Privacy

Privacy Policy

Effective June 18, 2026. Godward is a private space for daily reflection, and we built it so the words you write stay yours. This policy explains what we collect, why, who we share it with, how long we keep it, and the choices you have.

1. Who is responsible

Auxility, Inc. (16192 Coastal Hwy, Lewes, DE 19958, United States) is the controller of your personal data and operates Godward. You can reach us about privacy at support@godward.me. Godward is intended for adults (18+) in the United States.

2. The information we process

• Your reflections and AI responses — the private text you write and the responses generated for you. We treat this as sensitive, special-category data and protect it accordingly.
• Faith details you choose to share — such as denomination, spiritual goals, or familiarity with Scripture, used to personalize your experience. This is optional and treated as sensitive data.
• Account information — your sign-in identifier and email address.
• Subscription information — your plan, entitlement, and purchase identifiers, handled by our billing providers and the app stores.
• Product analytics — privacy-safe, typed usage events that never include reflection text or faith details.
• Diagnostics — crash and error reports, with restricted content scrubbed before upload.

We do not collect your contacts, precise location, or advertising profiles.

3. Why we process it, and our legal bases

• To generate reflections and your history — on your explicit consent for sensitive data (GDPR Art. 9(2)(a) where it applies). You can withdraw consent at any time.
• To provide and secure your account — to perform our contract with you.
• To process subscriptions — to perform our contract and meet legal (e.g. tax) obligations.
• To improve the product with privacy-safe analytics — on consent or our legitimate interest in a reliable service.
• To keep the Service safe — on our legitimate interest, legal obligations, or, in an emergency, vital interests.

4. How we protect sensitive data

• Encryption. Reflections are encrypted at the application level (AES-256) with keys held in a managed secrets vault.
• Storage. Your data is stored in the United States.
• Access. Access is restricted and audited, and reflection text and faith details are excluded from analytics and crash reporting by enforced controls.
• AI provider. Reflection text sent to our AI provider is handled under a zero-data-retention agreement — not retained or used to train models.

5. When we share information

We share data with service providers who process it on our instructions, under contract, only to run the Service. We never sell your personal information and never share it for cross-context behavioral advertising. Our providers include:

• Supabase — Account authentication and encrypted database hosting (United States).
• Anthropic (Claude), via the Vercel AI Gateway — Generating reflection responses under a zero-data-retention agreement — your text is not retained or used to train models.
• Paddle — Web payments and tax, as our Merchant of Record (when you subscribe on the web).
• Adapty — Subscription entitlements across devices (when you subscribe).
• Apple App Store and Google Play — In-app purchases — these stores act as independent controllers under their own policies.
• Amplitude — Privacy-safe product analytics (consent-gated; never reflection text or faith details).
• AppsFlyer — Install attribution (consent-gated; no restricted data).
• OneSignal and Firebase Cloud Messaging — Push notification delivery (no reflection content in payloads).
• Sentry — Crash and error diagnostics (restricted content scrubbed before upload).
• API.Bible — Verified Scripture text — no personal data is sent to retrieve verses.

Web payments are handled by Paddle (paddle.com) as Merchant of Record under its own privacy policy. We disclose data to others only where required by law or to protect the safety of a person.

6. How long we keep it

• Reflections and account data: until you delete them or close your account.
• Analytics events: up to 13 months.
• Diagnostics and support metadata: up to 90 days.
• Billing records: as long as the law requires.

You can export or delete your data anytime from Privacy & data. Account deletion runs after a 7-day cooling-off period — during which you can cancel it — then permanently removes your reflections, including from backups, and propagates to our processors.

7. Your rights

U.S. residents (including California). You may request to know, access, correct, or delete your personal information, and to limit the use of sensitive personal information. We do not sell or share your personal information, and we will not discriminate against you for exercising your rights.

EU/UK residents. Where the GDPR or UK GDPR applies, you have rights of access, rectification, erasure, portability, restriction, and objection, and the right to withdraw consent at any time.

Exercise any of these from your account or by emailing support@godward.me; we aim to respond within 30 days.

8. International data transfers

Godward is designed for U.S. users and stores data in the United States. Where a provider processes data outside your country, we rely on appropriate safeguards such as Standard Contractual Clauses.

9. Children

Godward is for adults and is not directed to anyone under 18. We do not knowingly collect data from minors; if we learn that a minor has created an account, we will disable it and delete the associated data. See our age policy in the Terms.

10. Changes and contact

If we make a material change, we’ll update the effective date above and, where appropriate, notify you. Questions or requests? Email support@godward.me or write to Auxility, Inc., 16192 Coastal Hwy, Lewes, DE 19958, United States. You can manage consents and your data anytime from Support or your account.