PRIVACY POLICY

Verseflow
Developer: NinetyFive AI, LLC
Last Updated: November 20, 2025
Effective Date: November 20, 2025

Overview

Verseflow is committed to protecting your privacy and ensuring a safe, secure spiritual experience. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the VerseFlow mobile application ("App").

By using Verseflow, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the App.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account or use Verseflow, we collect:

  • Account Information: Email address for authentication purposes

  • Profile Information: Name, age range, and spiritual interests you choose to provide during onboarding

  • User Preferences: Theme selections, intention choices, and customization settings

  • Usage Data: Journey completions, streak tracking, session history, and milestone achievements

  • User-Generated Content: Notes, bookmarks, and labels you create for Bible verses (stored locally and optionally synced to your account)

1.2 Information Collected Automatically

When you use the App, we automatically collect:

  • Device Information: Device type, operating system version, unique device identifiers

  • Usage Analytics: Anonymous app usage patterns, feature interactions, crash reports, and performance data (via TelemetryDeck - see Section 4)

  • Authentication Tokens: Secure session tokens for account access and data synchronization

1.3 Information We Do NOT Collect

We do NOT collect:

  • Payment card information (handled directly by Apple - see Section 6)

  • Precise geolocation data

  • Contact lists or phone numbers

  • Photos or camera access

  • Microphone or audio recordings

  • Health or fitness data (our app does not integrate with HealthKit)

2. How We Use Your Information

We use the information we collect to:

2.1 Provide Core Services

  • Authenticate your account and secure your data

  • Deliver personalized daily verses, prayers, and spiritual content

  • Maintain your streak tracking and journey progress

  • Sync your preferences and data across devices

  • Remember your theme selections and intention choices

2.2 Improve User Experience

  • Analyze app performance and identify technical issues

  • Understand feature usage through anonymous analytics

  • Optimize content delivery and app functionality

  • Develop new features based on usage patterns

2.3 Communicate With You

  • Send important account notifications

  • Provide customer support responses

  • Share important updates about the App (only when necessary)

2.4 Ensure Security and Compliance

  • Prevent fraud, abuse, and unauthorized access

  • Enforce our Terms of Service

  • Comply with legal obligations

3. Legal Basis for Processing (GDPR Compliance)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

  • Contractual Necessity: To provide the services you've requested when using the App

  • Legitimate Interests: To improve our services, ensure security, and optimize user experience

  • Legal Obligations: To comply with applicable laws and regulations

  • Consent: Where required by law, such as for marketing communications (which we currently do not send)

4. Third-Party Services and Data Sharing

We use the following trusted third-party services to operate VerseFlow. Each service has access only to the specific data necessary for its function:

4.1 Supabase (User Authentication & Data Storage)

  • Purpose: Secure user authentication, account management, and cloud data storage

  • Data Shared: Email address, user ID, profile information, preferences, streak data, session history

  • Data Protection: Industry-standard encryption in transit (HTTPS) and at rest

  • Privacy Policy: https://supabase.com/privacy

  • Location: Data stored on servers located in the United States

  • Data Processing Agreement: Supabase is GDPR and SOC 2 Type II compliant

4.2 Airtable (Content Delivery)

  • Purpose: Delivery of daily Bible verses, prayers, and spiritual content

  • Data Shared: No personal user data is shared with Airtable. Only anonymous content requests are made.

  • Privacy Policy: https://www.airtable.com/privacy

4.3 TelemetryDeck (Privacy-Focused Analytics)

  • Purpose: Anonymous usage analytics to improve app performance

  • Data Shared: Device type, OS version, app version, feature usage patterns (all anonymized)

  • NO Personal Data: TelemetryDeck does NOT receive your email, name, or any personally identifiable information

  • Privacy Policy: https://telemetrydeck.com/privacy

  • Key Feature: TelemetryDeck is specifically designed for privacy - it cannot track individual users

4.4 Apple App Store & StoreKit (Payment Processing)

  • Purpose: Processing subscription purchases and managing billing

  • Data Shared: Apple processes all payment information directly. We receive only:

    • Confirmation that a subscription is active

    • Subscription status (active, expired, cancelled)

    • Purchase receipt validation tokens

  • We NEVER See: Credit card numbers, billing addresses, or payment details

  • Privacy Policy: https://www.apple.com/legal/privacy/

4.5 Important Disclosure About Third-Party AI

We do NOT share your personal data with any third-party artificial intelligence services or AI training systems. Your spiritual journey data, notes, preferences, and personal information are not used to train AI models outside of our core service functionality.

If this policy changes in the future, we will:

  1. Update this Privacy Policy with specific details

  2. Notify you prominently in the App

  3. Obtain your explicit consent before sharing any data with third-party AI services

5. Data Security

We take the security of your personal information seriously and implement industry-standard measures:

5.1 Technical Safeguards

  • Encryption in Transit: All data transmitted between your device and our servers uses HTTPS/TLS encryption

  • Encryption at Rest: Personal data stored in Supabase is encrypted using AES-256 encryption

  • Secure Authentication: Industry-standard OAuth 2.0 and JWT token-based authentication

  • Regular Security Audits: Our infrastructure partners (Supabase) undergo regular security audits and maintain SOC 2 Type II compliance

5.2 Access Controls

  • Strict access controls limit who can view your personal data

  • Multi-factor authentication required for administrative access

  • Regular security training for our team members

5.3 Data Breach Protocol

In the unlikely event of a data breach that affects your personal information, we will:

  • Notify you within 72 hours (as required by GDPR)

  • Provide details about what data was affected

  • Explain steps we're taking to remedy the situation

  • Offer guidance on protecting yourself

6. Subscription and Payment Information

6.1 Apple Processes All Payments

All subscription purchases in VerseFlow are processed directly by Apple through the App Store. This means:

  • Apple Handles Billing: Your credit card, Apple Pay, or other payment information is processed exclusively by Apple

  • We Don't Store Payment Info: VerseFlow never sees, stores, or processes your payment details

  • Apple's Terms Apply: All payment-related matters are governed by Apple's Media Services Terms and Conditions

  • Refund Requests: Must be submitted through Apple (we can guide you on how to do this)

6.2 Subscription Data We Store

We only store the following subscription-related information:

  • Whether your subscription is currently active

  • Subscription start and expiration dates

  • Subscription type (monthly or annual)

  • Purchase receipt tokens (for verification only)

6.3 Managing Your Subscription

To view, modify, or cancel your subscription:

  1. Open the Settings app on your iPhone

  2. Tap your name at the top

  3. Tap Subscriptions

  4. Select VerseFlow

  5. Follow Apple's instructions to manage or cancel

For subscription support, contact Apple Support or email us at support@1995ai.com

7. Children's Privacy (COPPA Compliance)

VerseFlow is designed for users aged 13 and older. We do not knowingly collect personal information from children under 13 years of age.

7.1 Age Verification

During onboarding, users are asked to provide their age range. If a user indicates they are under 13, they will not be permitted to create an account.

7.2 Parent Notice

If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately at support@1995ai.com, and we will delete that information within 30 days.

7.3 Parental Rights Under COPPA

Parents have the right to:

  • Review personal information collected from their child

  • Request deletion of their child's personal information

  • Refuse further collection of their child's personal information

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

8.1 Rights for All Users

  • Access: View what personal data we have about you

  • Correction: Update inaccurate or incomplete personal information

  • Deletion: Request deletion of your account and associated data

  • Data Portability: Receive a copy of your data in a portable format

  • Opt-Out: Decline optional data collection or marketing communications

8.2 Additional Rights (GDPR - EEA/UK/Switzerland)

If you're located in the EEA, UK, or Switzerland, you also have:

  • Right to Restriction: Limit how we process your data

  • Right to Object: Object to processing based on legitimate interests

  • Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

  • Right to Lodge a Complaint: File a complaint with your local data protection authority

8.3 Additional Rights (CCPA - California)

If you're a California resident, you have:

  • Right to Know: What personal information we collect, use, and share

  • Right to Delete: Request deletion of your personal information (subject to exceptions)

  • Right to Opt-Out: Opt-out of "sale" of personal information (Note: We do NOT sell personal information)

  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

8.4 How to Exercise Your Rights

To exercise any of these rights:

Within the App:

  • Go to Settings > Account > Privacy Settings

  • Access, update, or delete your personal information

By Email:

  • Contact us at support@1995ai.com with your request

  • Include "Privacy Request" in the subject line

  • Provide your account email and specify which rights you wish to exercise

Response Time: We will respond to your request within:

  • 30 days (standard requests)

  • 45 days maximum (complex requests requiring extension)

9. Data Retention

9.1 Active Accounts

We retain your personal data as long as your account remains active and for as long as necessary to provide services to you.

9.2 Account Deletion

When you delete your account:

  • Your personal data (email, name, preferences) is deleted within 30 days

  • Anonymous usage data (already stripped of identifiers) may be retained for analytics

  • Backup copies are deleted within 90 days from backup systems

  • Legal obligations may require us to retain certain data longer (e.g., transaction records for tax purposes)

9.3 Inactive Accounts

If your account has been inactive for 3 years, we may:

  • Send you an email notification asking if you want to keep your account

  • If no response within 90 days, delete your account and associated data

10. International Data Transfers

10.1 Data Location

Your personal data is primarily stored on servers located in the United States (via Supabase).

10.2 Transfers from EEA/UK/Switzerland

If you are accessing VerseFlow from the European Economic Area, United Kingdom, or Switzerland:

  • We rely on Standard Contractual Clauses (SCCs) approved by the European Commission

  • Our service providers (Supabase) implement appropriate safeguards as required by GDPR

  • Your data receives the same level of protection as it would in the EU

11. California Privacy Rights (CCPA)

11.1 Do Not Sell My Personal Information

We do NOT sell your personal information. We have not sold personal information in the past 12 months, and we do not have any plans to do so in the future.

11.2 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories:

  • Identifiers: Email address, user ID, device identifiers

  • Personal information: Name, age range

  • Usage data: App interactions, feature usage, session history

  • Preferences: Theme choices, intention selections

11.3 Categories of Third Parties

We share personal information only with:

  • Service providers: Supabase (data storage), TelemetryDeck (anonymous analytics)

  • Payment processor: Apple (subscription validation only)

11.4 Right to Know

You can request the following information:

  • Categories of personal information collected

  • Sources from which information was collected

  • Business purpose for collection

  • Categories of third parties with whom we share information

11.5 Exercising CCPA Rights

To exercise your CCPA rights, email support@1995ai.com with "CCPA Request" in the subject line.

We will verify your identity before responding to your request.

12. Cookie Policy and Tracking

12.1 No Web Cookies

VerseFlow is a native mobile application and does not use web cookies.

12.2 Device Identifiers

We use device-specific identifiers only for:

  • Authentication and session management

  • Anonymous analytics (via TelemetryDeck)

12.3 No Cross-App Tracking

VerseFlow does NOT track you across other apps or websites. We do not use Apple's IDFA (Identifier for Advertisers) or any similar cross-app tracking technologies.

12.4 No Advertising

VerseFlow does NOT display advertisements and does not share data with advertising networks.

13. Changes to This Privacy Policy

13.1 How We Update

We may update this Privacy Policy from time to time to reflect:

  • Changes in our data practices

  • New features or services

  • Legal or regulatory requirements

  • User feedback

13.2 How You'll Be Notified

When we make significant changes, we will:

  1. Update the "Last Updated" date at the top of this policy

  2. Notify you in the App via a prominent notice

  3. Send an email notification to your registered email address (for material changes)

  4. Require your acceptance if changes affect how we handle sensitive data

13.3 Your Continued Use

Your continued use of VerseFlow after changes become effective constitutes your acceptance of the updated Privacy Policy.

13.4 Material Changes Requiring Consent

We will obtain your explicit consent before making material changes to:

  • How we collect or use your personal information

  • Third parties with whom we share your data

  • Your privacy rights

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Developer: NinetyFive AI, LLC
App: Verseflow
Email: support@1995ai.com
Response Time: We aim to respond within 48 hours (business days)

Mailing Address:
NinetyFive AI, LLC
170109 Freshwater Ln, Cornelius, NC 28031

Data Protection Officer (for EU residents):
Email: support@1995ai.com

15. Additional Legal Information

15.1 Compliance

This Privacy Policy complies with:

  • General Data Protection Regulation (GDPR)

  • California Consumer Privacy Act (CCPA)

  • Children's Online Privacy Protection Act (COPPA)

  • Apple App Store Review Guidelines Section 5.1

  • Apple's App Tracking Transparency (ATT) Framework

15.2 Governing Law

This Privacy Policy is governed by the laws of the State of [Your State], United States, without regard to conflict of law principles.

15.3 Dispute Resolution

Any disputes arising from this Privacy Policy will be resolved through:

  1. Good-faith negotiation

  2. Mediation (if negotiation fails)

  3. Arbitration or court proceedings (as specified in our Terms of Service)

15.4 Severability

If any provision of this Privacy Policy is found to be unenforceable, the remaining provisions will remain in full effect.

16. Acknowledgment

By using VerseFlow, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

If you do not agree with this Privacy Policy, please discontinue use of the App immediately and contact us to delete your account.

Privacy Policy Version: 2.0
Last Updated: November 20, 2025
Effective Date: November 20, 2025

Privacy Policy URL: https://1995ai.com/verseflow/privacy
Public Accessibility: This policy is available within the App (Settings > Privacy Policy) and on our website.

Connect

© 2025. All rights reserved.

Privacy Policy
Terms and Conditions