1. Introduction

Streams of Grace ("the App"), operated by TPC Ministries ("we," "us," or "our"), is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your data.

2. Information We Collect

Account Information

When you create an account, we collect your email address and, optionally, your display name. If you sign in with Google, we receive your name and email from Google.

Usage Data

We track which devotionals you read, your streak data, stillness practice sessions, and general app usage to personalize your experience and improve the service.

User-Created Content

Journal entries, prayer requests, reflections, and conversations with Grace AI are stored to provide the service. This content is private to your account.

Payment Information

Payments are processed by Stripe. We do not store your credit card numbers. Stripe's privacy policy governs their handling of payment data.

Email Subscribers

If you subscribe to our daily devotional emails, we collect your email address and optionally your name. This data is stored separately from app accounts.

3. How We Use Your Information

To provide and personalize the devotional experience
To send daily devotional emails (if subscribed)
To process payments and manage subscriptions
To power Grace AI conversations with relevant context
To track your spiritual growth journey (streaks, practices completed)
To send transactional emails (password resets, account notifications)
To improve the App through aggregated, anonymized analytics

4. AI and Your Data

Grace AI uses your conversation history and devotional context to provide personalized responses. Your conversations may be summarized and stored to improve future interactions. We use OpenAI to process AI requests — your messages are sent to OpenAI's API subject to their data usage policies. We do not use your conversations to train AI models.

5. Data Storage and Security

Your data is stored in Supabase (PostgreSQL) with row-level security policies. All data is encrypted in transit (TLS) and at rest. We use Supabase Auth for secure authentication with industry-standard practices.

6. Data Sharing

We do not sell your personal data. We share data only with:

Supabase — Database and authentication hosting
Stripe — Payment processing
OpenAI — AI conversation processing
Resend — Transactional and devotional email delivery
ElevenLabs — Text-to-speech audio generation
Vercel — Application hosting

Each provider processes data according to their own privacy policies and our data processing agreements.

7. Your Rights

You have the right to:

Access — Export all your data from Settings
Correct — Update your profile information at any time
Delete — Permanently delete your account and all associated data
Unsubscribe — Opt out of devotional emails via any email footer link
Portability — Download your data in a standard format

8. Cookies and Local Storage

We use essential cookies for authentication sessions. We use browser localStorage for offline PWA functionality, draft persistence, and user preferences. We do not use third-party tracking cookies or advertising pixels.

9. Children's Privacy

The App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. Data Retention

We retain your data for as long as your account is active. Upon account deletion, all personal data is permanently removed within 30 days. Anonymized, aggregated analytics data may be retained indefinitely.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via the App or email. The "Last updated" date at the top reflects the most recent revision.

12. Contact

For privacy-related questions or data requests, contact us at privacy@streamsofgrace.app.

Privacy Policy