Praize Privacy Policy

Effective date: 2026-05-16 Controller: Joshua Katigbak, operating Praize ("Praize", "we", "us") Privacy contact: privacy@praize.faith Supervisory authority (Estonia): Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate), https://www.aki.ee

1. Overview

Praize is a prayer community app where users can anchor prayers, praises, and reflections to Bible verses. If you create an account and post content, your prayers may reveal religious beliefs, which is treated as sensitive (special category) data under EU data protection law.

This policy explains what we collect, why, how long we keep it, and your rights.

2. How You Can Use Praize

2.1 Viewer Mode (no account required)

You can browse public Scripture and prayers without creating an account. In viewer mode we process only basic technical data (IP address, device info) to operate and secure the service. We do not store personal content for viewers.

2.2 Account Mode

When you create an account, you can post prayers, give and receive intercessions, join groups, participate in vigils, and use voice features. Creating an account and posting prayer content involves processing data that may reveal religious beliefs.

2.3 Guest Accounts

You may initially use Praize with a guest account for limited functionality. If you later sign up with email or a social provider, your guest activity may be migrated to your new account. Guest activity is pseudonymous, not fully anonymous, while it can still be linked to the same device or later account.

3. What We Collect

3.1 Account data

Email address (if signing up with email)
Display name, username, avatar, bio
OAuth identifiers (Apple, Google, or Facebook — depending on your sign-in method)
Account preferences and settings

3.2 Prayer and community content

Prayer, praise, testimony, and reflection text
Verse references, timestamps, visibility settings (public / private / group-only)
Community interactions: "Amens" (spiritual agreements), follows, group memberships
Answered prayer markers and testimonies

3.3 Audio and transcripts (optional)

If you use voice features:

Audio recordings of prayers/praises (stored as OPUS/AAC files)
Auto-generated transcripts and captions (may be editable by you)
Auto-generated translations (if enabled, for cross-language delivery)

3.4 Location (optional)

If you enable location-based prayer alerts:

Coarse location only (country, city) — we do not store precise GPS coordinates
Radius preferences for prayer alerts

3.5 Groups, vigils, and invites

Group memberships and roles
Vigil participation and prayer activity within vigils
Prayer invite tokens and redemption status

3.6 Safety and security data

Moderation flags, abuse reports, risk scores
Security logs: IP address, device/user agent, authentication events
Rate limiting identifiers

3.7 Error monitoring

We use Sentry for crash and error reporting. Sentry receives:

Error events and stack traces (with prayer content scrubbed before sending)
Device and app version info
Your internal user ID only (never your name, email, or prayer content)

3.8 Analytics (optional)

If you consent to analytics:

Screen views and feature usage events (no prayer content, no PII)
Events are batched, validated against an allowlist, and sent without identifying information

3.9 Payments (optional, future)

If you use paid features or sponsorship:

Transaction references, timestamps, amounts
We do not store payment card details (handled entirely by the payment processor)

4. Why We Use Your Data

Purpose	What data	Legal basis
Provide the service (accounts, prayer posting, delivery)	Account data, prayer content	Contract (Art. 6(1)(b)) + Explicit consent for religious content (Art. 9(2)(a))
Voice prayers and transcription	Audio, transcripts	Contract (Art. 6(1)(b)) where needed to provide the feature + explicit consent for religious content (Art. 9(2)(a)); separate opt-in for voice
Translation for cross-language delivery	Transcripts, translations	Contract (Art. 6(1)(b)) where translation is enabled for delivery + explicit consent for religious content (Art. 9(2)(a))
Location-based prayer alerts	Coarse location	Separate optional consent (Art. 6(1)(a))
Analytics	Anonymized usage events	Consent (Art. 6(1)(a))
Community safety and moderation	Content metadata, flags, reports, transcripts (for moderation)	Legitimate interest (Art. 6(1)(f)) + explicit consent for religious content where special-category content is processed (Art. 9(2)(a)) — see our LIA: Safety & Abuse Prevention
Security, fraud prevention, rate limiting	IP, device info, auth events	Legitimate interest (Art. 6(1)(f)) — see our LIA: Security Logging
Backups and disaster recovery	Database snapshots, including special-category content where present	Legitimate interest (Art. 6(1)(f)) + explicit consent for religious content where special-category content remains in backups (Art. 9(2)(a)) — see our LIA: Backups & DR
Payments	Transaction references	Contract (Art. 6(1)(b))
Legal/tax obligations	Payment records	Legal obligation (Art. 6(1)(c))

5. Religious Content (Special Category Data)

Prayer content may reveal religious beliefs. In account mode, we process this based on your explicit consent to operate the service you request.

You can withdraw consent at any time in Settings > Privacy & Data. Withdrawing consent:

Disables prayer posting and receiving features
Reverts you to viewer mode (you can still browse public content)
Requires a content decision for prior religious content: delete prior content, or detach eligible public content only where lawful and selected by you (see Section 11)

Consent withdrawal is not a punishment. Viewer mode provides meaningful access to the service.

6. Automated Processing

6.1 Transcription and translation

If you use audio features, we may auto-transcribe your voice prayers. Translation is used only where enabled for cross-language delivery or otherwise selected in the product.

Auto-generated transcripts and translations may be inaccurate
We label AI-derived content (e.g., "Auto-transcribed", "Auto-translated") where feasible
You can review and edit transcripts before they are used for translation

6.2 Privacy filter

We apply automated checks to detect high-risk personal information in posts (e.g., phone numbers, email addresses, physical addresses, identifying details about minors). If detected:

You will be prompted to review and edit before posting publicly
We do not silently alter your content

6.3 New user safety period

During the first 14 days after account creation, we may apply additional safety checks to protect the community (e.g., enhanced moderation review of audio content). You are informed about this during onboarding.

7. Third-Party Data in Prayers

Prayers naturally mention other people. Please:

Use initials, pseudonyms, or vague references instead of full names + identifying details
Do not include others' contact information, health details, or sensitive personal data without their awareness
If your post is flagged by our privacy filter, you will be asked to edit before publishing

If you believe someone has posted your personal information without consent, you can report the content for review.

8. Who We Share Data With

8.1 Other users

Based on your visibility settings, your content may be visible to:

Other users you choose (private/shared content, group members, vigil participants)
The public (public prayers)

8.2 Service providers (processors)

We use the following categories of service providers to operate Praize:

Provider	Service	Location	Safeguard
Cloudflare	Audio storage (R2), CDN, upload workers	EU region for core storage; global edge network for CDN/security	DPA/SCC or equivalent contractual safeguards
OpenAI	Audio transcription/translation where enabled	May process outside the EU depending on service configuration	DPA/SCC or equivalent contractual safeguards
Deepgram	Transcription fallback where enabled	May process outside the EU depending on service configuration	DPA/SCC or equivalent contractual safeguards
Apple	OAuth authentication	US	Platform DPF/SCCs
Google	OAuth authentication	US	Platform DPF/SCCs
Facebook	OAuth authentication	US	Platform DPF/SCCs
Sentry	Error monitoring	US	DPA/SCC or equivalent contractual safeguards
Proton Mail	Email hosting for support and privacy requests	Switzerland / EU-region infrastructure depending on service routing	Adequacy/SCC or equivalent contractual safeguards
Apple, Google, Expo	Push notification delivery where enabled	May process outside the EU depending on platform routing	Platform terms and contractual safeguards
Payment provider	Payment processing	Not enabled for this beta release	Not applicable until paid features launch

We configure providers to minimize retention and require appropriate contractual protections before production use. Provider retention, region, DPA, SCC/DPF, and transfer-impact status is tracked in our vendor register.

8.3 We do not sell your data

We do not sell, rent, or trade personal data to third parties for advertising or marketing.

9. International Data Transfers

We process and store core user data (database, audio, backups) in the European Union as our baseline for all users, regardless of your location.

Some service providers (OAuth, push notifications, email, error monitoring) may process limited data outside the EU under their own infrastructure. Where Praize initiates transfers via processors, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or rely on adequacy decisions.

10. How Long We Keep Data

Data type	Retention	Notes
Account data and content	Until you delete it or request account deletion	You control your data lifecycle
Audio files	Until you delete them or request account deletion	Deleted from storage within 24 hours of request
Deleted content in backups	Up to 30 days after deletion	Backups expire automatically; deletion re-applied after any restore
Security logs	7-30 days (detailed); up to 90 days (aggregated/pseudonymized)	IP addresses pseudonymized after 7 days
Moderation artifacts	`transcript_raw`: 24h (7d if flagged); flags: with content lifecycle	Raw transcripts are ephemeral
Payment records	7 years	Legal/tax requirement; anonymized on account deletion where possible
Security audit logs	Up to 1 year	Using pseudonymized identifiers

11. Your Rights

Depending on your location, you may have rights including:

Right	How to exercise	Response time
Access (Art. 15)	Settings > Privacy & Data > Export, or email us	Up to 30 days
Rectification (Art. 16)	Edit your profile or content directly in the app	Immediate
Erasure (Art. 17)	Settings > Privacy & Data > Delete Account	7-day grace period, then deletion + 30-day backup expiry
Restriction (Art. 18)	Withdraw consent > revert to viewer mode	Immediate
Portability (Art. 20)	Data export in machine-readable format (JSON/ZIP), including audio	Up to 30 days
Object (Art. 21)	Analytics opt-out in Settings; email us for other objections	Immediate for opt-outs
Withdraw consent	Settings > Privacy & Data	Immediate; does not affect prior lawful processing
Complain	Estonian Data Protection Inspectorate (https://www.aki.ee) or your local authority	N/A

Account deletion details

When you request account deletion: 1. 7-day grace period: You can cancel the deletion during this time 2. Day 7: Hard delete from live database; audio files deleted from storage within 24 hours 3. Day 37: Oldest backup containing your data expires (30-day backup retention)

Public content options at deletion:

Delete: Permanently remove all your content
Detach: Remove your account link from eligible public prayers, preserving them as pseudonymous community content

> Important: "Detach" removes your account link but is pseudonymization, not true anonymization. If your prayer text includes identifying information (your name, location, etc.), it may still be identifiable. We recommend reviewing and editing content before detaching.

12. Security

We use appropriate technical and organizational measures to protect personal data, including:

TLS encryption in transit for all connections
Encryption at rest for database and backup storage
JWT authentication with short-lived tokens (15 minutes)
Row-level authorization checks in the application layer
Password hashing (bcrypt with salt)
Rate limiting and abuse prevention
Request body logging disabled (prayer content never appears in logs)
Restricted access controls (least privilege)
Error monitoring with automatic PII scrubbing

13. Children

Praize is not intended for children under 16. We do not knowingly collect data from anyone under 16. If we learn a user is underage, we will delete the account and related data.

14. Cookies and Local Storage

The Praize mobile app uses:

Secure token storage (device keychain/keystore) for authentication tokens
Local database for offline caching of Scripture and public content

The Praize website (praize.faith) may use:

Local storage or session storage for theme and temporary interface preferences
No third-party tracking cookies

15. Changes to This Policy

We may update this policy. If changes are material (new processing purposes, new processors, changes to your rights), we will notify you via the app or email before the changes take effect.

16. Contact

Privacy questions or data requests: privacy@praize.faith
General support: support@praize.faith
Estonian Data Protection Inspectorate: https://www.aki.ee

Change Log

Date	Change	Why	Remaining blocker
2026-05-16	Removed public draft placeholders, set the release effective date, updated controller/contact details, and replaced unresolved vendor placeholders with current beta-release posture.	Makes the public policy suitable for TestFlight/App Store review links while preserving accurate external-state caveats.	Final legal review and store-console App Privacy confirmation remain required before production submission.
2026-04-28	Marked draft, replaced guest-account anonymity wording, added Article 6 + Article 9 pairings, corrected consent-withdrawal wording, and softened unverified processor retention/DPA claims.	Aligns public policy with GDPR design and vendor register.	Superseded by 2026-05-16 release update.

Document	Purpose
RoPA	Full register of processing activities (Art. 30)
DPIA	Data Protection Impact Assessment (Art. 35)
LIA: Security Logging	Legitimate interests assessment
LIA: Backups & DR	Legitimate interests assessment
LIA: Safety & Abuse Prevention	Legitimate interests assessment