Privacy Policy

At a glance

• We do not sell your personal information.
• We do not send Screen Time usage, app names, or app categories off your device. We store only the opaque selection tokens Apple’s Screen Time APIs require to apply your own shields.
• Microphone audio used for spoken prayers is processed only in-session; we do not keep the recordings.
• AI prompts are relayed through our secure API and stripped of Screen Time selections.
• Optional “accountability” texts are user-initiated, revocable, and contain no Screen Time data.
• You can request deletion of your account data at any time.

1. Who we are

• Controller: Disciple Mode (“we”, “us”).
• Email: hi@disciplemode.app
• Website: https://www.disciplemode.app/

If you are in the EEA/UK, we act as a controller under GDPR for the services we provide.

2. What this policy covers

This policy applies to the App, our website, and related services. It doesn’t cover services we don’t control (for example, external websites you visit from links in the App).

3. Information we collect

We collect only what we need to run the App, support you, and improve reliability.

3.1 Information you provide

• Sign in with Apple (optional): If you create an account or sync across devices, we may receive your name (if provided) and email (or Apple private relay email).
• Accountability partner phone number (optional): If you enable partner notifications, you may add a partner’s number so we can send the messages you ask us to send. Partners can opt out by texting STOP.
• Content you submit: Feedback, support requests, and prompts/questions you send in features like Chat with Scripture.

3.2 Information collected automatically

• Diagnostics & device info: Device model, OS version, App version, language/locale, installation/device ID, and crash/performance data—used to fix bugs and improve reliability.
• Purchase status: We receive purchase receipts/entitlement info from the App Store (and/or our purchase provider). We never receive your full payment card details.
• Telemetry: Limited analytics (e.g., which tabs are opened) via PostHog or a similar service so we can prioritize fixes. We do not collect precise GPS location or advertising IDs.
• Push tokens: Anonymous device tokens so we can send reminders or accountability notifications you opt into.

3.3 On-device only (Screen Time / Family Controls)

• You pick apps/categories using Apple’s system Family Activity Picker.
• We store only opaque selection tokens and your preference flags on device.
• We do not upload Screen Time usage, specific app names, or categories to our servers.
• Uninstalling the App or changing selections removes the restrictions and associated tokens.

We do not use MDM, VPN, or network-level filtering; we do not take screenshots or screen recordings.

3.4 Microphone & speech recognition

• When you enable spoken prayer unlocks, we access the microphone and Apple’s speech-recognition service to compare your prayer to the on-screen text.
• Audio is processed only for that session and is not retained on our servers. Short-lifetime transcripts may be cached locally to display confirmation and are discarded afterward.

3.5 AI features

• Prompts or questions you submit to AI features (e.g., Chat with Scripture) are transmitted via our Supabase Function to the model provider. We instruct providers to treat prompts as confidential service data.
• We automatically strip Screen Time selection tokens and other technical identifiers before forwarding prompts.
• We do not store AI chat history or conversation contexts on our servers. All conversation history is kept locally on your device and is automatically removed after 30 days.

4. How we use information

• Provide the App: Apply Screen Time shields you configure, manage plans and devotionals, operate speech/prayer unlocks, and honor your purchases.
• Support & communication: Send transactional messages (receipts, service notices), accountability notifications you enable, and respond to support tickets.
• Improve and protect: Debug crashes, measure performance, fight fraud/abuse, run product experiments, and secure the service.
• Legal compliance: Comply with laws and respond to lawful requests.

4.1 AI features (e.g., Chat with Scripture)

If you use AI features, your prompt and minimal context are sent to our model provider(s) to generate a response. We instruct providers to treat your inputs as confidential service data and not to use them to train general models. We do not send Screen Time selections or usage to AI providers. Avoid including sensitive personal information in prompts.

Chat history and conversation contexts are stored only on your device. We do not store or backup your AI conversations on our servers. Conversation history older than 30 days is automatically deleted from your device.

4.2 Accountability partner texts (optional)

If enabled, we may send short status messages such as “Goal started,” “Goal completed,” or “Goal missed.” These messages never include app lists, usage data, or Screen Time categories. Partners can opt out by texting STOP. Message & data rates may apply; message frequency varies.

5. Legal bases (EEA/UK)

• Contract: To provide the App and features you request.
• Consent: For optional features (e.g., partner SMS) and certain analytics/notifications.
• Legitimate interests: To secure and improve the App, prevent fraud, and support customers (balanced against your rights).
• Legal obligation: To comply with law and lawful requests.

6. Sharing & disclosure

We do not sell your personal information. We share data only with:

• Service providers (processors): Hosting/database (e.g., Supabase or equivalent), purchase management (e.g., RevenueCat/App Store Server), crash/performance analytics, push delivery (APNs), and AI model providers—bound by agreements to process data on our behalf.
• Legal/safety: To comply with law or protect rights, safety, and our services.
• Business transfers: If we merge, are acquired, or sell assets, we’ll notify you and honor this policy.

We do not share Screen Time usage, app names, or categories with any third party.

7. Retention

• Account data: Kept while your account is active. When you request deletion, we delete or anonymize within 30 days (subject to lawful holds).
• Partner phone numbers: Kept until you disable the feature or your partner opts out; then deleted from active systems within 30 days.
• Diagnostics/logs: Typically retained up to 90 days, unless needed longer for security/legal reasons.
• On-device Screen Time selections: Managed by iOS; removed when you change selections or uninstall.
• AI chat history: Stored only on your device. Conversations older than 30 days are automatically deleted. We do not store chat history on our servers.

8. Your choices & rights

• Access/Correction/Deletion/Portability/Restriction: Depending on your location, you may have these rights. Contact hi@disciplemode.app and we'll help. We may need to verify your identity. To request account deletion, email us at hi@disciplemode.app and we will process your request within 30 days.
• Push notifications: You can enable/disable reminders in the App or in iOS Settings > Notifications.
• Microphone & speech recognition: Manage permissions in iOS Settings > Privacy. Denying access disables voice-unlock features.
• Analytics: Toggle optional analytics in Settings > Privacy inside the App (where available) or email us to opt out.

California (CCPA/CPRA)

We do not sell or share personal information for cross-context behavioral advertising. You may request access, correction, or deletion. Where feasible, we honor Global Privacy Control signals.

EEA/UK

You may withdraw consent at any time (e.g., for partner SMS). You also have the right to lodge a complaint with your supervisory authority.

9. Security

We apply industry-standard safeguards—encryption in transit, least-privilege access, and ongoing monitoring. No method is 100% secure, but we continuously improve protections.

10. Children's privacy

The App is not directed to children under 13 (or the applicable age of digital consent in your region). We do not knowingly collect personal information from children under 13. If we learn we have collected information from a child under 13 without verifiable parental consent, we will delete it promptly.

11. International data transfers

We may process data in the United States and other countries. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) for cross-border transfers.

12. Third-party services we rely on (examples)

• Apple (App Store, APNs, Screen Time frameworks) — purchases, notifications, and on-device controls
• RevenueCat — in-app purchase & entitlement management
• Supabase — authentication, cloud database, and serverless functions
• PostHog (or similar) — analytics/telemetry for errors and aggregated usage
• AI model provider(s) — process prompts for AI features
• SMS providers — send accountability partner communications you request

Actual providers may change; material changes will be reflected here.

13. No third-party advertising or tracking SDKs

We do not include third-party ad networks or tracking SDKs. We don’t rent, trade, or sell your data.

14. Changes to this policy

We may update this policy from time to time. If changes are material, we’ll provide notice (e.g., in-app message or email). The Last updated date shows the latest revision.

15. Contact us

Disciple Mode Privacy Team
Email: hi@disciplemode.app

Appendix: Screen Time (Family Controls) specifics for App Store review

• We use FamilyControls to present Apple’s system picker so you select apps/categories to limit.
• We use ManagedSettings to apply shields according to your selections.
• We may use a DeviceActivity extension for short, on-device schedules.
• We do not upload Screen Time usage, app names, or categories to our servers or to any third party.
• Removing the App or changing your selections removes restrictions and the associated tokens.
• No ad-blocking, MDM, enterprise deployment, VPN, or network filtering are used.