Privacy Policy

1. Introduction

At Serora, we are committed to protecting your privacy and handling your personal information with care and respect. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, website, and related services (collectively, the "Services").

We understand the sensitive and personal nature of spiritual content, and we take our responsibility to protect your data seriously. This policy describes our practices in clear, understandable language.

By using Serora, you consent to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not use our Services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect information through our authentication provider, Clerk, including:

• Email address
• Name (if provided)
• Authentication method (email, Google, Apple, etc.)
• Account creation and last login dates

2.2 Profile Data

You may choose to provide additional profile information, including:

• Spiritual goals and preferences
• Preferred Bible version
• Reading preferences and settings
• Notification preferences
• Time zone and language settings

2.3 User Content

We collect and store content you create within the app, including:

• Journal entries and reflections
• Prayer requests and prayer notes
• Bible highlights, notes, and bookmarks
• AI spiritual guide conversations and chat history
• Reading progress and completed lessons
• Community interactions (prayer seed garden contributions)

2.4 Usage Data

We automatically collect certain information about your use of the Services:

• Reading progress and activity logs
• Achievement and milestone data
• Feature usage statistics
• Session duration and frequency
• In-app navigation patterns

2.5 Device Information

We collect technical information about your device:

• Device type and model
• Operating system and version
• App version
• Device identifiers (for authentication and sync)
• IP address (for security and analytics)

2.6 Analytics

We collect aggregated, anonymized analytics data to understand how users interact with the Services and to improve app performance and features. This data cannot be used to identify individual users.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Provide and Improve Services

• Deliver core app functionality (Bible reading, journaling, prayer tracking)
• Sync your data across multiple devices in real-time using Convex
• Personalize your experience based on preferences and usage patterns
• Improve app features, performance, and user experience
• Develop new features and services

3.2 AI Spiritual Guide

• Process your questions and provide personalized spiritual guidance
• Maintain conversation history and context for improved responses
• Store long-term memory to offer more personalized support over time
• Send your messages to OpenAI for processing (see Third-Party Services section)

3.3 Notifications and Communication

• Send prayer reminders and reading notifications (if enabled)
• Notify you about new features, updates, and spiritual content
• Respond to your support requests and feedback
• Send important account and service-related messages

3.4 Subscription Management

• Process payments and manage subscriptions via RevenueCat
• Provide access to premium features
• Handle billing inquiries and subscription changes
• Send subscription-related notifications

3.5 Security and Safety

• Protect against fraud, abuse, and unauthorized access
• Enforce our Terms of Service
• Comply with legal obligations
• Resolve disputes and troubleshoot problems

4. Data Storage & Security

4.1 How We Store Your Data

Your data is stored using multiple secure systems:

• Convex Backend: Real-time database for app data, user content, and sync functionality
• Clerk: Authentication data and user identity management
• Local Device Storage: Cached data stored on your device using AsyncStorage and SecureStore for offline access
• RevenueCat: Subscription and payment information

4.2 Security Measures

We implement industry-standard security measures to protect your data:

• Encryption in transit (HTTPS/TLS) for all data transmission
• Encryption at rest for sensitive data stored in our databases
• Secure authentication using OAuth tokens and secure sessions
• Regular security audits and updates
• Access controls limiting employee access to user data
• Secure credential storage on device using SecureStore

4.3 Data Retention

We retain your data as follows:

• Account data: Retained while your account is active
• User content: Retained until you delete it or close your account
• Analytics data: Aggregated anonymously and retained indefinitely for analysis
• Deleted data: Permanently removed from active systems within 30 days of deletion
• Backup data: May be retained in backups for up to 90 days

5. Third-Party Services

We use trusted third-party services to provide and improve our Services. These providers have access to certain information as necessary to perform their functions:

5.1 Clerk (Authentication)

Purpose: User authentication and identity management
Data Shared: Email, name, authentication tokens
Privacy Policy: https://clerk.com/privacy

5.2 Convex (Backend Database)

Purpose: Real-time data storage and synchronization
Data Shared: User content, profile data, app usage data
Privacy Policy: https://convex.dev/privacy

5.3 RevenueCat (Payments)

Purpose: Subscription and payment processing
Data Shared: User ID, subscription status, purchase data
Privacy Policy: https://www.revenuecat.com/privacy

5.4 OpenAI (AI Processing)

Purpose: AI spiritual guide functionality
Data Shared: Your questions, chat history, and conversation context
Privacy Policy: https://openai.com/privacy
Important Note: OpenAI may use data for model improvement unless you opt out. We implement measures to minimize data sharing where possible.

5.5 App Stores

When you download the app from Apple App Store or Google Play Store, those platforms may collect data according to their own privacy policies. Payments processed through app stores are subject to their payment policies.

6. Your Rights & Choices

6.1 Access and Update Your Data

You can access and update most of your information directly through the app settings. This includes your profile, preferences, and all user-generated content.

6.2 Export Your Data

You can export your data (journal entries, prayers, Bible notes) using the data backup feature in the app. This allows you to download a copy of your content for your records.

6.3 Delete Your Data

You can delete specific content (journal entries, prayers, notes) at any time within the app. Deleted content is permanently removed from our systems within 30 days.

6.4 Delete Your Account

You can permanently delete your account through the app settings. This will delete all your data, including account information, user content, and preferences. Account deletion is irreversible.

6.5 Control Notifications

You can control notification preferences in the app settings. You can opt out of promotional notifications while still receiving important account and service updates.

6.6 AI Memory Control

You can manage AI spiritual guide memory settings and delete your AI conversation history at any time through the app.

7. Children's Privacy

Serora is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are under 13, please do not use the Services or provide any information to us.

Users between 13 and 18 must have parental or guardian permission to use the Services. Parents and guardians are responsible for monitoring and supervising their children's use of the app.

If we learn that we have collected personal information from a child under 13 without proper parental consent, we will delete that information as quickly as possible. If you believe we have collected information from a child under 13, please contact us immediately.

8. International Users

Serora is available to users worldwide. Your information may be transferred to, stored, and processed in countries other than your own. These countries may have data protection laws that differ from your country's laws.

By using our Services, you consent to the transfer of your information to our servers and third-party service providers, wherever they may be located. We take steps to ensure your data is treated securely and in accordance with this Privacy Policy, regardless of location.

If you are located in the European Economic Area (EEA), you may have additional rights under the General Data Protection Regulation (GDPR), including the right to access, correct, delete, and port your data, as well as the right to object to certain processing activities.

9. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy in the app
• Updating the "Last Updated" date at the top of this policy
• Sending you a notification (for significant changes)

Your continued use of the Services after changes become effective constitutes your acceptance of the revised Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

10. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiries and requests as promptly as possible, typically within 30 days.