Steel Trap Steel Trap Sign in

Privacy Policy

Effective date: April 27, 2026

Steel Trap (“Steel Trap,” “we,” “us,” or “our”) helps hunters plan hunts and build a long-term record of them. This Privacy Policy explains what we collect, why, and what your rights are. It’s written to be readable. If anything is unclear, get in touch.

The short version

  • We collect the email and hunting details you give us so we can run the app.
  • We don’t sell your data. We don’t show ads.
  • You can export everything you’ve written and delete your account at any time.
  • Your hunts are private to you unless you explicitly share them.

Who this applies to

This policy applies to anyone who uses the Steel Trap web app, signs up for an account, or contacts us. If you’re using Steel Trap on behalf of someone else (e.g., setting up an account for a family member), please make sure they’ve seen this policy.

What we collect

Information you give us

  • Account info. Your email address, your first name, the U.S. state where you primarily hunt, and the interests / lifestyle answers you provide during onboarding. Email is required; the rest is optional and helps us tailor checklists and prompts.
  • Hunt content. Anything you put into the app: hunt plans, dates, locations, weather notes, harvest details, hunt party members, photos, voice memos, and journal entries — including drafts. This is the heart of what Steel Trap is for, and it’s yours.
  • Communications. If you email us or reply to a reminder, we keep that message so we can follow up.

Information we collect automatically

  • Sign-in tokens. We use single-use email “magic links” instead of passwords. Tokens expire and are deleted after use.
  • Server logs. Standard request logs (IP address, user agent, timestamps, paths) for debugging, abuse prevention, and security. We rotate these regularly.
  • Gravatar. If you have a Gravatar tied to your email address, we fetch it to display your avatar. If you don’t, nothing is fetched.

Information we don’t collect

  • We don’t use third-party advertising or behavioral tracking.
  • We don’t sell, rent, or trade your information to anyone.
  • We don’t ask for your real-time location or run background tracking.

How we use it

We use what you give us to:

  1. Run the product — show you your hunts, generate checklists, send the email reminders you’ve opted into, and let you sign in.
  2. Improve the product — look at aggregate usage (e.g., how many hunts get logged) to figure out what to build next. Where possible we work from anonymized counts, not individual content.
  3. Keep things working — diagnose bugs, prevent abuse, and keep the service secure.
  4. Talk to you — answer support emails and send service notices (e.g., a change to this policy). We won’t add you to marketing lists you didn’t ask for.

We do not train AI models on the contents of your journal entries or hunts. If we ever introduce optional AI features that send your content to a third-party model provider on your behalf, we’ll be explicit about it and let you opt in.

Who sees your data

Your hunts and journals are private to your account. The people who can see your data are:

  • You, when you sign in.
  • Service providers we use to run Steel Trap, in the narrow scope they need to do their job. As of the effective date above, those are:
    • Our hosting and database provider (where the app and your data live).
    • Our transactional email provider (to deliver magic-link sign-ins and reminders).
    • Gravatar (only to fetch a public avatar by email hash, if one exists).
  • Law enforcement, but only if we receive a valid legal request and only to the extent we’re required to comply.

We will tell you in advance if a new vendor would have access to your hunt content (for example, a transcription provider for voice memos), and we will update this list when it changes.

Where your data lives

Steel Trap is operated from the United States. If you use the app from outside the U.S., your information will be transferred to and processed there.

How long we keep it

  • Account and hunt data: as long as your account is active. If you delete your account, we delete your hunts, journal entries, photos, and profile within 30 days.
  • Sign-in tokens: deleted as soon as they’re used or expire.
  • Server logs: rotated and deleted on a rolling basis (typically within 90 days), unless we need to keep something longer to investigate a specific incident.
  • Backups: encrypted backups may persist for up to 30 days after deletion before they roll off.

Your rights

You can:

  • See your data — everything in the app is visible to you, and hunts can be exported as Markdown.
  • Correct it — edit any field on your profile or your hunts.
  • Delete it — delete an individual hunt, or delete your whole account from Settings. Account deletion is permanent.
  • Take it elsewhere — export your hunts as Markdown to back them up or move them to another tool.
  • Tell us to stop emailing you — every reminder includes an unsubscribe link, or you can turn off reminders in Settings. We’ll still send essential account emails (sign-in links, security notices).

If you’re in California, the EU, or the UK, you may have additional rights under your local laws (e.g., GDPR, CCPA). To exercise any of them, email us at the address below — we’ll honor them whether or not your jurisdiction strictly requires it.

Cookies

We use a single first-party session cookie to keep you signed in. We don’t use advertising cookies or third-party tracking pixels. Your browser’s “Do Not Track” signal is respected by default — there’s nothing for us to opt you out of.

Children

Steel Trap isn’t directed to children under 13, and we don’t knowingly collect data from them. If you believe a child has signed up, contact us and we’ll delete the account.

Security

We use TLS for everything in transit, encrypted storage at rest, and short expiry windows on sign-in tokens. No system is perfectly secure, but we treat your hunt journal like the personal record it is. If we ever discover a breach that affects you, we’ll tell you promptly.

Changes to this policy

We may update this policy as Steel Trap grows. When we do, we’ll bump the Effective date above and — for material changes — email you before the change takes effect. Because this file lives in our public repo, you can also view the full history and diff of every change.

Contact

Questions, requests, or concerns about privacy:

Email: privacy@steeltrap.app