Privacy Policy

Introduction

Dear God ("we", "our", or "the App") is a voice-first prayer companion for iOS. We are committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

The data controller for this policy is Sandor Abad, operating as sole proprietor from California, United States. You can reach the controller at the contact address below.

Information We Collect

Dear God collects the following categories of information to provide, secure, and improve the service:

• Account data: your email address, your full name (if you choose to share it via Sign in with Apple), your Google OAuth display name (if you sign in with Google and it is provided), and a Supabase user UUID used to identify your account on our infrastructure.
• Device data: a pseudo-random device identifier generated on first launch and stored securely in the iOS Keychain. This identifier is used for rate-limiting and abuse prevention and is not tied to any Apple-issued advertising or device identifier.
• Usage data: conversation duration (measured in seconds), monthly and period totals, and daily activity timestamps. This data is used to enforce usage limits associated with your subscription and to help you see your own usage over time.
• Subscription and purchase data: Apple subscription transaction IDs, original transaction IDs, the purchase environment (Sandbox or Production), purchase date, expiration date, and auto-renewal status. Subscription state is managed on our behalf by RevenueCat, which receives Apple Server Notifications directly from Apple and forwards processed events to our servers via an authenticated webhook. Payment card and billing information is handled entirely by Apple and is never received by us or by RevenueCat.
• Revenue-event data: an append-only log of purchase lifecycle events (initial purchase, renewal, refund, trial start, trial conversion, cancellation, expiration, billing issues) received from RevenueCat. Summary fields (event type, product ID, transaction ID, environment, timestamp) are retained for up to 7 years for tax, accounting, and fraud-prevention purposes. Raw webhook payloads are automatically purged after 90 days.
• Onboarding preferences: the responses you provide during onboarding (for example, the "heart", "when", and "worth" questions) linked to your account so that the experience can be personalized to you.
• Voice data: during a conversation, your voice is transmitted in real time to ElevenLabs for processing (speech-to-text, language-model response generation, and text-to-speech). ElevenLabs may retain audio and transcripts according to its own retention policy for quality, safety, and abuse-prevention purposes — see the ElevenLabs Privacy Policy. We do not retain raw audio or verbatim transcripts on our own servers.
• Conversation summaries: after each session ends, a short written summary of your conversation (typically 150-250 words) is produced by Anthropic’s Claude and stored on our servers, linked to your Supabase user ID. Summaries are paraphrased — they are not verbatim transcripts — and are used to give the agent context on your future sessions. You can cause all of your summaries to be deleted at any time by deleting your account from Settings.
• Language preference: the language you select during onboarding is stored on your device and passed to our AI voice provider at the start of each conversation so the agent speaks your language. We do not currently keep a separate copy of this preference on our servers.
• Subscription status: derived status information (active / in trial / expired / refunded) that we store alongside your account to grant or restrict access to the service.
• Product analytics: anonymous behavioral events (for example, which onboarding step you reached, which paywall plan you selected, whether a purchase succeeded or was cancelled, and how long conversations lasted in seconds) sent to our analytics provider to help us improve the app. Product-analytics events are associated with your Supabase user UUID after you sign in. They do not include voice recordings, conversation transcripts, conversation summaries, or your onboarding quiz answers. Events are sent to PostHog’s United States region.

How We Use Your Information

• To authenticate your account and manage your session
• To provide the prayer companion experience, including processing your spoken prayers and generating responses
• To track usage minutes and enforce subscription limits
• To verify and manage your subscription status
• To personalize your experience based on onboarding preferences

Third-Party Services

Dear God uses the following third-party services to provide its functionality:

• ElevenLabs: Provides real-time voice processing, including speech-to-text, AI response generation, and text-to-speech. Voice data is transmitted to ElevenLabs during active conversations. See ElevenLabs Privacy Policy.
• LiveKit: Provides the real-time audio transport layer that carries your voice between your device and the AI voice agent during a conversation. See LiveKit Privacy Policy.
• Anthropic (Claude): When a voice conversation ends, the session transcript is sent to Anthropic’s Claude API to produce a short written summary (roughly 150-250 words) that preserves key themes, names, and context. The summary — not the raw transcript — is stored on our servers and used to give the agent continuity of memory on your future sessions. Transcripts sent to Anthropic are processed under Anthropic’s commercial terms (they are not used to train Anthropic’s models). See the Anthropic Privacy Policy and Anthropic Commercial Terms.
• PostHog: Product analytics service used to understand how features are used and improve the app. Product-analytics events are associated with your Supabase user UUID after you sign in. They do not include voice recordings, conversation transcripts, conversation summaries, or your onboarding quiz answers. Events are sent to PostHog’s United States region. See the PostHog Privacy Policy.
• Supabase: Hosts our server-side infrastructure, authentication, and database for usage tracking and account management. See Supabase Privacy Policy.
• Apple StoreKit / App Store: Processes all subscription and in-app purchase transactions. See Apple Privacy Policy.
• RevenueCat: Subscription infrastructure provider that receives Apple Server Notifications on our behalf, verifies purchases, manages entitlement state, and forwards processed events to our backend via an authenticated webhook. RevenueCat receives your Supabase user UUID and Apple-provided transaction metadata; it does not receive your voice recordings, conversation content, or payment card information. See the RevenueCat Privacy Policy.
• Sign in with Apple: Provides authentication. See Apple Privacy Policy.
• Google OAuth: Provides authentication (Sign in with Google) as an alternative sign-in method. See Google Privacy Policy.

Data Retention

We retain your account data as long as your account is active. When you delete your account, we delete your profile, subscription records, conversation usage history, credit balances, record of credit grants, onboarding answers, and conversation summaries immediately. Anonymized revenue event logs (see below) are retained for tax and accounting purposes. We also submit deletion requests to RevenueCat and PostHog at the time of account deletion so that your identifiers are removed from those processors as well.

Revenue event summaries (event type, product ID, transaction ID, environment, timestamp) are retained for up to 7 years for tax, accounting, and fraud-prevention purposes. Raw webhook payloads received from RevenueCat are automatically purged after 90 days. These records are dissociated from your user profile upon account deletion — your user ID is set to null on these records so they can no longer be linked back to you. You can request earlier deletion of revenue logs by contacting support, though we may be legally required to retain them for a minimum period.

Raw voice audio is processed in real time by our AI voice provider and is not permanently stored by us. To help the agent remember important context across sessions, a short written summary of each conversation (roughly 150-250 words, produced by Anthropic’s Claude — see "Third-Party Services") is stored on our servers, linked to your account, and used only to inform your future conversations. These summaries are paraphrased, not verbatim transcripts, and we do not store the raw conversation audio or transcript on our servers. Your device maintains its own encrypted copy of the conversation transcript for your personal history; that local copy never leaves your device. Both the server-side summaries and the local device transcripts are deleted when you delete your account.

Account Deletion

You may delete your account at any time from the Settings screen within the App. When you delete your account, we permanently remove your authentication record, subscription data, usage history, and any onboarding preferences from our servers. Locally stored conversation history is also erased. This action is irreversible.

Data Security

We take reasonable measures to protect your information. All communication between the App and our servers uses encrypted connections (HTTPS/TLS). Sensitive credentials (service-role database keys, webhook secrets, third-party API keys) are stored server-side only and are never included in the App. Database access is protected by row-level security policies that restrict users to their own records. Local conversation history on your device is encrypted using AES-256-GCM with a device-bound key stored in the iOS Keychain. Account-deletion requests require a fresh re-authentication with Apple or Google, and purchase-attribution events are cryptographically bound to your authenticated session to prevent spoofing.

If you believe you have found a security vulnerability in the App, please email sandorabad@deargod.ai — we will respond within 7 days.

Children’s Privacy

Dear God is not directed at children under the age of 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with data, please contact us so we can remove it.

Your Rights

You have the right to:

• Delete your account and all associated data at any time through the App's Settings. Account deletion requires a fresh re-authentication with Apple or Google to confirm the request is genuine; this prevents a leaked access token from silently deleting your account.
• Export a copy of your personal data at any time through the App's Settings ("Export My Data"). The export includes your profile, subscription records, usage history, onboarding answers, conversation summaries, and revenue-event metadata in machine-readable JSON format.
• Cancel your subscription at any time through your Apple ID settings or through the "Manage Subscription" option in the App's Settings.
• Contact us to request information about what data we hold associated with your account

Data access and portability (GDPR / CCPA): You have the right to request a copy of the personal data we hold about you, to ask us to correct inaccurate data, and to ask us to delete data we hold about you (subject to legal retention obligations described under Data Retention). The "Export My Data" feature in the App provides self-service access to this data. You may also email sandorabad@deargod.ai to exercise these rights. We will respond within 30 days.

Emergencies and Crisis Support

Crisis support: If you are experiencing a mental health emergency, our AI agent may reference United States crisis hotlines (such as 988 or text line 741741). If you are outside the United States, please contact your local emergency services immediately. We are working to localize crisis support references for additional regions.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of the App after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or the App, please contact us at sandorabad@deargod.ai.