction tile coordinates | latitude / longitude of tapped map pins, quantised to ~100m precision, paired with the requested fishing mode (saltwater-shore / saltwater-boat / freshwater-shore / freshwater-boat). Stored in a rolling sorted set capped at the 5,000 most-recent taps server-wide and naturally expires within 24–48 hours. Used to pre-warm cached fishing-zone data for popular areas. Not linked to your user identifier. | Legitimate interest (system performance — GDPR Art. 6(1)(f); KVKK Art. 5(2)(f)) |
| First-party analytics session identifier | A randomly-generated UUID (e.g. f47ac10b-58cc-4372-a567-0e02b2c3d479) created on the device when you first open the app, stored locally on your device, and rotated whenever you turn analytics off. Sent alongside non-personal event data (screen names, button taps, region quantised to whole degrees) to our own servers in the EU for product and funnel analysis. Never combined with your email or account identifier, never shared with any third party, never used to track you across other apps. This is NOT an advertising identifier (IDFA / AAID). Because it is anonymous and first-party only, it is enabled by default; you can turn it off at any time in Settings → "Share anonymous usage data". |
Legitimate interest (anonymous, first-party product analytics — GDPR Art. 6(1)(f); KVKK Art. 5(2)(f); no consent required as no personal data or cross-app tracking is involved) |
| Crash-report account link | When you opt in to "analytics" during onboarding, your account identifier is attached to crash reports so we can de-duplicate and prioritise fixes affecting your account. If you decline, crash reports arrive anonymously. | Explicit consent (opt-in; defaults to OFF) |
We do not collect: contacts, browsing history, advertising identifiers (IDFA / AAID), biometrics, health data, or payment-instrument data (payments are handled by Apple / Google — we never see card numbers).
FishRadar uses the following open-data geographic sources under their respective licences:
We do not sell or share personal data for cross-context behavioural advertising (CCPA/CPRA compliant). We do not use your personal data to train machine-learning models without separate explicit consent.
We use carefully selected service providers under signed Data Processing Agreements (DPAs) to operate FishRadar. We disclose them by category rather than name to limit operational disclosure; the specific list is available on request to [email protected].
| Category | Purpose | Region | Transfer mechanism |
|---|---|---|---|
| Authentication, database, and file-storage provider | Account management, catch storage, photo hosting | EU / US | GDPR SCCs + EU-US Data Privacy Framework |
| Generative-AI provider | Voice transcription and photo-based species identification (input is discarded after the request is fulfilled) | US | GDPR SCCs + EU-US DPF (your explicit consent for audio/photo as Art. 9 alternative) |
| Subscription-management provider | Receipt validation; entitlement webhook | US | GDPR SCCs |
| Identity provider (only if you choose Sign in with Apple) | Identity assertion, revocation at account deletion | US | Provider's standard processor terms |
| Crash-monitoring provider | Crash and error diagnostics | EU | EU processing |
| Marine, weather, and astronomical data providers | Lat/lon-only requests for scoring inputs (no personal data) | EU / US | No personal data transferred |
| Map and reverse-geocoding providers | Map rendering and place lookups | EU / US | GDPR SCCs |
| Cloud hosting and edge-network provider | Backend hosting and content delivery | EU | EU processing |
| Web analytics provider | Anonymised, cookie-free page-view analytics on the fishradar.ai marketing website. No personal data is collected; no cross-site tracking. | EU | EU processing |
DPAs are in place with all sub-processors. The current named list is available on written request.
Some of our service providers are located in the United States. Transfers to such providers are governed by the EU Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework. For users in Türkiye, transfers to the US occur on the basis of explicit consent under KVKK Art. 9, or under approved transfer mechanisms.
Under GDPR (EU/UK including Romania), KVKK (Türkiye), and CCPA/CPRA (California), you have the right to:
Exercise these rights in-app via Settings → Privacy & Data:
California residents: Under CCPA/CPRA you have the right to know, delete, correct, and opt-out of sale/sharing. FishRadar does not sell or share personal information.
FishRadar is not directed at children under 16 (in EU/Türkiye) or under 13 (in the US/UK). We do not knowingly collect data from children. Parents who believe their child has provided data should contact [email protected] for immediate deletion.
We apply industry-standard security controls:
No system is perfectly secure; we will notify affected users and the relevant supervisory authority of any breach within the timeframes required by applicable law.
We will notify you in-app at least 14 days before any material change takes effect. Continued use after the effective date constitutes acceptance.
FishRadar.AI is operated by Batuhan Küçükçelebi (Romania). For a Turkish-language version (Aydınlatma Metni) see privacy-policy.tr.md.