Privacy Policy | Prayer Fragrance

Introduction

Welcome to Prayer Fragrance. We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our prayer platform.

By using Prayer Fragrance, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

Key Principles: - We collect only necessary information - We never sell your personal data - You have full control over your data - We comply with GDPR, CCPA, and applicable privacy laws

Information We Collect

Information You Provide

When you create an account or use our services, we collect:

Account Information: - Email address - Name (optional) - Profile photo (optional) - Prayer preferences and settings

Prayer Activity: - Prayer requests you create - Prayers you amen (like) - Prayer guides you download - Tags and categories you follow

User-Generated Content: - Text of prayer requests - Comments on prayer requests - Audio recordings (if you upload prayer audio)

Communications: - Messages sent through our contact form - Email correspondence with our support team

Information Collected Automatically

We automatically collect certain information when you use our platform:

Device Information: - Browser type and version - Operating system - Device type (mobile, tablet, desktop) - Screen resolution

Usage Data: - Pages visited - Time spent on pages - Features used - Click patterns

Technical Data: - IP address (anonymized) - Cookies and similar tracking technologies - Log data (timestamps, errors)

Information from Third Parties

We receive information from third-party services:

Authentication Provider (Clerk): - Email verification status - Login timestamps - OAuth provider data (if you sign in with Google/Apple)

Analytics Services: - Aggregated usage statistics - Performance metrics - Error reports (via Sentry)

How We Use Your Information

We use your information for the following purposes:

Service Delivery: - Provide and maintain our prayer platform - Create and manage your account - Process your prayer requests and interactions - Send prayer notifications and updates - Personalize your prayer experience

Communication: - Respond to your inquiries and support requests - Send important service updates and announcements - Notify you of new prayer content (with your consent)

Improvement and Analytics: - Analyze usage patterns to improve our platform - Monitor and improve platform performance - Fix bugs and technical issues - Develop new features based on user needs

Legal and Safety: - Comply with legal obligations - Enforce our Terms of Service - Protect against fraud and abuse - Maintain audit logs for security purposes

Marketing (with Consent): - Send newsletters about new features - Promote prayer resources and guides - Share community prayer stories

Note: You can opt out of marketing communications at any time through your account settings or email unsubscribe links.

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process your personal data based on the following legal grounds:

Consent: - Sending marketing emails - Using optional analytics cookies - Storing non-essential preferences

Contract Performance: - Creating and managing your account - Providing prayer platform services - Processing your prayer requests

Legitimate Interests: - Improving platform security - Analyzing usage to improve features - Detecting and preventing fraud

Legal Obligation: - Retaining audit logs for compliance - Responding to law enforcement requests - Complying with tax and financial regulations

You have the right to withdraw consent or object to processing based on legitimate interests at any time.

How We Share Your Information

We do not sell your personal information. We share your information only in the following limited circumstances:

Service Providers: We use trusted third-party service providers to operate our platform: - Authentication: Clerk (account management and authentication) - Database: Convex (prayer data storage) - File Storage: Cloudflare R2 (user-uploaded files) - Analytics: Google Analytics (anonymized usage data) - Error Tracking: Sentry (crash reports and error logs)

All service providers are contractually bound to protect your data and use it only for specified purposes.

Public Information: The following information is publicly visible on our platform: - Prayer requests you mark as "public" - Your public profile information (if you choose to make it public) - Comments on public prayer requests

Legal Requirements: We may disclose your information if required by law or legal process: - In response to court orders or subpoenas - To comply with government regulations - To protect our rights or property - To investigate fraud or security issues

Business Transfers: If Prayer Fragrance is acquired or merged with another organization, your information may be transferred to the new owner. We will notify you before your information is transferred and becomes subject to a different privacy policy.

With Your Consent: We may share your information for other purposes with your explicit consent.

Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this Privacy Policy.

Active Accounts: - User Data: Retained while your account is active - Prayer Activity: Retained indefinitely (can be deleted manually) - Analytics Data: Aggregated after 26 months

Deleted Accounts: When you delete your account: - Immediate Deletion: Account info, personal data, prayer activity - 30-Day Retention: Audit logs (for compliance and security) - Permanent Deletion: After 30 days, audit logs are automatically purged

Legal Holds: We may retain information longer if required by law or for legitimate legal purposes: - Ongoing litigation or investigations - Regulatory compliance requirements - Fraud prevention and security

You can request early deletion of audit logs by contacting privacy@prayerfragrance.com (subject to legal requirements).

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

All Users: - Right to Access: Request a copy of your personal data - Email privacy@prayerfragrance.com - Right to Rectification: Correct inaccurate personal data - Update in your account settings or contact support - Right to Deletion: Request deletion of your account and data - Use the Account Deletion page or contact support - Right to Object: Object to processing of your personal data - Email privacy@prayerfragrance.com

GDPR Rights (EEA, UK, Switzerland): - Right to Data Portability: Receive your data in a machine-readable format - Right to Restrict Processing: Limit how we use your data - Right to Lodge a Complaint: File a complaint with your data protection authority

CCPA Rights (California Residents): - Right to Know: What personal information we collect and how we use it - Right to Delete: Request deletion of personal information - Right to Opt-Out: Opt out of sale of personal information (we don't sell data) - Right to Non-Discrimination: We won't discriminate against you for exercising your rights

How to Exercise Your Rights: 1. Email: privacy@prayerfragrance.com 2. Account Settings: Manage preferences and data in-app 3. Delete Account: Visit /delete-account

We will respond to your request within: - GDPR: 30 days (extendable to 60 days for complex requests) - CCPA: 45 days (extendable to 90 days)

Verification Process: To protect your privacy, we may ask you to verify your identity before processing requests through email confirmation, account password verification, or additional security questions.

Data Security

We implement industry-standard security measures to protect your personal information:

Technical Measures: - Encryption in Transit: All data transmitted over HTTPS/TLS 1.3 - Encryption at Rest: Database and file storage encrypted with AES-256 - Access Controls: Role-based access to user data - Authentication: Secure authentication via Clerk (OAuth, MFA support)

Organizational Measures: - Employee Training: All staff trained on data protection - Principle of Least Privilege: Minimal access to personal data - Regular Audits: Security reviews and vulnerability scanning - Incident Response: Documented procedures for data breaches

Monitoring: - Error Tracking: Sentry monitors for security issues - Audit Logs: All data access and modifications logged - Automated Alerts: Real-time alerts for suspicious activity

Limitations: While we strive to protect your information, no system is 100% secure. You are responsible for: - Keeping your password confidential - Logging out of shared devices - Reporting suspected unauthorized access

If you believe your account has been compromised, contact us immediately at security@prayerfragrance.com.

Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience on our platform.

What Are Cookies? Cookies are small text files stored on your device by your browser. They help us remember your preferences and understand how you use our platform.

Types of Cookies We Use:

Essential Cookies (Required): - Purpose: Enable core platform functionality - Examples: Authentication, session management, security - Duration: Session or up to 30 days - Opt-Out: Not available (required for service)

Analytics Cookies (Optional): - Purpose: Understand how users interact with our platform - Examples: Google Analytics, usage statistics - Duration: Up to 26 months - Opt-Out: Available in cookie settings

Preference Cookies (Optional): - Purpose: Remember your settings and preferences - Examples: Theme preference, language, layout - Duration: Up to 1 year - Opt-Out: Available (will reset preferences)

Third-Party Cookies: We use cookies from Google Analytics (usage analytics), Clerk (authentication), and Sentry (error tracking). See their privacy policies for details.

Managing Cookies: You can control cookies through your cookie consent banner, account settings, or browser settings.

Do Not Track (DNT): We honor Do Not Track (DNT) browser signals. When DNT is enabled, we disable optional analytics and tracking cookies.

Children's Privacy

Prayer Fragrance is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13.

Age Restriction: By using our platform, you represent that you are at least 13 years old. If you are under 18, you must have parental or guardian consent to use our services.

Parental Controls: If you are a parent or guardian and believe your child under 13 has provided personal information to us, please contact us at privacy@prayerfragrance.com. We will promptly delete the information.

COPPA Compliance: We comply with the Children's Online Privacy Protection Act (COPPA) and do not: - Collect personal information from children under 13 - Display targeted advertising to children - Allow children to publicly post personal information

International Data Transfers

Prayer Fragrance operates globally, and your information may be transferred to and processed in countries other than your own.

Data Transfer Locations: Your data may be stored and processed in: - United States: Primary data center (Convex, Clerk) - European Union: Cloudflare R2 edge locations - Other Regions: CDN edge nodes for performance

Data Protection Safeguards: When transferring data internationally, we ensure adequate protection through: - Standard Contractual Clauses (SCCs): With all service providers - Adequacy Decisions: Transfer to countries with adequate data protection - Security Measures: Encryption in transit and at rest, contractual data protection obligations, regular compliance audits

Your Rights: If you are in the EEA, UK, or Switzerland, you have the right to object to international transfers, request information about transfer safeguards, or lodge a complaint with your supervisory authority.

Contact privacy@prayerfragrance.com for more information about international data transfers.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

How We Notify You: When we make significant changes, we will notify you by: 1. Email Notification: Sent to your registered email address 2. In-App Banner: Prominent notification when you log in 3. Updated Date: "Last Updated" date at the top of this page

Material Changes: For material changes that affect your rights, we will: - Provide at least 30 days' notice before the changes take effect - Give you the option to opt out of the new policy - Allow you to delete your account if you disagree

Minor Changes: For minor changes (e.g., clarifications, formatting), we will update the "Last Updated" date and post the revised policy on this page.

Your Acceptance: By continuing to use Prayer Fragrance after changes take effect, you accept the revised Privacy Policy. If you do not agree, please stop using our services and delete your account.

Version History: You can request previous versions of this Privacy Policy by emailing privacy@prayerfragrance.com.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries: Email: privacy@prayerfragrance.com Subject Line: Include "Privacy Request" for faster response Response Time: Within 5 business days

General Support: Email: support@prayerfragrance.com Purpose: Account issues, technical support, feature requests

European Representative (GDPR): For EU users: eu-privacy@prayerfragrance.com

California Representative (CCPA): For California privacy rights inquiries: ccpa@prayerfragrance.com

Supervisory Authorities: If you are in the EEA and wish to lodge a complaint, you can contact your local data protection authority.

---

Thank you for trusting Prayer Fragrance with your information. We are committed to protecting your privacy and providing a safe, secure prayer platform.