Privacy Policy

The Service is operated by the team behind the JesusAI product. For data-protection purposes, the "data controller" is the legal entity or person responsible for the deployment you use (for example, the organization operating the production website).

Account and profile. If you register, we process your email address, password (stored using industry-standard hashing via our authentication provider), and profile details you choose to provide (such as display name or avatar). Guest accounts may use an anonymous identifier without a real email.

Conversations and scripture features. We store chat messages, conversation metadata, scripture bookmarks, journey progress, and related preferences needed to run the product.

Voice input.Where supported, voice input may use your browser's speech-recognition features (for example, the Web Speech API). In that case, audio or audio-derived data may be processed by your browser or device vendor under their policies. We typically receive and store the resulting text transcript you send as a message, not a long-term recording of raw audio, unless a feature explicitly states otherwise.

Safety and abuse prevention. If our systems detect certain crisis-related keywords, we may log limited metadata associated with that detection (for example, category and resources shown) so we can improve safety responses. This is not a substitute for emergency services.

Usage and reliability. We may process technical data such as IP address, device/browser type, approximate timestamps, and error logs. Chat requests may record model identifiers and token or cost estimates for reliability, billing, and internal analytics.

Cookies and local storage. We use cookies or local storage where needed for authentication state, session continuity, and preferences (including display settings such as dark mode).

• Provide, maintain, and improve the Service (including AI-generated replies and scripture tools).
• Authenticate you, protect accounts, and detect fraud or abuse.
• Send essential transactional emails (such as verification or password reset) when you use email sign-in.
• Comply with law and respond to lawful requests.

We share information with service providers who help us run the Service, including:

• Supabase (authentication and database hosting) — see https://supabase.com/privacy
• Hosting and infrastructure (for example Vercel) — see https://vercel.com/legal/privacy-policy
• AI model providers you configure for the deployment (for example OpenAI and/or Anthropic-compatible APIs such as Z.AI) — content needed to generate replies is sent to those providers under their terms and privacy notices.
• Public scripture APIs where used (for example bible-api.com for verse-of-day content) — typically limited to passage references and text retrieval.

We do not sell your personal information in the conventional sense of exchanging contact lists for money. We may disclose information if required by law, to protect rights and safety, or as part of a merger or acquisition with appropriate safeguards.

We keep information for as long as your account exists and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. When you delete your account where the product supports deletion, we work to remove or anonymize personal data subject to backup and technical constraints.

Depending on where you live, you may have rights to access, correct, delete, or export personal data, and to object to or restrict certain processing. The Service may offer in-product controls (such as profile editing, data export, or account deletion in Settings). You may also contact us using any support channel we publish.

Our providers may process data in the United States and other countries. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms.

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected such information, contact us so we can delete it.

We use administrative, technical, and organizational measures designed to protect personal data. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

We may update this Privacy Policy from time to time. We will adjust the "Last updated" date above and, where appropriate, provide additional notice through the Service or by email.

For privacy questions or requests, use any contact or support method we publish for your deployment. If you are in the European Economic Area or UK and we have appointed a representative or data protection contact, we will list it alongside those channels when available.