Biblical Compliance

Privacy Policy

Last updated: January 2026

1. Introduction

Biblical Compliance Systems ("we", "our", "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Biblical Compliance application.

2. Information We Collect

Account Information

When you create an account, we collect your email address, name, and authentication credentials. If you sign in with Google, we receive your name and email from Google.

Usage Data

We collect anonymized analytics events (page views, card interactions, feature usage) to improve the Service. These events do not contain personally identifiable information.

User-Created Content

Reflections, study notes, and progress data you create are stored in our database and associated with your account.

AI Interactions

When you use AI-powered features (Card Sage, study coaching), your prompts are sent to our AI provider (OpenAI) for processing. We do not store conversation history beyond the current session.

3. How We Use Your Information

  • To provide and maintain the Service
  • To authenticate your identity and manage your account
  • To track your study progress and personalise your experience
  • To improve the Service based on aggregated usage patterns
  • To communicate important updates about the Service

4. Data Sharing

We do not sell your personal information. We share data only with:

  • OpenAI — AI feature requests (prompts only, no account data)
  • Google — if you use Google Sign-In (OAuth tokens only)

5. Data Storage & Security

Your data is stored in encrypted databases. We implement industry-standard security measures including HTTPS encryption, secure authentication tokens, and API key hashing. Passwords are hashed using bcrypt and never stored in plain text.

6. Cookies & Local Storage

We use essential cookies for authentication and local storage for user preferences (theme, study progress). See our Cookie Policy for details.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your user-created content
  • Opt out of non-essential data collection

8. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, personal data is removed within 30 days. Anonymized analytics data may be retained indefinitely.

9. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a new effective date.

11. Contact

For privacy-related inquiries, please reach us through our Feedback page.