Privacy Policy

Effective date: April 23, 2026 · Version 1.1

This policy explains, in plain language, what data Áncora collects, why we need it, and who we share it with. If anything is unclear, email hello@ancoraapp.org and a real person will reply.

1. Who we are

Áncora is a mobile app for Spanish-first Christian devotionals, published by MEAS Partners, LLC, a limited liability company organized in the State of Delaware, United States.

• Data controller: MEAS Partners, LLC
• Privacy contact: hello@ancoraapp.org
• Website: https://ancoraapp.org
• DMCA designated agent and mailing address: MEAS Partners, LLC, 131 Continental Dr, Ste 305, Newark, DE 19713, United States
• Privacy officer (DPO equivalent): Edwin Urrutia, reachable at the same email

We are a small team. We have no offices or staff in Latin America or the European Union. We respond to any data request within 72 business hours.

2. What we collect

We only collect what the app needs to work.

When you create an account (required to save your progress):

• A Sign in with Apple identifier or, if you prefer not to sign in, a local anonymous guest identifier generated on your device. We do not collect passwords.
• Date of birth only to confirm you are at least 13. We do not retain the date after verification; we store only the fact that you passed the age gate.

While you use the app:

• Daily devotional. We record which devotionals you marked as read and your streak days (streak_events).
• Favorites. Verses and devotionals you favorite (favorites).
• Journal entries. Your private reflections (journal_entries). These are yours alone. Nobody on the Áncora team reads them.
• Pray for someone (personal). When you use the "Pray for someone" feature, we store the name and context you type (prayer_subjects). We send that text to Anthropic (maker of Claude) to generate a prayer, and we save the resulting prayer tied to your account.
• Community prayer requests (Phase 4). When you share a request via public link, we store the request body (up to 240 characters), its moderation status, a random share token, and a moderation record (prayer_moderation_log). We send the text to Anthropic (Claude Haiku) for automated moderation before publishing.
• Counts and events. When someone opens your share link or taps "I prayed for this," we log an event without identifying who prayed (only the fact and the time).
• Family plan. If you are the owner of a family plan, we record up to 4 accounts linked to your plan (family_owner_id).
• Subscription. For premium users we sync the entitlement status via RevenueCat (entitlement_active). We never see your card number; Apple handles that.
• Push token. If you opt into notifications, we store an Expo push_token to deliver daily devotionals or novena reminders.

Technical data (anonymous or pseudonymous):

• Product analytics. PostHog logs events such as "opened devotional," "completed 7-day streak," "tapped share." We do not send your name, email, or the text of your devotionals, prayers, or journal to PostHog.
• Error reporting. Sentry captures technical errors (e.g., when the app crashes). Sentry is configured not to include personal identifiers or user-generated content.

What we do NOT collect:

• We do not collect GPS location.
• We do not use facial recognition or biometrics.
• We do not read your contacts, photos, microphone, or calendar.
• We do not use IDFA or behavioral advertising.
• We do not integrate third-party ad networks.
• We never sell your data.

3. How we use your information

1. Make the app work. Authenticate you, show your devotional, streak, favorites, journal, prayer requests, and subscription.
2. Generate AI prayer content. We send the name and context you type to Anthropic so Claude can draft a personal prayer. The draft returns to you and is stored tied to your account.
3. Moderate community content. Every request you share publicly runs through Claude Haiku (Anthropic) to detect prohibited content. Ambiguous cases are reviewed manually within 24 hours.
4. Send push notifications that you have opted into: daily devotional, novena reminders, "someone prayed for your request."
5. Measure aggregate usage to improve the app. We use PostHog to see which screens work and which do not. Events are anonymous.
6. Diagnose crashes. Sentry tells us when something breaks.
7. Comply with law. We respond to valid legal process and notify you unless the law prohibits it.

We do not use your data for advertising, to sell profiles, or to train AI models. Content you send to Anthropic is governed by the Anthropic Commercial Terms: Anthropic does not train on it.

4. Who we share data with

We only work with vendors we need to operate. Each vendor sees only the data required for its function:

• Supabase (Supabase Inc., US) — Your full account and content (profile, prayers, journal, favorites, streak). Database hosting and auth. Policy.
• Anthropic (Anthropic PBC, US) — The text of your personal or community prayer request. Generate or moderate prayers with Claude. Policy.
• RevenueCat (RevenueCat Inc., US) — User identifier + subscription state. Sync your premium plan. Policy.
• Sentry (Functional Software Inc., US) — Technical error traces without PII. Diagnose failures. Policy.
• PostHog (PostHog Inc., US) — Anonymous usage events. Product analytics. Policy.
• Expo (650 Industries Inc., US) — Your device push_token. Deliver push notifications. Policy.
• Apple (Apple Inc., US) — Apple ID identifier if you use Sign in with Apple; StoreKit subscription receipts. Authentication and billing. Policy.
• WhatsApp / Meta (Meta Platforms Inc.) — Only the content you choose to share by tapping "Share via WhatsApp." Messaging that you initiate. Policy.

We share with no one else. We do not sell, rent, or barter user data with other publishers.

About WhatsApp. Áncora will soon include a "Share via WhatsApp" button that sends a verse image and a link to a chat you pick. When you tap that button, the content leaves Áncora and enters Meta's systems; from that point WhatsApp and Meta become the data controllers for that content under their own policy. Áncora does not track what happens after you send the message: we do not know if it was opened, forwarded, or to whom. If you schedule a daily auto-send to a specific chat, Áncora stores only the chat identifier and the time you chose; we do not keep copies of the sent messages.

5. Children's data

Áncora is for users aged 13 and up. On signup we ask for your date of birth in a neutral way to verify your age, consistent with the 2025 amended COPPA Rule (US).

• If the date of birth you enter corresponds to a minor under 13, we reject the signup and do not save the data.
• We do not direct Áncora to children under 13.
• We do not knowingly collect personal data from children under 13. If you discover that a minor has created an account, email hello@ancoraapp.org and we will delete the account within 7 days.
• In the European Union the threshold can be 16 in some countries; if you are under the age required by your country, do not use Áncora.

6. Data retention

• Account, profile, personal prayers, journal, favorites, streak: Until you request deletion.
• Community requests (approved): Until you delete them or delete your account.
• prayer_moderation_log (moderation decisions): 180 days, then auto-purged.
• prayer_reports (abuse reports): 2 years, for audit and repeat-offender tracking.
• Sentry error traces: 30 to 90 days (Sentry default retention).
• PostHog analytics events: 7 years (default config; we can reduce on request).
• Push token: Until you revoke permissions or uninstall the app.

When you request deletion, we immediately remove: profile, prayers, journal, favorites, streak, push token, linked subscriptions. Moderation records and abuse reports are retained anonymized (no account identifier) for the period above.

7. Your rights

You have the right to:

• Access the data we hold about you.
• Correct inaccurate data.
• Delete your account and all associated data.
• Export your data in a readable format (JSON).
• Object to processing or withdraw consent for analytics or push notifications from the app's settings.
• Complain to your country's data-protection authority (e.g., INAI in Mexico, SIC in Colombia, AEPD in Spain, the Information Commissioner in the UK, your state AG in the US).

To exercise any right, email hello@ancoraapp.org from the address associated with your account. We respond within 30 days; in practice, within 48 to 72 hours.

8. Security

Your data travels encrypted with TLS between your device and our servers. Every table that contains user data has Row-Level Security (RLS) enabled, so no account can read another's data. The Supabase service-role key never appears in the app; it lives only in server-side functions. We do not use tracking cookies. The session is kept with a Supabase JWT stored locally on your device.

If we detect a security incident that compromises your data, we will notify you within 72 hours by email and, where applicable, the relevant authority.

9. Cookies and identifiers

Áncora is a native app: it does not use cookies. We use:

• A Supabase session JWT stored in your device's secure storage (only to keep you signed in between uses).
• The Apple identifier if you use Sign in with Apple (an opaque string, not your real email unless you choose to share it).
• An Expo push notification token, if you opt into notifications.
• No IDFA (Identifier for Advertisers) or advertising identifiers. When Apple prompts you with App Tracking Transparency, Áncora does not request permission because we do not track.

10. Where processing happens

• Database and auth: Supabase, US-East region.
• AI (prayer generation and moderation): Anthropic, US.
• Billing and StoreKit: Apple, US.
• Push notifications: Expo, US.
• Analytics: PostHog Cloud, US (EU option available on request).
• Sentry: US.
• WhatsApp: global, per Meta's policy.

If you use Áncora from outside the United States, your data is transferred to the US. We rely on standard contractual clauses and, where applicable, your explicit consent at account creation.

11. European Economic Area, United Kingdom, and Swiss users

If you use Áncora from the EEA, the UK, or Switzerland, the following applies in addition to everything above.

Data controller. MEAS Partners, LLC, 131 Continental Dr, Ste 305, Newark, DE 19713, USA. Contact: hello@ancoraapp.org. We have not appointed an EU or UK representative because the app processes the minimum personal data strictly necessary to deliver a devotional service (Sign in with Apple identifier, push token, your own devotionals / journal / prayers) and does not conduct large-scale processing or profiling of EU/UK residents.

Legal basis for processing (GDPR Article 6). We rely on (a) performance of a contract with you (Article 6(1)(b)) for account creation, streak / favorites / journal / prayer storage, subscription management and sync; (b) consent (Article 6(1)(a)) for push notifications and for AI-assisted prayer drafting, which you grant inside the app and may withdraw at any time from Settings or by disabling notifications; and (c) legitimate interests (Article 6(1)(f)) for fraud and abuse prevention on the community-prayer feature (moderation logs, abuse reports), with our interest in keeping the community safe weighed against your right to privacy.

International transfers. Our processors (Supabase, Anthropic, Expo, Sentry, PostHog, RevenueCat, Apple) are based in the United States. Transfers rely on the European Commission's Standard Contractual Clauses (2021/914) and, where applicable, the UK International Data Transfer Addendum, together with supplementary technical measures (TLS in transit, RLS at rest, service-role key never exposed in the client).

Your rights. Under the GDPR / UK GDPR you may request access to, rectification of, erasure of, restriction of processing of, or portability of the personal data we hold about you, and you may object to processing based on legitimate interests. You can also delete your account and all associated data yourself from Settings → Account → Delete account. To exercise any other right, email hello@ancoraapp.org from the address associated with your account; we respond within one month. You also have the right to lodge a complaint with your national supervisory authority (e.g., AEPD in Spain, CNIL in France, BfDI in Germany, Garante in Italy, the Information Commissioner's Office in the UK, the FDPIC in Switzerland).

Automated decision-making. We do not make any decisions that produce legal or similarly significant effects on you using automated processing or profiling. AI-assisted prayer drafting and community-prayer moderation produce content suggestions, not decisions about you.

Retention in the EEA / UK / Switzerland. Same as section 6 above.

12. Changes to this policy

If we change anything that affects how we handle your data, we will:

1. Update the effective date at the top of this document.
2. Show an in-app notice the next time you open Áncora.
3. Email the address on your account when the change is material (e.g., a new data vendor, a new use of your data).

If a change expands how we use your data, we will ask for your explicit consent before it takes effect.

13. Contact

• Email: hello@ancoraapp.org
• Postal address: MEAS Partners, LLC — 131 Continental Dr, Ste 305, Newark, DE 19713, United States
• Website: https://ancoraapp.org

For urgent requests (e.g., suspected unauthorized access to your account), put "URGENT" in the subject line. We respond within 24 hours.

Effective date: April 23, 2026 · Version 1.1