Privacy Policy
Last updated: May 19, 2026
RiverStoke ("we," "us," or "the app") respects your privacy. This policy explains what information we collect, how we use it, and the rights you have over your data.
1. Information we collect
Account information
- Email address (required for login + transactional email)
- Username + display name
- Optional: first/last name, date of birth, home region, bio, dietary preferences, profile photo
- Hashed password (we never store your password in plain text)
Content you create
- Trips you plan or log (dates, route, crew, plan, journal entries)
- Photos and voice memos you upload
- Boats, gear, meals, and trailers in your kit
- Expenses you record
- Comments and reactions on trips
Automatically collected
- IP address, user-agent (browser/device), referrer URL
- Pages viewed and actions taken in the app (self-hosted first-party analytics — no third-party tracking pixels)
- A persistent cookie (~6 month lifetime) that ties pageviews together as a session
2. How we use your information
- To provide the service: trip planning, crew coordination, statistics
- To send you transactional email (account confirmation, password reset, trip invitations from crew, your annual recap)
- To improve the app — we analyze aggregate usage patterns (most-visited pages, error rates, feature adoption)
- To respond to your support requests
We do not sell your data. We do not run ads. We have no investors who get access to your data.
3. Visibility of your content
You control the visibility of trips and other content via per-trip privacy settings:
- Private — only you and the crew you've added can see the trip.
- Friends-only — your friends on the app can see a summary; only crew see the full detail.
- Public — anyone with the URL can see a summary; only crew see the full detail.
Photos default to crew-only on upload. You can change per-photo visibility anytime.
4. Third-party services
The app uses these vendors under contract to operate:
- Heroku (a Salesforce company) — application hosting
- Amazon Web Services — S3 (file storage), SES (email delivery)
- Anthropic — voice memo transcription, only if you opt in by recording a voice memo
- USGS — public river-flow data; we read, never send your data
- MapLibre / CartoDB — map tiles; map view requests log your IP to those providers per their privacy policies
5. Cookies
We use cookies for two purposes:
- Session cookie — keeps you signed in. Cleared when you log out.
- Visitor cookie — a random token tying pageviews to a session for first-party analytics. No PII, no cross-site tracking.
6. Your rights
- Access — request a copy of your data by emailing privacy@riverstoke.com.
- Correction — edit your profile, trips, and kit directly in the app.
- Deletion — delete your account at any time from your profile settings (or by emailing privacy@riverstoke.com). Deletion is permanent and removes all your trips, photos, and content within 30 days.
- Export — email privacy@riverstoke.com and we'll send you a JSON export of your data within 30 days.
If you're in the EU, UK, or California, you have additional rights under GDPR / CCPA respectively — same request channel.
7. Children
RiverStoke is not intended for users under 13. We do not knowingly collect data from anyone under 13. If we learn we have, we'll delete it.
8. Data retention
We retain your data for as long as your account is active. After account deletion, we purge personal data within 30 days, except where retention is required by law (e.g., financial records for tax compliance).
9. Security
Data is encrypted in transit (TLS 1.2+) and at rest (AES-256 for files in S3; PostgreSQL native encryption for the database). Passwords are hashed with bcrypt. We don't have access to your raw password.
10. Changes to this policy
We'll update the "Last updated" date at the top when the policy changes. Material changes are emailed to all active users before taking effect.
11. Contact
Questions or requests: privacy@riverstoke.com