Privacy Policy

Information We Collect

Account information (only if you sign in)

If you sign in with Apple or Google, Supabase (our authentication provider) stores the identifiers returned by the SSO provider: an opaque user ID, an email address (which may be a private "Hide My Email" relay address provided by Apple — we accept those and never ask for a real email), and any name the provider chooses to share. You can use the Services without signing in, in which case none of this is stored.

Non-sensitive engagement data

If you sign in, we store small aggregates to power streaks, favorites, devotional path progress, and premium subscription state. These are counts and flags — no free-text content, no demographic data.

Device-local content (never transmitted)

Journal entries, Lectio Divina reflections and response notes, and any personal text you write inside the app are stored only on your device (via the platform's local storage). They are not uploaded to our servers and we have no access to them. If you delete the app or your device, this content is gone.

Diagnostics

We use Sentry to collect crash reports. Our Sentry configuration strips request bodies, query strings, cookies, headers, user identifiers, and any value with a sensitive key (journal, prayer, content, body, text, email, name, etc.) before events are sent. IP addresses are not captured.

Analytics

We use Mixpanel to count aggregate events like "Meditation Started" or "Onboarding Completed". These events are not keyed to your user identifier, email, or name. Search queries are never included as event properties. Session replay and autocapture are disabled.

What We Do Not Collect

We do not collect: phone numbers, physical addresses, birth dates (beyond a 13+ confirmation), gender, denomination, marital status, employment info, financial info, health info, precise location, your contacts, photos, camera or microphone data. We do not request the iOS App Tracking Transparency permission because we run no cross-app tracking SDKs.

Subprocessors

We use the following vendors to operate the Services. None of them receive your journal, Lectio, or prayer content (which stays on your device).

• Supabase — authentication and the small server-side data footprint (profile, streaks, favorites, subscriptions).
• Apple / Google — sign-in identity providers and in-app purchase processors.
• RevenueCat — subscription state reconciliation.
• ElevenLabs — text-to-speech generation of pre-authored meditation scripts. We never send user-typed content to ElevenLabs.
• Sentry — crash and error reporting (scrubbed).
• Mixpanel — anonymous aggregate analytics.
• MailerLite — only for recipients of our opt-in "Daily Light" newsletter.
• Vercel — hosts the marketing site and server API routes.

Data Retention & Deletion

Device-local content is retained for as long as you keep the app installed. Server-side account data is retained while your account is active and is deleted immediately when you delete your account — residual copies may persist in our hosting provider's encrypted point-in-time backups for up to 7 days before aging out. You can delete your account from Settings › Privacy in the mobile app, or by emailing support@testimon.io.

Your Rights (GDPR, CCPA/CPRA, and Similar)

Depending on where you live, you may have the right to:

• Know what personal information we hold about you.
• Request a copy of that information (right of access / portability).
• Request correction or deletion of that information.
• Opt out of the sale or sharing of personal information — not applicable here, because we do neither.
• Limit the use and disclosure of sensitive personal information — also not applicable, because sensitive content (religious reflections) is stored only on your device.
• Lodge a complaint with a supervisory authority in your country of residence.

To exercise any of these rights, email privacy@testimon.io. We will respond within the timeframe required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

Privacy for Children

The Services are not directed to, and not intended for, individuals under the age of 13. The mobile app enforces a 13+ age confirmation during onboarding before any account is created. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with information, please contact privacy@testimon.io and we will delete it.

International Transfers

Our servers are located in the United States. If you access the Services from outside the United States, the limited account data we store will be transferred to and processed in the United States. We rely on our subprocessors' standard contractual clauses where required.

Do Not Track

We honor browser Do Not Track signals by not running any tracking that would be affected by them — we do not track you across other sites or apps.

Changes to This Policy

We will update this policy when our practices change. The "Last updated" date at the top will reflect the most recent revision.