Privacy Policy

Effective date: June 5, 2026

This Privacy Policy explains how Apex Ballistics, LLC ("we", "us", "our") collects, uses, and protects your information when you use the Apex Ballistics web application (apexballistics.com), the mobile-friendly web application (mobile.apexballistics.com), and the Apex Ballistics Android application — together, the "Service".

1. Information We Collect

We collect only the information necessary to operate the Service:

• Email address (required). Used to authenticate you, send password resets, deliver transactional emails (subscription receipts, failed-payment notices), and reply to messages you submit through the in-app Contact Us form.
• Name (optional). You may choose to provide a name in your account profile. It is never required and is used only to personalize the in-app display.
• Approximate location (optional, permission-based). On the active-session screen, you can tap a button that asks your device to provide its current latitude, altitude, and azimuth. These values populate the ballistic-calculation inputs (the bullet's trajectory depends on Earth-rotation / Coriolis effects which require latitude, and on air density which depends on altitude). The location is requested only at the moment you tap the button, used in the calculation, and stored as part of that session's shot log under your own account. We never track your location passively. You can revoke the location permission at any time in your device's operating system settings; the rest of the app continues to work, you just lose the auto-fill of those three fields.
• Data you create in the app. Firearms, loads, range sessions, shot logs, photos of grouping you attach to sessions, notes — everything you enter into the Service is stored under your account so it can sync between the web, mobile web, and Android app. This is your data; we do not analyze it, share it, or use it for anything other than providing the Service to you.
• Subscription status. When you subscribe via PayPal, we receive a subscription identifier and the current state (active, cancelled, expired). We never see or store your full payment instrument — PayPal handles the payment data itself.

We do NOT collect:

• Continuous GPS tracking history or location while the app is in the background.
• Advertising identifiers, ad-targeting profiles, or cross-app behavioral data — Apex Ballistics has no advertising.
• Health, biometric, financial, or other sensitive personal data.
• Information about anyone other than the account holder.

2. How We Use Your Information

• To authenticate you and provide access to your account.
• To sync your data across the web app, mobile web app, and Android app.
• To send transactional emails (welcome, subscription receipt, failed-payment notice, password reset).
• To respond to support requests submitted through the in-app Contact Us form.
• To debug and improve the Service (server logs are retained for short periods and contain only request metadata, not the contents of your account data).

3. Sharing

Apex Ballistics, LLC does not sell, rent, share, or otherwise disclose your personal data to any third party for advertising, marketing, or analytics purposes. Ever.

We do use the following service providers strictly to operate the Service. Under privacy law (GDPR, CCPA, CPRA, etc.) these are not considered "sharing" or "selling" of your data — they are data processors who process information on our behalf under contract, only to deliver the Service:

• Supabase, Inc. — managed Postgres database, authentication, and edge functions. Your account data lives here.
• PayPal Holdings, Inc. — payment processing for all subscriptions and lifetime access (the web app, the mobile web app, and the Android app all check out through PayPal). We receive a subscription identifier and status; we never see your full payment instrument.
• Resend, Inc. — transactional email delivery (welcome, subscription receipt, failed-payment notice, password reset, support replies).
• Hostinger International Ltd. — hosting for the web application and static content (this page included).

Each of these providers is contractually prohibited from using your data for their own purposes. We do not enable any of their optional analytics or advertising features.

Legal disclosure. We may disclose information if compelled by valid legal process (subpoena, court order) or to protect the rights, property, or safety of Apex Ballistics, LLC, our users, or the public — but only the minimum necessary to comply, and only when legally required.

4. Data Storage and Security

All data is stored in Supabase (managed Postgres) with row-level security policies enforced at the database layer, so each user account can read and write only its own rows. Connections to all of our services are encrypted in transit (HTTPS / TLS 1.2+). Data at rest is encrypted by Supabase using AES-256.

No system is perfectly secure. We use industry-standard practices and rely on Supabase's SOC 2 Type II certified infrastructure, but we cannot guarantee absolute security. If we ever experience a data breach that affects your account, we will notify you by email and post a notice on this site within the timeframe required by applicable law.

5. Data Retention and Deletion

We retain your account data for as long as your account exists. When you delete your account — using My Account → Delete Account in the app, or by contacting us at the email below — your data is permanently removed from our systems within 7 days. The 7-day window allows time for:

• Cancellation of any recurring billing through PayPal to fully process.
• A short recovery period in case the deletion was accidental.

Once the 7 days elapse, the data is unrecoverable. Email delivery logs (held by Resend) and server access logs (held by Hostinger / Supabase) are purged on their providers' standard schedules — typically 30 to 90 days.

6. Your Rights

You can, at any time:

• View and edit your account data directly inside the app.
• Export your data by contacting us at the email below — we will provide a machine-readable copy within 30 days at no charge.
• Delete your account and all associated data from My Account → Delete Account in the app.

If you are located in the European Union, the United Kingdom, California, or another jurisdiction with comparable privacy law, you additionally have rights to access, correct, port, delete, and restrict processing of your personal information, and to object to processing. You can exercise any of these rights by emailing us. We will respond within the timeframe required by your applicable law (typically 30 days). You also have the right to lodge a complaint with your local data protection authority if you believe we have mishandled your information.

7. Children's Privacy

The Service is not directed to children under 13 (or under 16 in jurisdictions where that is the applicable age for parental consent). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

8. International Users

Apex Ballistics, LLC is based in the United States, and the Service is operated from the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The Effective date at the top of this page will be updated whenever the policy changes. For material changes to how we collect, use, or share your data, we will additionally notify you by email and through an in-app notice before the change takes effect.

10. Contact

Privacy questions, data-export requests, or any other concern about this policy:

Apex Ballistics, LLC
Email: privacy@apexballistics.com

You can also reach us through the in-app Contact Us form, accessible from any signed-in screen of the Service.