SoulCare Privacy Policy

    Effective Date: 4/15/26 | Last Updated: June 9, 2026

    SoulCare is a faith-based emotional wellness app built in partnership with Heartland Church. We take your privacy seriously, and we want you to understand exactly what information we collect, how we use it, and who can see it. This policy is written in plain language because we believe transparency honors both you and God.

    1. Information We Collect

    Account Information

    Native iOS and Android users create anonymous device accounts for launch. Web and admin users may use email/password or Google OAuth. Depending on how you access SoulCare, we collect:

    • Email address — used for authentication and account recovery for web/admin accounts, if you create or use one. Native mobile launch accounts do not require an email address.
    • Display name — shown within the app (optional)
    • Support ID — a short user-facing account locator shown in your profile so support staff can find the correct account when you report an issue
    • Church membership — if you choose to associate your account with a church
    • Timezone — used to calculate streaks and display dates correctly

    Soul Care Cycle Session Data

    When you complete a Soul Care Cycle (SCC) session, we store your responses to help you track your spiritual journey over time. This includes:

    • Story name and description — the situation you are processing
    • Emotions — the emotions you identified from our curated list
    • Body sensations — where you feel stress in your body (e.g., head, chest, stomach)
    • Fears — what you fear in your story
    • Needs — the wants or needs being frustrated, selected from our curated list
    • Past experiences — whether the situation feels familiar and any past experiences you describe
    • Lies — the lies fueling your fear, including the category (about God, self, others, or life)
    • Probable truth — your realistic assessment of the situation
    • God's Truth — the biblical truth you identify for your story
    • Idols — what or who you are looking toward other than God
    • Prayer — your composed prayer, including any AI-assisted prayer text
    • Actions and habits — the concrete steps you commit to taking
    • Ongoing commitment — how you plan to continue seeking God

    Quick Check-In Data

    When you complete a daily Quick Check-In, we store:

    • Sleep quality — how well you slept (fantastic, good, decent, poorly)
    • Energy level — how you feel today (energized, stable, struggling, exhausted)
    • Social plans — whether you plan to connect with people
    • Physical activity — whether you plan to be physically active
    • Devotional time — how many minutes you have or will spend with God

    AI-Generated Content

    When you use AI-powered features (prayer generation and scripture pathways), we store:

    • Generated prayer text — the AI-composed prayer based on your session
    • Scripture pathways — Bible verses, encouragement, and prayer focus generated for you
    • The AI model used and limited technical metadata about the request. For progressive scripture pathways, section records use minimal field-presence and field-length metadata rather than storing the full request text in those section records.

    Engagement and Streak Data

    We track your app engagement to calculate streaks and encourage consistent soul care:

    • Session completion dates
    • Check-in completion dates
    • Pathway views
    • Current streak count

    Analytics and Diagnostic Data

    We collect limited product analytics and diagnostic information so we can understand whether the app is working, fix errors, and improve the launch experience. This includes:

    • Product analytics events — for example app opened, onboarding started/completed, SCC started/saved, AI consent prompts, AI prayer/pathway requested or completed, fallback/error status, partner invitation actions, feedback submitted, admin page/auth events, and Edge Function completion/failure events
    • Event properties — screen or route pattern, result, error code, fallback reason, duration, coarse counts such as number of emotions/needs/habits selected, and privacy/AI/leadership-sharing toggle states
    • Crash and error diagnostics — error messages and stack traces after scrubbing, app version, device/browser/runtime context, screen/operation labels, status codes, and timeout flags
    • Pseudonymous identifiers — Support ID, internal account/device identifiers, anonymous analytics identifiers, diagnostic identifiers, and salted operational hashes where needed to group events or troubleshoot reliability

    We do not send your story descriptions, fears, lies, truths, idols, prayers, AI-generated prayer/pathway text, partner invite codes, feedback message text, or other SCC free-text responses to PostHog product analytics. Sentry diagnostics are configured to avoid sending default personal information and to scrub emails, tokens, request bodies, raw UUIDs, and sensitive field names. Support ID may be attached to analytics, diagnostic, and feedback records to help support staff find the correct account when troubleshooting.

    Accountability Partner Connections

    If you connect with an accountability partner, we store:

    • The partnership link between your accounts
    • Partnership status (pending, accepted, or revoked)
    • When the partnership was created, accepted, or revoked

    Privacy Preferences and Consent Records

    We store your privacy choices, including:

    • Whether you consent to storing session history
    • Whether you consent to sharing summary data with church leadership
    • Whether you have connected with an accountability partner; richer partner or small group session-summary sharing is not enabled at launch
    • Whether you consent to AI processing of your session data

    Every time you change a privacy setting, we record the change so that there is always a clear record of what you consented to and when.

    Device Information (Future)

    When push notifications are implemented, we will store:

    • Push notification token — a device-specific token used to send notifications
    • Device platform — iOS or Android

    We will not collect precise location data. We may process pseudonymous account, device, analytics, or diagnostic identifiers as described in the Analytics and Diagnostic Data section above, solely for app functionality, reliability, abuse prevention, and product-quality purposes.

    2. How We Use Your Information

    We use the information we collect to:

    • Provide the Soul Care Cycle experience — guiding you through the four-phase process of soul searching, identifying soul sources, finding soul satisfaction, and building soul strategy
    • Generate personalized prayers — using AI to compose prayer language based on your session responses
    • Generate scripture pathways — using AI to match Bible verses, encouragement, and prayer focus to your emotions, needs, and situation
    • Track your wellness journey — maintaining your session history so you can look back and see how God has been at work
    • Calculate and display streaks — encouraging consistent engagement with the soul care process
    • Support accountability partnerships — allowing trusted companions to see your display name and streak count at launch, with richer partner or small group sharing requiring a future privacy control (see Section 5)
    • Share summary data with church leadership — only if you explicitly opt in (see Section 4)
    • Improve reliability and product quality — using limited, pseudonymous analytics and diagnostics to understand which flows are working, diagnose errors, prevent abuse, and improve SoulCare
    • Provide support — using your Support ID, approximate timestamps, and limited diagnostic metadata to investigate problems you report without asking for private SCC text

    3. AI Processing

    This is an important section. Please read it carefully.

    What Happens

    SoulCare uses Google Gemini (provided by Google) to power two features:

    • Prayer Generation — When you reach the prayer step of a Soul Care Cycle session, your session responses (emotions, needs, fears, lies, truths, and idol) are sent to Google Gemini. Gemini composes a personalized prayer based on these responses.
    • Scripture Pathway Generation — After completing a session, your responses are sent to Google Gemini to generate matched Bible verses, a word of encouragement, and a prayer focus tailored to your situation.

    What Data is Sent to Google Gemini

    The following data from your session is sent to Google Gemini for processing:

    • Your selected emotions and needs
    • Your described fear
    • The lie you identified
    • The probable truth and God's Truth you wrote
    • The idol you named
    • Your story name (but not the full story description)

    Your email address, display name, and other account information are never sent to Google Gemini.

    How Google Gemini Handles Your Data

    Google Gemini processes your data per request to generate the prayer or pathway content. Per Google's current Gemini API data usage policies for paid API use, prompts and responses are not used to improve Google's products, though Google may keep limited logs for safety, security, abuse prevention, and required legal or regulatory disclosures. We will update this language promptly if Google changes those terms. We recommend reviewing Google's Gemini API Terms of Service for the most current information.

    Content Safety and Reporting

    AI-generated content can occasionally be inaccurate, off-topic, or inappropriate. You can report any AI-generated prayer or scripture pathway that you find problematic using the in-app reporting option on those screens. Reports are stored with your selected report category, optional message, screen, and limited technical metadata needed to locate the relevant generation. We do not store the generated prayer, scripture text, devotional titles, devotional references, or SCC answers in report metadata. Your reports help us refine our approach and provider choices over time.

    Your Choice

    AI processing requires your explicit consent. Google Gemini requires users to be 18 or older to enable AI-powered features, so enabling AI features is also your confirmation that you are 18 or older. You will be asked to consent before any data is sent to Google Gemini for the first time. You can:

    • Decline AI features and still use the full Soul Care Cycle — you simply will not receive AI-generated prayers or scripture pathways
    • Revoke consent at any time from your profile settings, which will stop all future AI processing
    • Continue using the app without AI features if you change your mind later

    Future Changes

    We may change AI providers in the future. If we do, we will update this policy and notify you before any change takes effect. You will always know which AI provider is processing your data.

    4. Data Sharing with Church Leadership

    SoulCare was built in partnership with Heartland Church, and one of its purposes is to help church leaders care for their congregation. However, your privacy comes first.

    How It Works

    • Sharing is entirely optional. You choose whether to share SCC/check-in summaries, review cues, alerts, and trends with church leadership.
    • You control this with a toggle in your privacy settings. You can turn it on or off at any time.
    • Consent can be revoked at any time. If you turn off sharing, leadership will no longer see your SCC/check-in summaries, review cues, alerts, or trends. Basic account and church membership information may still be visible to authorized leaders and admins for support, membership management, and account administration.

    What Church Leaders CAN See (if you opt in)

    • Story titles — the short label you give each SCC session
    • Selected emotions from each recent SCC session
    • Emotion frequency trends (e.g., "anxiety appeared in 4 recent sessions")
    • Recent Quick Check-In summaries (sleep, energy, social plans, activity, devotional time, and completion patterns)
    • Streak counts
    • General wellness trends over time

    What Church Leaders CANNOT See (ever)

    • Your story descriptions
    • Your specific prayers
    • Your fears, lies, truths, idols, or action plans
    • Your other free-text SCC responses besides the story title

    Leaders see story titles, selected emotions, check-in summaries, streaks, and general wellness trends — never the gritty details of your soul care journey. Story titles are visible to opted-in leadership, so avoid putting sensitive details in the title if you do not want leaders to see them. Your story descriptions, prayers, specific fears, lies, truths, idols, and action plans remain private to you. This boundary is enforced by our system, not just the user interface.

    Who Are "Church Leaders"?

    Authorized leadership roles include: Admins, Pastor, Associate pastors, and Counselors. These roles are managed by church administrators and are limited to leaders within your associated church.

    Small group and accountability leader visibility is separate from the launch church leadership dashboard. If those roles are enabled in the future, they will be governed by the partner/group sharing controls in Section 5, not by expanded access to the leadership dashboard.

    The Church Admin Dashboard

    Authorized leaders view congregation data through a separate, secure web dashboard (not the SoulCare mobile app). Access to this dashboard is:

    • Role-gated — only users assigned a leadership role by a church administrator can sign in
    • Consent-gated for soul-care content — a leader only sees session, check-in, and trend data from members who have explicitly opted in to leadership sharing
    • Limited for account administration — authorized leaders and admins may see basic account information such as name, email, role, and church membership status for support, membership management, and account-deletion operations
    • Content-limited by design — the dashboard surfaces story titles, selected emotions, trends, and summaries; our system enforces that story descriptions, prayers, and private session answers are never returned to the dashboard
    • Deletion-audited — staff-initiated account deletion operations are recorded for accountability

    Pastoral Use of the Dashboard

    The dashboard is designed to help church leaders stay aware of members of their congregation who might benefit from pastoral attention. Alongside broader trends, it may highlight specific opted-in members by name — for example, someone whose engagement has dropped off, who has reported recurring emotions across recent sessions, or whose check-ins suggest ongoing wellness concerns.

    SoulCare itself does not automate outreach: the app does not send messages to you on a leader's behalf, and it does not push notifications to leaders about you. A leader must actively open the dashboard to see anything, and any conversation that follows is a pastoral decision made by a human, not an automated action of the app.

    If you do not want your SCC/check-in summaries, review cues, alerts, or trends used this way, you can decline leadership sharing during onboarding or turn it off at any time from your privacy settings. Once disabled, those leadership-sharing surfaces will no longer appear in leadership dashboards. Basic account and church membership information may remain visible to authorized leaders and admins for support, membership management, and account administration.

    5. Data Sharing with Accountability Partners and Small Groups

    If you choose to connect with an accountability partner, SoulCare currently shares only basic partner identity and streak information so you can encourage one another. Small group sharing and richer partner session-summary sharing may be enabled in the future.

    How It Works

    • Sharing is entirely optional and separate from the leadership sharing decision in Section 4. Current launch sharing is created by mutual accountability partner invitation; richer partner or group session-summary sharing would require a future privacy control.
    • Consent can be revoked at any time. If you remove an accountability partner, they will no longer see your partner connection or streak information.

    What Your Accountability Partner CAN See at Launch

    • Your streak count — whether you have been consistently engaging with the soul care process
    • Your display name — so your partner can recognize you

    What Your Partner and Group Members CANNOT See at Launch

    • Story titles or story descriptions
    • Session emotions or needs
    • Recent SCC answers or check-in details
    • Your specific prayers
    • Your fears, lies, truths, idols, or action plans
    • Your free-text responses
    • Your Quick Check-In details

    Choosing Who You Share With

    Accountability partnerships are mutual and by invitation. You invite a specific person; they must accept. Either party can end the connection at any time. Once revoked, your former partner will no longer see any of your data.

    Small groups are a future/if-enabled church community feature. If enabled later, small group visibility will be governed by a future privacy control and policy update.

    You are responsible for choosing trusted partners and groups. SoulCare does not verify the identity or intentions of other members.

    6. Data Retention

    • Session data is retained as long as your account is active. Your session history is part of your ongoing spiritual journey, and we keep it available so you can revisit past sessions.
    • Quick Check-In data is retained as long as your account is active.
    • Engagement events (used for streak calculation) are retained as long as your account is active.
    • Consent changes are retained for the lifetime of your account to provide a record of your privacy choices. They are deleted when your account is deleted.
    • AI-generated content (prayers, pathways) is retained as long as your account is active.
    • Accountability partner links are retained until revoked by either party or until either account is deleted.
    • Small group memberships are retained while you are a member of the group and are removed when you leave the group or your account is deleted.
    • Analytics and diagnostic records are retained according to our internal retention settings and third-party provider retention policies. These records are used for reliability, security, and product improvement and may persist in limited operational systems after account deletion where necessary for security, legal, abuse-prevention, or diagnostic purposes.

    We do not sell, rent, or share your personal data with any third party for marketing purposes. Ever.

    7. Data Deletion

    You have the right to delete your data at any time.

    How to Delete Your Account

    You have two paths to delete your account:

    • In the app — open the Profile screen and tap Delete Account. This is the fastest option.
    • On the web — if you no longer have the app installed, visit https://soulcarecycle.com/delete-account and follow the instructions. If your SoulCare account has an email address, you may be asked to verify that email before deletion is processed. If your account was created anonymously on a device, we may need enough support information to locate the correct account, such as your display name, church, approximate sign-up date, and any support identifier shown in the app. Verified web-initiated deletions are typically completed within 7 days.

    Account deletion:

    • Removes all personal data, including: Your profile and display name, all Soul Care Cycle sessions and their contents, all Quick Check-Ins, all engagement events and streak history, all AI-generated prayers and scripture pathways, all privacy preferences and consent records, all accountability partner connections, all device tokens, and your church membership association.
    • Is permanent and cannot be undone. Once deleted, your data cannot be recovered.
    • Takes effect immediately (in-app deletions) or within 7 days (web-initiated deletions).

    If your account is the last pastor/admin account for a church, deletion may require a leadership transfer or support step first so the church is not left without an administrator.

    For security, legal, and abuse-prevention purposes, we may retain limited operational records after account deletion. These may include an internal deletion audit record, deletion-request correspondence or support tickets, security logs, backups, and limited service-provider traces under normal retention policies. The internal SoulCare deletion audit is restricted to operational identifiers such as the deleted account ID, church, staff actor, support request ID, reason category, status, and timestamps. It does not retain your display name, account email, session content, check-ins, prayers, pathway content, partner links, or device tokens.

    If you want to delete your account, please be certain. We cannot restore your data after deletion.

    8. Data Security

    We take reasonable and appropriate technical and organizational measures to protect your personal data. These include:

    • Encryption in transit. All data transmitted between your device and our servers is encrypted using industry-standard transport-layer security.
    • Encryption at rest. Data stored in our database is encrypted on-disk so that database backups and storage snapshots are not readable without provider-managed decryption keys.
    • Access controls. Each account can only access its own data. Church leadership access to summary data is further restricted by role-based permissions and your explicit consent.
    • Authentication. We use industry-standard authentication protocols and do not store your password directly.
    • Audit logging. Changes to your privacy and consent preferences are recorded in a tamper-evident log.

    No system is 100% secure, but we design with data protection as a priority and review our practices regularly.

    Data Breach Notification

    If we experience a data breach that is likely to affect your personal information, we will:

    • Notify affected users without undue delay, and in any event within 72 hours of confirming the breach when feasible. If your account has an email address, we may notify you by email; otherwise, we may use in-app notice, website notice, church communication channels, or other appropriate contact methods.
    • Describe what happened, what information was involved, and what steps we have taken in response
    • Provide guidance on steps you can take to protect yourself
    • Notify applicable regulators and authorities where required by law

    9. Children's Privacy

    SoulCare is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use SoulCare.

    If you are a parent or guardian and believe your child under 13 has provided personal information to SoulCare, please contact us at the address below and we will promptly delete that information.

    10. Your Rights

    Depending on where you live, you may have additional rights regarding your personal data, including:

    • Access — You can view all of your data within the app at any time (session history, check-ins, profile information).
    • Correction — You can edit your profile information and session responses.
    • Deletion — You can delete your account and all associated data (see Section 7).
    • Consent withdrawal — You can revoke AI processing and leadership sharing consent from your profile settings. You can remove accountability partner connections at any time. Richer partner/group sharing is not enabled at launch and would require a future privacy control.
    • Data portability — If you need a copy of your data, please contact us at the address below.

    11. Contact Information

    If you have questions about this Privacy Policy, your data, or your rights, please contact us:

    Email: info@soulcarecycle.com

    Nathan Joyce
    4777 Alben Barkley Dr
    Paducah, KY 42001

    We will respond to privacy-related inquiries within 30 days.

    12. Changes to This Policy

    We may update this Privacy Policy from time to time to reflect changes in the app, our practices, or legal requirements.

    • Material changes (such as new data collection, new third-party providers, or changes to data sharing) will be communicated to you through the app before they take effect.
    • Minor changes (such as clarifications or formatting updates) may be made without notice.
    • The "Last Updated" date at the top of this policy will always reflect the most recent revision.

    We encourage you to review this policy periodically. Your continued use of SoulCare after changes are posted constitutes your acceptance of the revised policy.

    13. Third-Party Services

    SoulCare relies on the following third-party services to operate:

    ServiceProviderPurpose
    Authentication and DatabaseSupabaseUser accounts and data storage
    AI ProcessingGoogle Gemini (by Google)Prayer generation and scripture pathway generation
    App DistributionExpo / EASApp builds and over-the-air updates
    Product AnalyticsPostHogLimited explicit-event analytics for product usage and reliability
    Crash Reporting and DiagnosticsSentryAutomated error reporting and performance diagnostics
    Push NotificationsExpo Push (planned)Delivering push notifications to your device

    About Product Analytics (PostHog)

    SoulCare uses PostHog for limited explicit-event analytics. We use it to understand app reliability and flow completion, such as whether onboarding completes, whether SCC sessions save, whether AI features complete or fall back, and whether key support/reporting actions are working.

    We configure PostHog without autocapture, session replay, advertising tracking, or person profiles. We do not use PostHog to sell ads or track you across other apps or websites. The events sent to PostHog are allowlisted and are designed not to include your email, display name, raw SCC responses, prayers, AI-generated content, partner invite codes, or feedback message text.

    About Diagnostic Data (Sentry)

    When the app encounters an error or crash, we collect diagnostic information through Sentry to help us identify and fix problems. This data includes:

    • The technical details of the error after scrubbing (what went wrong, where in the code)
    • Device information (operating system, app version, device model)
    • Non-identifying usage context (which screen you were on, what action was in progress)

    We minimize the data we send to Sentry and configure scrubbers to remove emails, names, tokens, request bodies, session content, and other sensitive fields where possible. Diagnostic data is retained by Sentry for a limited period and is used solely to improve app reliability.

    Each of these providers has their own privacy policy governing how they handle data. We encourage you to review their policies:

    14. California Residents

    If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

    • Right to Know — You can request details about the personal information we collect and how we use it.
    • Right to Delete — You can request deletion of your personal information (see Section 7).
    • Right to Opt-Out of Sale — We do not sell your personal information. We have never sold personal information and have no plans to do so.
    • Non-Discrimination — We will not discriminate against you for exercising your privacy rights.

    To exercise these rights, contact us at info@soulcarecycle.com.

    15. International Users

    SoulCare is operated from the United States and is primarily intended for users in the United States. If you access SoulCare from outside the United States, your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.

    If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) or equivalent local law, including:

    • Legal basis for processing — We process your personal data on the basis of your consent (for AI processing and leadership sharing), your mutual partner invitation/removal choices (for accountability partner connections), and performance of a contract (to provide the core features of the app). Richer partner/group sharing is not enabled at launch and would require a future privacy control.
    • Access, rectification, erasure, portability, and objection — See Section 10.
    • Right to lodge a complaint with your local supervisory authority.
    • International transfers — By using the app, you consent to the transfer of your information to the United States. We do not currently rely on the EU-US Data Privacy Framework; if we do in the future, we will update this policy.

    To exercise these rights, contact us at info@soulcarecycle.com.


    SoulCare is a product of the Soul Care Cycle methodology, developed in partnership with Heartland Church. This app is not a medical device and does not diagnose, treat, cure, or prevent any medical or mental health condition. If you are in crisis, please contact the 988 Suicide and Crisis Lifeline by calling or texting 988, or contact your local emergency services.