The promise
You can use Bassai without signing in, without creating an account, and without giving us an email. The app is designed so that the smallest possible amount of data about you leaves your device, and the data that does leave is scoped to the specific service that needs it. Photo filenames and the notes you type for yourself never leave the phone in any pipeline.
What stays on your device
Bassai stores your log on your iPhone. If you use iCloud Backup, your Bassai data may be included when your iPhone is backed up and restored. Bassai does not currently provide cross-device iCloud sync.
- Your trips, including the GPS path recorded while a trip is live.
- Your catches: species, weight, length, lure, gear, time, photos.
- Your spots, their coordinates, and any free-text notes you attach.
- On-device results from the weight reader (text recognition) and the fish classifier (image recognition). Both run entirely on your iPhone.
None of the above is uploaded to a Bassai server. The opt-in cloud features described in the next section — Chat with Hank, remote push delivery (for the now-dormant Plus trip reminders), and Live Trip condition alerts — send only the specific data listed there; never the raw library, never the free-text notes you attach to catches and spots, never photo filenames, and never your precise location (trip reminders send only an approximate, rounded water-area coordinate; condition alerts send only an approximate, rounded current-area coordinate).
What leaves the device — unavoidably
To enrich a catch with weather, water conditions, tide, and lake
name, Bassai pulls from four public scientific APIs. Some are
reached directly from your device; weather and water-body lookups
flow through Bassai's own proxy at bassai.com, which
does not pass your IP to the upstream provider. Each request carries
only the minimum needed to answer it, and none of them carry an
identifier we could use to build a profile of you.
Lake Fork). The bassai.com proxy caches the looked-up name (or "no nearby named water body" marker) in a durable third-party Redis store (Upstash, US-East-1, accessed via the Vercel Marketplace integration) so repeated lookups for the same area don't re-pay OSM round-trips. Cache entries expire after 30 days. The cache key is a rounded approximation of your coordinate (~1 km bucket) plus the search radius; raw GPS is not stored in the durable cache. The cache value is only the public OSM lake name or a null-result marker — never trip photos, notes, catch records, or user identifiers.
These calls are necessary for the core feature of the app — attaching real weather and water conditions to a catch. If you disable them, Bassai still works as a logbook; it just won't record conditions.
About your IP address
Any network request made from your iPhone carries your IP address — that's how the internet works. Under European and Californian privacy law an IP is treated as personal data, so we want to be precise about who sees yours when Bassai makes a request on your behalf.
bassai.com proxy. The proxy terminates the TLS connection from your device and forwards to the upstream service from its own IP — your IP is not passed along, and we do not write it to any persistent log on the proxy. For abuse prevention, Bassai may use a short-lived hashed identifier derived from request metadata such as IP address to rate-limit public endpoints. We do not store raw IP addresses for this purpose, and this data is not used for advertising or tracking.
bassai.com push endpoints. As with our other public endpoints, your IP is used only transiently for abuse-prevention rate-limiting (a short-lived salted hash, never stored raw) and is never written to a persistent log alongside the token or coordinate.
nako.ai proxy. The proxy terminates the TLS connection from your device and forwards to the upstream provider (Google Gemini, PostHog) from its own IP — your IP is not passed along, and we do not write it to any persistent log on the proxy.
$ip set to an empty string and $geoip_disable set to true, so PostHog's ingester discards the IP and skips GeoIP enrichment even if the proxy were bypassed. No country, no city, no IP-derived profile is built for you.
In plain English: Bassai's own servers never link an IP to your catches; the scientific APIs Bassai contacts directly (USGS, NOAA) see an IP but not who you are; and Open-Meteo, water-body, AI, and analytics traffic all flow through our proxies, which do not pass your IP to the upstream provider.
What leaves the device — only with your consent
Each of these stays under your control. Cloud AI (Chat with Hank) and analytics have their own toggles in Settings; trip reminders are no longer offered in the app — the "Remind Me" control has been removed, and the dormant delivery mechanism is described below; Live Trip condition alerts are controlled by their own switch inside the Live Trip screen (off by default) and the same notification permission. You can turn any of them off at any time, and turning one off doesn't affect the others.
Trip reminders · push delivery (not currently offered)
Trip reminders are not currently offered in the Bassai app.
The "Remind Me" control has been removed, so you can no longer turn them on
and the app no longer registers new devices for them. We still describe the feature here
because its delivery mechanism is retained but dormant, and a device that
opted in while it was available may still be registered. This is what a trip
reminder involved: it was a Bassai Plus feature you started by tapping
"Remind Me" on a Trip Opportunity card, and opting in
registered your device by sending a small, fixed payload to its
bassai.com server:
- an Apple push token — a delivery-routing identifier Apple issues so a notification can reach this specific device;
- a one-way hashed install identifier, your time zone, the app version, and that you hold Plus;
- an approximate, 0.1°-rounded coordinate for the general area of your saved water (roughly an ~11 km grid cell) so the server can check that water's weekend forecast. This is an approximate water-area location — not your precise position and not a fishing spot.
That was the entire payload. Bassai did not send your photos, catch or spot notes, exact spots, live GPS route, water names, trip history or counts, raw install identifier, email, or Apple ID. The push token is a delivery address — it is not an advertising identifier and is never used to build a tracking or advertising profile. To deliver a reminder to a device that is still registered, Bassai may send a generic notification request to Apple's Push Notification service (APNs) using that push token. The notification text is generic ("Saturday is a good day to fish.") — the APNs request does not include exact GPS, water names, catches, notes, photos, trip history, raw install identifier, email, or Apple ID. Because the in-app "Remind Me" control has been removed, no new reminders can be enabled from the app.
Live Trip condition alerts · weather checks
Condition Alerts is an opt-in switch inside the Live Trip screen,
off by default — starting a trip does not turn it on.
While the switch is on and a trip is recording, Bassai periodically (at
most once every 20 minutes) asks its bassai.com weather
proxy for the next hour's forecast near you, and if the forecast shows
hard rain moving in or wind building, your iPhone shows you a
notification. The request sends only an approximate,
0.01°-rounded coordinate for your current general area (roughly
a ~1 km grid cell) — not your precise GPS position,
and not your route. This is a separate, finer-grained check than the
0.1° water-area coordinate a Plus trip reminder registered (described
above): condition-alert coordinates are used transiently to answer the
forecast request and are not registered or stored with
a push token.
The alert itself is generated and shown locally on your device — no push token, no server registration, no Apple Push Notification service involvement, and nothing else is sent: no GPS route, no catches, no spots, no notes, no photos, no water names. Your live-trip breadcrumb path stays on your device exactly as described below. Flip the switch off (or end the trip) and the checks stop.
Chat with Hank · conversational AI
The chat surface inside Bassai sends what you type, prior Hank
chat context, and a small profile Hank maintains on this
device — your experience level, fishing style, target species,
preferred lakes, budget range, and any free-text notes Hank
keeps about your preferences from your conversations — to our
nako.ai proxy, which forwards it to Google's Gemini
model. The chat content, prior context, and profile are required
for Hank to answer in context. Visible trip or catch details from
the page you started chat from may also be sent so Hank can answer
about that trip or catch; those details are a fixed set of
structured fields (such as weather, water, gear, and conditions)
and never include the free-text notes you attach to catches or
spots. We do not send raw GPS, photo filenames, or trip / catch
identifiers in chat requests. Because Chat with Hank is opt-in,
turning it on means your chat messages and that saved profile —
including any profile notes Hank keeps — are sent to Google's
Gemini through our proxy; you can disable Chat with Hank at any
time in Settings → Controls, which stops chat data from
leaving your device.
Analytics · PostHog
If you leave analytics enabled, Bassai sends structured event
payloads to PostHog
so we can see which features get used and where the app is
failing. Event properties are booleans, enum values, numeric
counts, and randomly-generated UUIDs (trip_id,
catch_id, share_id) used only to
correlate steps in a flow. Event properties are never raw
GPS, never free-text notes, never photo filenames. Every
event also carries $ip="" and
$geoip_disable=true so PostHog's ingester discards
the IP and skips GeoIP — we don't learn your country, city, or
ISP from analytics. You can disable analytics at any time in
Settings → Controls.
For funnel analytics (so we can tell that "tap import → see review sheet → split a group" is one flow rather than three unrelated taps), PostHog assigns each install a random anonymous ID, stored on your device. Analytics and diagnostic events are associated with that per-install ID across sessions for the same install, so we can follow a flow rather than isolated taps. That ID is not tied to your Apple ID, email, phone, a Bassai account, an advertising identifier (IDFA), your raw IP, or any cross-app advertising profile — and it resets when you reinstall Bassai. Disabling analytics in Settings → Controls stops events and the ID from leaving your device entirely.
Purchases & subscriptions
Bassai Plus is an auto-renewing subscription sold through Apple's App Store. The purchase is handled entirely by Apple through StoreKit — Bassai reads your StoreKit transaction and entitlement state on your device for that purpose.
Bassai does not receive or store your Apple ID, payment card, billing address, or full App Store receipt on its own servers — those stay within Apple's payment system. Because Apple records your subscription, your purchase history is linked to your Apple ID within Apple's system; we disclose it in the App Store privacy section as Purchase History, used only to provide the app's paid features and never to track you.
The only purchase-related data Bassai's own analytics record are coarse paywall events — which paywall appeared, which plan tier was tapped, whether a subscription completed — as fixed enum and context values. They never include a transaction ID, receipt data, an Apple account identifier, or any payment detail.
The former launch email list on bassai.com
Before Bassai 1.0 reached the App Store, this website ran a notify-me-at-launch email form. That form has been removed, and bassai.com no longer accepts new email addresses through a signup form. The form was the one place Bassai ever collected an email, and it was separate from the iOS app — the app itself still has no sign-in, no account, and no email field. If you submitted your address while the form was live, this section stays as the record of exactly what was collected and what happens to it.
What we never collect
- Your name, phone number, or any in-app account identifier. The app has no sign-in. (Your email lives in the former launch email list only if you submitted it on bassai.com while the signup form was offered — the site no longer accepts new addresses through a signup form; covered in the section above.)
- Your contacts, calendar, microphone, or motion data.
- Your photos outside of the ones you deliberately import into a trip.
- Cross-app advertising identifiers (IDFA). We do not participate in ad networks.
- Your live-trip breadcrumb path. The second-by-second track recorded while a trip is live stays on your device. Only catch-level coordinates leave, scoped to the weather, water-gauge, and reverse-geocoder lookups described above — plus, for any device still registered from the now-dormant Plus trip reminders, an approximate 0.1°-rounded water-area coordinate for the weekend-weather check described above, and, if you switch on Live Trip condition alerts, an approximate 0.01°-rounded current-area coordinate for the next-hour weather check described above (never your precise position, exact spot, or route).
- A persistent profile keyed off your IP address, an advertising identifier, or a cross-app device fingerprint. Analytics events are sent with IP discarded at ingest time. The anonymous install ID PostHog assigns (covered above) is per-install and resets on reinstall; analytics and diagnostic events are associated with that install ID, but it is never joined to your Apple ID, email, a Bassai account, IDFA, or any cross-app identifier.
- A device identifier used for tracking or advertising. The one device-level identifier Bassai ever transmits is the opt-in Apple push token described above (registered only by devices that opted into a Plus trip reminder while that feature was offered), used solely to route that reminder to the device — never for advertising, attribution, or building a cross-app profile.
Children
Bassai is intended for people 13 years and older. We do not knowingly collect data from anyone under 13. There is no account system and no retained user-uploaded content, so the surface area for this is small by design.
Security
All network calls use HTTPS. Structured payloads sent to Chat
with Hank are held in request memory only — our AI
proxy (the nako.ai path for Chat) does not
log request bodies and does not retain prompts or responses. Google
Gemini's data handling is governed by Google's own policies,
which our proxy configures for
no-training, no-retention inference. If you stop using
the app, there is no AI-side server record to delete because there
is no account and no retained history. (The separate
bassai.com waterbody-lookup proxy does keep a
bucketed-coordinate durable cache — see "What leaves the device" above
for that disclosure. It never stores photos, notes, or AI prompts.)
Your rights
Because Bassai does not operate an account system, most data rights (access, correction, deletion, portability) are exercised directly on your phone. Your log is yours: export it, edit it, or delete it from within the app. If you believe we are processing personal data of yours outside this contract, write to hi@bassai.com and we'll respond within 30 days.
Changes to this policy
If we change what leaves the device, change what a toggle does, or add a new toggle, we'll update the Effective date above and post the change inside the app before the new behavior takes effect. We won't quietly expand consent — privacy-affecting toggles always start off.
Contact
Bassai Inc · Cordova, TN · United States
hi@bassai.com