Privacy Policy

How Áncora handles your information. Plain language, no surprises.

Our promises

Before the legal detail, here is what we will and will not do:

• We do not sell your data. Not to advertisers, not to data brokers, not to anyone.
• We do not use your content to train AI. Your reading history, saved verses, onboarding answers, and anything else you give us are not training data.
• We do not track which scripture passages you read. We record that a devotional was completed (for streaks), not the content of what you read or saved.
• No ad networks, no third-party cookies in the app. The iOS app has no advertising SDKs.

1. Who we are

Áncora is operated by MEAS Partners, LLC, a Delaware limited liability company. We are the data controller for the information described here. Contact us at hello@ancoraapp.org.

2. What we collect

We group the information we collect into five categories:

• Account data. For signed-in accounts: your user ID, email address, display name, and (if you use Sign in with Apple) the anonymous Apple relay identifier. For guest accounts: only an anonymous user ID generated for your device.
• Subscription data. Your Apple In-App Purchase receipt, subscription status, plan (monthly or annual), trial status, and renewal/expiration dates, as reported to us by Apple and RevenueCat. We never receive your credit card number or Apple ID password.
• Usage analytics. Anonymous event data: screen views, button taps, onboarding step completion, which features you use, and aggregate session metrics. These events are tied to an anonymous analytics ID, not to your email. We do not record the text of scripture you read or verses you save.
• Device and diagnostic data. Device model, OS version, app version, locale, time zone, and crash reports (stack traces with user identifiers redacted). We use this to fix bugs and size up issues.
• Content and onboarding data. Information you give us inside the app: your name, the interests you pick during onboarding, saved verses, reading progress, streak count, family-group membership, and any notes or journal entries you create.

3. Why we collect it

We use each category of information only for specific purposes:

• To run the service — sign you in, sync your progress, deliver your daily devotional, keep your streak, restore your subscription on a new device.
• To process subscriptions — verify your Apple receipt and grant Premium access via RevenueCat.
• To improve the product — understand which features are used (anonymous analytics) and diagnose crashes.
• To send you the push notifications you opted into — your daily devotional reminder.
• To comply with law — respond to valid legal requests, protect rights, and prevent fraud or abuse.

We do not use your information for advertising, profiling that produces legal effects, or AI training.

4. Who we share it with

We share information only with processors that help us run the service. They act on our instructions and cannot use your data for their own purposes.

• Supabase (Frankfurt region) — our database, authentication, and file storage. Stores your user ID, email (if provided), display name, reading progress, streak count, saved verses, family membership, and onboarding answers (name, interests).
• RevenueCat — subscription management. Stores your Apple receipt and subscription status, linked to your Supabase user ID.
• Apple (App Store) — payment processing and receipt issuance. Apple handles your payment method; we never see credit card data. Apple's own privacy terms apply to their handling of payment data.
• PostHog (EU region) — product analytics. Receives anonymous event data (screen views, CTA taps, onboarding step completion). Does not receive scripture content, saved verses, or journal entries.
• Sentry — crash and error reporting. May receive stack traces with a redacted user ID.
• Expo (push notifications) — stores your device push token so we can deliver daily reminder notifications.

We may also share information when required by valid legal process, to enforce our Terms, to protect the safety of users or the public, or in connection with a corporate transaction (merger, acquisition, or sale of assets), in which case we will notify you and any successor will be bound by this policy.

5. Data retention

We keep information only as long as we need it:

• Account data: kept while your account is active, and for up to 30 days after you delete your account (to handle support, refund, or fraud-related requests). After 30 days, personal account data is deleted or fully anonymized.
• Subscription records: kept for as long as required by tax and accounting law (typically 7 years in the United States), in a minimized form (receipt ID, plan, dates).
• Usage analytics: anonymized after 90 days, then kept only in aggregate form for trend analysis.
• Crash and diagnostic logs: kept up to 90 days.
• Backup copies: may persist in encrypted backups for up to 30 days after the primary record is deleted, then are overwritten.

6. Your rights

Depending on where you live, you have rights over your personal information. These include, in most jurisdictions:

• Access — ask what data we hold about you.
• Correction — ask us to fix inaccurate data.
• Deletion — ask us to delete your data.
• Portability — receive a copy of your data in a machine-readable format.
• Objection / restriction — ask us to stop or limit certain processing.
• Withdraw consent — where we rely on consent, withdraw it at any time.

If you are in the European Economic Area, United Kingdom, or Switzerland, these are your rights under the GDPR (and UK GDPR / FADP). If you are a California resident, these are your rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of "sale" or "sharing" (we do neither).

To exercise any of these rights, delete your account from Settings → Delete Account inside the app, or email us at hello@ancoraapp.org. We will respond within the time required by applicable law (generally 30 days). You also have the right to lodge a complaint with your local data-protection authority.

7. Children's privacy

Áncora is not directed at children under 13. The app is rated 4+ in the App Store because the content is suitable for all ages, but the service itself is intended for adults (and minors with parental supervision in the household).

We do not knowingly collect personal information from a child under 13. If we learn that we have collected information from a child under 13 without verified parental consent, we will delete that account promptly. If you believe a child has created an account, please email hello@ancoraapp.org and we will investigate.

8. International transfers

Áncora is built by a U.S. company and uses processors located in multiple regions. Depending on the feature, your data may be stored or processed in:

• The European Union (Supabase, Frankfurt; PostHog, EU region).
• The United States (Apple services, Sentry, Expo, and MEAS Partners operations).
• Other regions where our processors' infrastructure is located.

Where data is transferred out of the European Economic Area, the United Kingdom, or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework, so your rights continue to travel with your data.

9. Security

We protect your information with standard industry controls: TLS in transit, encryption at rest in our database, Supabase row-level security policies so one account cannot read another account's data, and least-privilege access for our team. No system is perfectly secure, but we work to reduce risk and we will notify affected users in the event of a qualifying data breach, as required by law.

10. Cookies and tracking

The iOS app does not use cookies and does not integrate any advertising or cross-app tracking SDKs. We do not use Apple's IDFA and we do not present an App Tracking Transparency prompt, because we do not track you across other companies' apps or websites.

Our marketing website at ancoraapp.org uses only the operational cookies required by our hosting provider (Vercel) to deliver the site securely. It does not use third-party advertising or analytics cookies.

11. Changes to this policy

We may update this policy from time to time. When we do, we will change the effective date below and, for material changes, notify you in the app or by email. Continued use of the service after the effective date means you accept the updated policy.

12. Contact us

Privacy questions, requests, or complaints: hello@ancoraapp.org.

Postal notices may be sent to: MEAS Partners, LLC — contact hello@ancoraapp.org for the current mailing address.

Effective date: April 18, 2026