Prayd

Privacy Policy

Effective May 2026

Who we are

Prayd ("we," "us," or "our") is a mobile application that enables Christians to share and intercede for one another's prayer requests. We are committed to protecting your privacy and handling your data with care. For privacy inquiries, contact hello.prayd@outlook.com.

Not for anyone under 18

Prayd is intended only for adults 18 and older. We do not knowingly collect personal information from anyone under 18, and will delete it if discovered.

Information you provide

Username and email (for login, recovery, and transactional email), your password (hashed with bcrypt — never stored in plaintext), the prayer requests and comments you post, and your 18+ age confirmation at signup.

Information collected automatically

Device push token (on notification opt-in), approximate location (city/region) and precise coordinates when you enable location — coordinates are stored server-side only and never shown publicly — plus IP address for security and rate limiting, and device/OS for compatibility.

What we do NOT collect

No payment information, no government ID, no contacts or address book, no photos or camera access, and no browsing history outside the app.

How we use your information

To provide the service (displaying prayers, processing "I Prayed", delivering comments), authenticate you, send notifications you opt into, compute the nearby feed, moderate content for safety, and meet legal obligations. We do not use your data for advertising and we do not sell it.

How we share

Publicly visible when you post: your username (or "Anonymous" if you choose), your content, your city/region (never your exact address), and the time. We share data only with service providers that operate the app — Supabase (database/auth), OpenAI (moderation), and Expo (push notification delivery) — each contractually bound to protect it. We may disclose information if required by law.

Your rights & choices

Opt out of push notifications, disable location, delete your posts, and post anonymously at any time. Registered users can access, correct, export, and permanently delete their account and data from Settings → Account. EU/UK (GDPR) and California (CCPA) residents have additional rights; we do not sell personal information.

Data security

Passwords are bcrypt-hashed, all traffic is encrypted with TLS, database access is governed by Row Level Security, precise coordinates are never returned to clients, and push tokens are stored separately from content.

Data retention

We retain data only as long as necessary. When you delete your account in the app, your account and all associated content are deleted immediately. Anonymized aggregates (e.g., total prayers given) may be retained.

Contact

Contact: hello.prayd@outlook.com