Same entity, address, and contact as Part I §1 and §15.
Name, address, phone number, IP address beyond what is needed for the request to reach our servers, browsing history, contacts, photos, Social Security numbers, driver's license numbers, financial-account credentials, biometric identifiers, racial/ethnic origin, religious beliefs, union membership, citizenship/immigration status, health/sex-life information, contents of communications. No third-party analytics SDKs. No advertising trackers.
Directly from you; from your device; from Apple (StoreKit); from public hazard feeds (NWS, NHC, USGS, NIFC, AirNow, NOAA — about hazards, not about you).
Provide FloodArk; generate Intel briefs via Anthropic; bill/support/authenticate subscriptions; security/fraud/debug; legal compliance.
To generate plain-language Intel briefs, we send a bounded, transient snapshot to Anthropic, PBC via its Claude API. The snapshot consists of (i) hex-cell coordinates of the location being summarized, (ii) the relevant hazard indicators for that point, and (iii) a system prompt and instructions. The snapshot does not include your email, install UUID, APNs token, subscription status, or any other identifier that we hold. Anthropic acts as our service provider under Cal. Civ. Code §1798.140(ag): it processes data only on our documented instructions, does not retain or use it to train its models in our commercial-tier configuration, and is bound by Anthropic's Commercial Terms of Service (https://www.anthropic.com/legal/commercial-terms) and Data Processing Addendum.
FloodArk does not use third-party advertising or analytics SDKs, pixels, tags, or beacons. We do not sell or share personal information for advertising. We do not engage in cross-context behavioral advertising. Our revenue comes solely from subscription fees.
Each third party that processes personal information on our behalf acts as a service provider under the CCPA. We do not share data with advertisers, data brokers, or marketing networks.
Our current subprocessors that process personal information on our behalf are listed below. The authoritative current version is published at https://flood-ark.com/subprocessors. We commit to updating that list whenever we add, remove, or change a subprocessor and to surfacing material changes (the addition of a new subprocessor that processes personal information, or a change to the category of processing) in-app at least 30 days before they take effect.
| Subprocessor | Role | Categories processed |
|---|---|---|
| Apple, Inc. | StoreKit + APNs | Subscription state, push token, alert payload metadata |
| Amazon Web Services, Inc. (us-west-1) | Hosting | All user data we hold (install UUID, saved locations, push token, subscription state, observation logs) |
| Anthropic, PBC | Claude API for Intel-brief generation | Bounded snapshot: hex coordinates + hazard indicators + system prompt. No identifiers we hold. |
| Data category | Retention |
|---|---|
| Saved-location coordinates | Until you remove the saved location, then within 30 days. |
| Install UUID + APNs token | While installed and subscription active; within 90 days after subscription cancellation or last active use. |
| Subscription and billing records | 7 years (tax and accounting). |
| Environmental observations | De-identified and aggregated at hex resolution within 30 days of collection; raw user-tagged version purged. Aggregated, non-identifiable time-series may be retained indefinitely for service improvement. |
| Support correspondence | 24 months. |
You may request earlier deletion as described in §P12.
Hazard alerts are part of the subscribed service. Promotional or marketing pushes are sent only if you have separately opted in, and you can opt out at any time in Settings → Notifications without affecting hazard alerts. APNs payloads are limited to location-name and public hazard identifiers; we never include your install UUID, coordinates, or subscription status on the lock-screen-visible portion.
FloodArk surfaces data from public governmental hazard feeds: NWS (weather.gov), NHC (nhc.noaa.gov), USGS (usgs.gov), NIFC (nifc.gov), AirNow (airnow.gov), NOAA (noaa.gov). These agencies are the authoritative source; FloodArk is not the originator and does not guarantee accuracy, timeliness, or completeness.
Categories collected (last 12 months). Identifiers; commercial information; internet/network activity; geolocation, including precise geolocation (sensitive PI). No inferences.
Sale and sharing. We do not sell personal information. We do not share for cross-context behavioral advertising. Because we do not sell or share, we are not required to post — and do not post — a "Do Not Sell or Share My Personal Information" link.
Use of sensitive personal information. We collect precise geolocation only to provide the service you have requested, within the scope permitted under CCPA Regulations §7027(m). We do not use sensitive PI to infer characteristics about you. Because we limit use in this way, we are not required to post a "Limit the Use of My Sensitive Personal Information" link.
Your rights. Right to know; right to delete; right to correct; right to opt out of sale/sharing (n/a); right to limit use of sensitive PI (n/a); right to non-discrimination; right to appeal a denial.
How to exercise rights. Email privacy@flood-ark.com or use the in-app form (Settings → Privacy → Submit a Request, when available). We will acknowledge a verifiable request within 10 business days and substantively respond within 45 calendar days, extendable once by 45 days with notice to you.
Authorized agent. You may use an authorized agent, verified per §7063 of the CCPA Regulations.
Minors. We do not have actual knowledge that we collect personal information of any consumer under 16.
Residents of states with comprehensive consumer privacy laws — currently including California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia — may have similar rights, including access, correction, deletion, portability, and opt-out of sale/sharing/targeted advertising/profiling.
We do not sell personal information, do not share or process it for cross-context behavioral advertising, do not engage in profiling that produces legal or similarly significant effects, and do not use sensitive personal information beyond what is necessary to provide the service.
To exercise a right or appeal a denial, contact privacy@flood-ark.com. We will respond within the timeframes required by your state's law (typically 45 days, extendable once).
Global Privacy Control. Where required, we will honor Global Privacy Control or other recognized universal opt-out signals as a valid request to opt out of sale/sharing and targeted advertising, even though we do not engage in these activities.
For residents of states whose laws require opt-in consent before processing precise geolocation (Colorado, Connecticut, Virginia, Texas, Oregon, Montana, and other VCDPA-pattern states), your initial decision to save a location and enable hazard alerts for that location constitutes your affirmative consent to our processing of precise geolocation solely for that purpose. You may revoke by removing the saved location, revoking location permission in iOS Settings, or uninstalling the app.
FloodArk is a general-audience service intended for adults. It is not directed to children under 13 within the meaning of COPPA, as amended in 2025. We do not knowingly collect personal information from children under 13. We also do not knowingly sell or share personal information of consumers under 16 within the meaning of the CCPA. If you are a parent or guardian and believe your child under 13 has provided personal information to us, contact privacy@flood-ark.com and we will promptly delete the account and the associated data.
All requests use TLS (HTTPS). Subscription verification uses Apple's signed JWS transactions, which we verify cryptographically. The install UUID is stored in the iOS Keychain (AfterFirstUnlockThisDeviceOnly accessibility class). We do not store your Apple ID or payment information — Apple manages billing entirely. No system is perfectly secure; we cannot guarantee absolute security.
If we discover a breach of security that compromises your personal information, we will notify you and applicable authorities as required by law, without unreasonable delay. California residents are covered by Cal. Civ. Code §1798.82; residents of other states are covered by their respective state breach-notification statutes.
FloodArk does not change its behavior in response to "Do Not Track" browser signals. We do not track users across third-party websites or apps in any case. This disclosure is provided to comply with the California Online Privacy Protection Act (Cal. Bus. & Prof. Code §§22575–22579).
We do not share personal information with third parties for their own direct-marketing purposes. California residents may nonetheless request a Shine the Light disclosure (Cal. Civ. Code §1798.83) by emailing privacy@flood-ark.com.
If you need this Privacy Policy or the Terms of Use in an alternative accessible format, contact accessibility@flood-ark.com.
If we make material changes to this Policy, we will surface them in-app at least 30 days before they take effect and will update the "Last updated" date above. Continued use after a material change becomes effective constitutes acceptance.
Privacy: privacy@flood-ark.com. Legal: legal@flood-ark.com. General support: support@flood-ark.com. Accessibility: accessibility@flood-ark.com. Postal: FloodArk Inc., Attn: Privacy, 1280 Hacienda Dr., Vista, CA 92081.