Privacy Policy | CCPA/CPRA, VCDPA, CTDPA, CPA, UCPA, TDPSA, OCPA & COPPA

How fishinglicenseinfo.org/ Handles Personal Data — U.S. Privacy Patchwork

This Privacy Policy sets out what personal data we collect, why, how long we keep it, who we share it with, and your rights under U.S. state privacy laws — the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA), the Texas Data Privacy and Security Act (TDPSA), the Oregon Consumer Privacy Act (OCPA) and other state laws — plus the federal Children’s Online Privacy Protection Act (COPPA).

Effective date: January 1, 2026

Last reviewed: April 2026

Controller: fishinglicenseinfo.org/ Editorial

⚠ We do not hold any state-agency license record

fishinglicenseinfo.org/ is an editorial guide. We do not hold, process or store any fishing-license record, license number, state-agency customer account, payment record, or any data the state agency holds about you. License records are held by the state fish and wildlife agency and its authorized vendor. For access to your license record, contact the agency directly.

What is in this notice

1. Scope and Controller

This Privacy Policy applies to fishinglicenseinfo.org/. The "business" / "controller" is fishinglicenseinfo.org/ Editorial, contactable at info@fishinglicenseinfo.org. This notice does not apply to any state fish and wildlife agency, the U.S. Fish and Wildlife Service, NOAA Fisheries, AFWA, any tribal authority, or any authorized retail vendor we link to. Each of those is its own controller with its own privacy notice.

2. Personal Information We Collect

Category	Examples	Source
Identifiers	IP address, device ID, browser user agent	Automatic when you visit
Internet / network activity	Pages viewed, time on page, referrer, internal searches	Automatic
Contact data	Email address, name (if provided), message content	You — only if you email us
Cookies / similar tech	See Cookie Policy	Automatic; managed by the cookie banner
Approximate location	City and state inferred from IP	Automatic
Inferences	Which state’s guide you visit (to tailor content)	Derived

What we do NOT collect

We do not collect your name, postal address, Social Security number, driver’s license number, fishing-license number, payment-card data, bank account data, biometric data, precise geolocation, or any other state-agency identifier. If you accidentally include any such data in an email to us, we delete it on receipt and ask you to take the agency-specific question to the agency itself.

3. Why We Collect It

To operate the site — serve pages, remember cookie preferences, protect against abuse
To understand which guides are useful — aggregated, anonymous analytics
To respond to you when you email us a correction or inquiry
To display non-personalized or personalized advertising depending on your consent
To detect and prevent fraud, scraping and attacks
To comply with legal obligations — lawful subpoenas, court orders and government information requests

5. “Sale” and “Sharing” Disclosure

We do not “sell” personal information for money

However, the broad definitions of “sale” under California’s CCPA/CPRA and “sharing” under the CPRA (for cross-context behavioral advertising) can cover the disclosure of cookie-based identifiers and IP addresses to third-party advertising partners (e.g., Google AdSense) when you have not opted out. To the extent any of our cookie-based advertising falls within those definitions, you can opt out via:

The Global Privacy Control (GPC) browser signal — we honor it as a “Do Not Sell or Share” request
The “Do Not Sell or Share My Personal Information” link in our footer (if displayed for your state)
The cookie banner — reject advertising cookies
Google’s own opt-out: adssettings.google.com

6. How Long We Keep It

Category	Retention period
Web server & security logs	30 days
Aggregated GA4 analytics	14 months
Email correspondence	24 months from last interaction
Cookie consent records	12 months from your choice
Rights-request audit trail	3 years (state AG enforcement window)

7. Your Rights Under State Privacy Laws

State	Law	Key rights
California	CCPA (Cal. Civ. Code §1798.100 et seq.) as amended by CPRA	Know, access, delete, correct, opt-out of sale/share, limit sensitive PI, non-discrimination; private right of action for certain breaches
Virginia	VCDPA	Access, correct, delete, portability, opt-out of targeted advertising, sale, and certain profiling
Colorado	CPA	Access, correct, delete, portability, opt-out of targeted advertising, sale and certain profiling; universal opt-out signal recognition required
Connecticut	CTDPA	Access, correct, delete, portability, opt-out; GPC recognition required from 1 Jan 2025
Utah	UCPA	Access, delete, portability, opt-out of targeted advertising and sale
Texas	TDPSA	Access, correct, delete, portability, opt-out
Oregon	OCPA	Access, correct, delete, portability, opt-out; “list of specific third parties” disclosure
Other states	Iowa, Indiana, Tennessee, Montana, Delaware, New Jersey, New Hampshire, Maryland, Minnesota, Kentucky, Rhode Island, and a growing list	Similar core rights; effective dates and thresholds vary

Where your state of residence is not listed, you may still email us and we will give the same core rights as a matter of policy.

8. How to Exercise Your Rights

Email info@fishinglicenseinfo.org with the subject “Privacy rights request” and the right you are exercising. We respond within 45 days (extendable by 45 days when necessary, with notification) as required by most U.S. state laws. We may need to verify your identity using information already in our records.

You can also designate an authorized agent. For California rights requests via an authorized agent, we require written authorization signed by you.

9. Children — COPPA

The site is not directed at children under 13. Under the federal Children’s Online Privacy Protection Act (COPPA) and its implementing rule (16 CFR Part 312), we do not knowingly collect personal information from children under 13. We design the site for general audiences. If you believe a child under 13 has provided personal information to us, email us with the subject “COPPA / child data” and we will delete it.

For minors aged 13–15, California’s CPRA requires opt-in consent before “selling” or “sharing” their personal information, which we do not do regardless.

10. Security

We use technical and organizational measures appropriate to the limited categories of personal information we process — TLS/HTTPS in transit, encryption at rest where applicable, access controls, vendor due diligence, and a breach-response procedure aligned with state breach-notification statutes (e.g., Cal. Civ. Code §1798.82) and the FTC’s data-security guidance.

11. Changes to This Notice

We update this notice when our practices change or when U.S. law changes. The “Last reviewed” date at the top reflects the current version. Material changes are flagged on the site for 30 days.

12. Contact

For any privacy question or rights request: info@fishinglicenseinfo.org

You may also complain to the Federal Trade Commission (FTC) at reportfraud.ftc.gov, your state Attorney General, or (in California) the California Privacy Protection Agency at cppa.ca.gov.

Exercise a Privacy Right

Email us with the subject “Privacy rights request”. We respond within 45 days.

📧 info@fishinglicenseinfo.org