Privacy Policy for StreamWrangler

⚠️ DRAFT — REQUIRES LAWYER REVIEW BEFORE PUBLICATION.

Effective date: 2026-05-18 Last updated: 2026-05-18

This Privacy Policy describes how Sierra Digital Forge LLC (“Sierra Digital Forge,” “we,” “us,” or “our”) collects, uses, and shares information when you use the StreamWrangler mobile application (the “App”). By installing or using the App, you agree to the practices described below.

Contact: privacy@sierradigitalforge.com Developer address (for Play Store listing): Sierra Digital Forge LLC, c/o Northwest Registered Agent LLC, 732 S. 6th St., Suite N, Las Vegas, NV 89101, USA Play Store package: com.rwarre.showwrangler

Play Store account-deletion route (Google’s “Data deletion URL” requirement)

In compliance with Google Play’s account-deletion disclosure requirements, registered users have two paths to delete every record we (or Firebase, our backend provider) hold about them:

In-app: open the App and tap Settings → Account → Delete Account & Wipe Data. This wipes the device immediately and triggers backend deletion within 30 days.
By email: send a deletion request to privacy@sierradigitalforge.com with the subject “Delete My StreamWrangler Account.” We respond within 5 business days and complete deletion within 30 days.
Public web page: a permanent summary of this route is hosted at https://sierradigitalforge.com/apps/streamwrangler/delete-account (the URL also listed on the Play Store listing).

Guest users (see Section 1) have nothing for us to delete server-side; uninstalling the App removes all on-device data the App has stored.

The hosted versions of this Privacy Policy, the Terms of Service, the Community Guidelines, the COPPA Policy, and the Refund Policy live under https://sierradigitalforge.com/apps/streamwrangler/.

1. Summary

StreamWrangler is a family TV-and-movie tracker. Users browse trending and recommended titles, save shows to a watchlist, mark episodes watched, see who in the household is watching what, and (optionally) deep-link out to the streaming service that has the title.

The App has two user modes:

Guest mode. Browse trending titles, search, view detail pages, and watch trailers. No account is required. Guest sessions are local-only — your preferences (preferred streamers, hide-anime toggle, recently viewed) are saved on your device only and never uploaded to our backend.
Registered mode. Create an account to save a watchlist, mark episodes watched, earn points, see family-member activity, and (with consent) sync watch history from your Trakt account. Registered users’ data is synced via Google Firebase Authentication and Cloud Firestore so it follows them across devices.

A small set of cloud services support specific features regardless of mode:

Show metadata, posters, recommendations, and trailer video keys come from TMDB (The Movie Database).
Streaming-source resolution (which service has the title) comes from Watchmode.
Watch history sync is optional and comes from Trakt via OAuth.
Account credentials and saved state for registered users are managed by Google Firebase Authentication and Cloud Firestore.

We do not sell your personal information. We do not display banner or pop-up advertising in the App. We do not run analytics SDKs that track your activity across other apps or websites.

2. Information We Collect

2.1 Information You Provide Directly

Account credentials (registered users only): the email address and password, or third-party sign-in identity (such as Google), that you use to create and access your account. Credentials are managed by Google Firebase Authentication (Section 5.4).
Profile information (registered users only): the display name you enter during onboarding, and any avatar or family-member identity you select (Ron / Jolene / Kimberly / Alaysa / Kids / Guests, or a custom name/photo).
Watchlist and viewing state (registered users only): the shows and movies you save, episodes marked watched, ranks/points earned, and settings such as preferred streamers and “hide anime” toggle.
Family Activity content (registered users only, opt-in): rank changes, completion milestones, and “now watching” updates that you choose to publish to the family-shared activity feed.
Trakt linkage (registered users only, optional): the OAuth authorization token returned by Trakt after you sign in to your Trakt account from inside the App.

2.2 Information Collected Automatically

App-local preferences and state: the App stores your settings, tab defaults, recently viewed titles, and similar local state on your device. In guest mode this is all the App stores about you. In registered mode the same state is also mirrored to Firestore so it follows your account.
Diagnostic logs: the App writes runtime logs (Android logcat) on your device to help diagnose issues. These logs remain on your device unless you choose to share them with us.

We do not collect device identifiers (such as advertising ID) for tracking, and we do not embed third-party analytics SDKs.

2.3 Permissions the App Requests

Permissions are requested only when you use the feature that needs them, and can be revoked in your device settings.

Permission	Why the App requests it
Internet	Communicate with TMDB, Watchmode, Trakt, Firebase, and YouTube embedded trailer playback
Network state	Detect when you’re offline so the App can degrade gracefully instead of hanging
Post notifications (Android 13+)	Send the local “what’s on tonight” / “new episode” reminders you opt into
Foreground service (if enabled)	Background watch-history sync via WorkManager (every 12 hours, when you’ve opted into Trakt sync)

StreamWrangler does not request camera, microphone, location, contacts, calendar, SMS, phone, or storage permissions. All assets the App displays come from the third-party services in Section 5; the App does not capture media on your device.

3. How We Use Your Information

We use information you provide to:

Operate the core browsing, watchlist, episode-tracking, and family-activity features.
Resolve which streaming services have a given title (via Watchmode) and, when you choose, deep-link you out to that service.
Sync the watch history you’ve authorized us to read from your Trakt account.
Show family members what you’ve recently watched, when you’ve opted into Family Activity.
Diagnose crashes and bugs you choose to report to us.

We do not use your information for advertising, profiling for third-party marketing, or sale to data brokers.

4. Where Your Data Is Stored

On your device (guest mode): All preferences, recently viewed titles, and local state are stored in App-private storage. Nothing is uploaded to our backend in guest mode.
On your device (registered mode): The App caches your watchlist, episode-watched state, and recently viewed list locally for offline reading and snappy navigation.
On our backend — Firebase (registered users only): Your account credentials and authentication state are stored by Google Firebase Authentication. Your watchlist, episode-watched state, profile, settings, recently viewed list, and any Family Activity content you publish are stored in Cloud Firestore under users/<uid>/.... This is the source of truth across your devices.
In transit to third parties: Some features (Section 5) send specific data to third-party processors over HTTPS. Those processors handle the data under their own privacy policies.
What is NOT on our backend by default: in guest mode, nothing. In registered mode, raw device logs and any local-only diagnostic state stay on the device unless you explicitly send them to us.

5. Third-Party Services

The App integrates the following third-party services. We send only the data described below, and only when you use the corresponding feature.

5.1 TMDB (The Movie Database)

Data sent: the search query you type, or the title ID being displayed. No display name, no account identifier. Purpose: retrieve metadata (titles, descriptions, posters, backdrops, cast, episode lists), recommendations, and trailer video keys. Provider policy: TMDB Terms of Use and Privacy Policy. TMDB is operated by an independent third party and we comply with their attribution and API usage requirements.

5.2 Watchmode

Data sent: the title ID being resolved. Purpose: look up which subscription streaming services currently carry the title in your region, and the appropriate deep link. Provider policy: Watchmode API Terms of Service.

5.3 Trakt (optional, registered users only)

Data sent (when you opt in): an OAuth token issued by Trakt during the streamwrangler://oauth/trakt deep-link sign-in flow, plus subsequent watch-history reads. Purpose: sync episodes you’ve already marked watched in Trakt into your StreamWrangler watchlist. Provider policy: Trakt Privacy Policy (https://trakt.tv/privacy). Trakt is an independent data processor. Trakt linkage is entirely optional and the App functions without it. You can revoke a Trakt connection at any time from inside the App, which instructs Trakt to invalidate the token.

5.4 Google Firebase Authentication and Cloud Firestore (registered users only)

Data sent: the email address, password (transmitted to Firebase over TLS and stored as a salted hash on Firebase’s infrastructure — we do not see or store your plaintext password), or third-party sign-in token (e.g., Google) you use to create your account, plus the resulting account identifier and session tokens. Watchlist, viewing state, settings, profile, and Family Activity content are written to Cloud Firestore under documents scoped to your account UID. Purpose: authenticate you to the App, protect your account, and persist your library across devices. Provider policy: Firebase Privacy and Security (https://firebase.google.com/support/privacy). Firebase is operated by Google and acts as our authentication and database provider.

5.5 YouTube (embedded trailer playback)

Data sent: the video key for the trailer you’re watching, plus standard YouTube-embed identifiers (referrer, user-agent) that the YouTube player reports automatically. Purpose: play the trailer inline on the App’s hero banner and detail pages. Provider policy: YouTube Terms of Service and Google Privacy Policy. YouTube may set cookies via its embedded player; we do not control those cookies and they are governed by Google’s policy.

5.6 The streaming services you deep-link out to (Netflix, Disney+, Prime Video, etc.)

Data sent: none from us. The deep link opens the streaming service’s app or website directly with the title’s identifier; from that point on, you are interacting with that service under its own terms and privacy policy. Purpose: let you start watching a title on the service that carries it.

We do not share your data with any party not listed in this section.

The App includes optional Family Activity features (a shared feed showing what household members are watching, rank changes, and milestones). Family Activity is opt-in and registered-mode only: it is off by default, and the App’s core browsing, watchlist, and tracking features work fully without it.

If you enable Family Activity, the information you publish there is visible to other members of your family group. Depending on which surfaces you use, this may include:

Your display name and any avatar or family-member identity you set.
Badges and ranks you have earned in the App.
Titles you’ve recently watched or added to your watchlist.
Episode-completion milestones (for example, “finished a season”).
Comments, reactions, and similar content you submit to the Family Activity feed.

6.2 How Family Activity data is stored and exposed

Content you publish to Family Activity is stored in Cloud Firestore (Section 4) and transmitted to other family-group members’ devices through that backend.
Other family-group members may see, copy, or screenshot what you publish. Once content has been shared with a household member, we cannot guarantee that copies do not persist outside our control.
You can delete individual Family Activity entries you have authored. Deleting an entry removes it from the surfaces the App controls, but does not retract copies others may have made.
You can disable Family Activity at any time inside the App. Disabling Family Activity stops new publication. To remove previously published content, use the in-App delete controls or contact us at privacy@sierradigitalforge.com.

6.3 Conduct

We do not actively monitor every Family Activity entry, but we reserve the right to remove content that violates the in-App community guidelines or applicable law, and to suspend accounts that abuse the feature.

7. Data Retention and Deletion

On-device data — including your local preferences, recently viewed list, and cached watchlist — persists until you delete it inside the App, clear the App’s data in Android settings, or uninstall the App. Uninstalling removes all on-device data this App has stored.
Guest mode stores nothing on our backend. There is nothing for us to retain or delete server-side when you stop using the App as a guest.
In-App “Delete Account & Wipe Data” (registered users) under Settings → Account immediately scrubs every record on the device, signs you out, and triggers backend deletion of your Firestore documents.
Firebase account data: your authentication record and the Firestore documents associated with it remain on our backend until you delete your account. You can request account deletion at any time from inside the App (Settings → Account → Delete Account & Wipe Data) or by emailing privacy@sierradigitalforge.com. Deleting your account removes your authentication record from Firebase and the Firestore documents stored under it, subject to short-term backups that age out on a rolling 30-day cycle.
Third-party services retain data according to their own policies. To request deletion from TMDB, Watchmode, Trakt, YouTube, or any streaming service you deep-linked into, contact those providers directly using the links in Section 5.

8. Security

All third-party API calls and all communication with our Firebase backend use HTTPS (TLS).
Passwords are never stored in plaintext. They are transmitted to Firebase Authentication over TLS and stored as salted hashes on Firebase’s infrastructure under Google’s security controls.
TMDB and Watchmode API keys are stored in build configuration (local.properties) and are not exposed in the App’s UI. (Note: the keys ship inside the APK and are therefore extractable by a determined party — these keys are scoped to read-only metadata and image retrieval, not to financial or user-data access, and we rotate them on a regular cadence.)
App-private storage is protected by Android’s sandboxing model.
Cloud Firestore documents are scoped to a user’s account UID via Firestore Security Rules; one account cannot read or write another account’s documents.
We do not control the security practices of third-party services beyond using their published APIs as documented.

No method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security and you use the App at your own risk.

9. Children’s Privacy

The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13. Account creation is restricted to users 13 or older. Younger members of a household are represented inside the App through a family-member identity (a name and avatar) chosen and managed by the parent account holder — they do not have their own credentials, their own backend record, or their own access to the App outside the parent’s device.

If you believe a child under 13 has created an account or provided us with personal information, contact us at privacy@sierradigitalforge.com and we will delete it. See COPPA_POLICY.md for the full Children’s Online Privacy Protection Act compliance posture.

10. Your Rights

Depending on where you live, you may have rights under privacy laws such as the EU/UK GDPR or the California Consumer Privacy Act (CCPA), including the right to:

Access the personal information we hold about you.
Request correction or deletion of that information.
Object to or restrict certain processing.
Withdraw consent for optional features (Family Activity, Trakt linkage) at any time by disabling the feature inside the App or revoking the relevant OS permission.
Lodge a complaint with your local data protection authority.

To exercise any of these rights, email privacy@sierradigitalforge.com. To remove your account, any Family Activity content you have published, and every record stored on this device in one step, use Settings → Account → Delete Account & Wipe Data inside the App. Alternatively, uninstalling the App removes all on-device data.

11. International Users

The third-party services listed in Section 5 — including Firebase, TMDB, Watchmode, Trakt, and YouTube — are operated by companies based in the United States and may process your data outside your country of residence. By creating an account, enabling Family Activity, linking Trakt, or using any of the features in Section 5, you consent to that international transfer.

12. Changes to This Policy

We may update this policy from time to time. When we do, we will change the “Last updated” date at the top and, for material changes, present an in-App notice the next time you open the App. Continued use after the effective date of an update constitutes acceptance of the revised policy.

13. Contact

Questions or requests about this policy:

Sierra Digital Forge LLC Email: privacy@sierradigitalforge.com Address: c/o Northwest Registered Agent LLC, 732 S. 6th St., Suite N, Las Vegas, NV 89101, USA

A Nevada domestic, member-managed limited-liability company (Entity ID E57035552026-3, Nevada Business ID NV20263569431, filed 4/29/2026).

This privacy policy is provided as a starting template for the Google Play Store listing. It should be reviewed by qualified legal counsel before publication to ensure it meets the specific requirements of your jurisdiction (including GDPR, CCPA, COPPA, and any local consumer-protection laws), and to confirm that every data flow described above matches the App as shipped.