Privacy Policy

Effective Date: June 25, 2026 · Last Updated: June 25, 2026

Kreyman Enterprises LLC ("VerseMine," "we," "us," or "our") operates the VerseMine mobile application (the "App"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your data.

We are committed to transparency, particularly around how third-party AI services process your content. Please read this policy carefully.

1. Information We Collect

1.1 Account Data

When you create an account, we collect:

  • Email address — used for authentication, account recovery, and service communications, and — unless you opt out — a welcome email and occasional product announcements about VerseMine (see Sections 2 and 10). You can unsubscribe from these marketing messages at any time and still receive essential account and transactional emails.
  • Display name — visible to other users in community features.
  • Username — your unique identifier within the App.
  • Date of birth — used solely for age verification to comply with COPPA (Children's Online Privacy Protection Act). Stored as a date; not displayed publicly.

1.2 Profile Data (Optional)

You may choose to provide additional profile information. All of the following are optional and can be removed at any time:

  • Bio
  • City
  • Church
  • Instagram handle

1.3 User Content

When you use the App, you may create the following content:

  • Text reflections and comments — your written responses to daily Bible passages.
  • Photos of Bible pages — images you photograph and submit for AI-powered study feedback.
  • Voice recordings — audio reflections and counseling recordings you record. Short dictation is transcribed on your device using a local Whisper model and the audio never leaves your device. Longer counseling recordings may be sent to a secure third-party transcription service (OpenAI) — only if you grant explicit consent — and the resulting transcript is saved to your account. See Section 3.

1.4 Usage Data

We collect non-identifying usage data through PostHog (see Section 4) to understand how the App is used and to improve the experience. This includes:

  • Device type and operating system
  • App usage patterns (screens visited, features used, session duration)
  • App version

We do not collect your Advertising Identifier (IDFA) and do not engage in cross-app tracking.

1.5 Crash and Performance Data

We collect crash logs and performance data through Sentry (see Section 4) to identify and fix bugs. This may include:

  • Device type and operating system version
  • App state at the time of a crash
  • Stack traces and error messages
  • A user identifier (your account ID) attached to the report so we can correlate a crash to your account

Because a user identifier is attached, this crash and performance data is linked to your account. We do not send your email address to Sentry, and we take measures to exclude personal content (reflections, photos, recordings, or counseling text) from crash reports.

1.6 Purchase Data

If you subscribe to VerseMine, we use RevenueCat (see Section 4) to manage your subscription. We receive:

  • Subscription status (active, expired, trial)
  • Purchase timestamps
  • Subscription plan type

We do not receive or store your payment card details, billing address, or financial account information. All payment processing is handled by Apple (App Store) or Google (Google Play).

1.7 Push Notification Tokens

If you enable push notifications, we store a device token provided by Apple Push Notification service (APNs) or Firebase Cloud Messaging (FCM). This token is used solely to deliver notifications to your device. You can disable notifications at any time through your device settings.

1.8 Screen Time / Focus Session Data

If you enable VerseMine's Focus feature — which restricts access to apps you select until you complete your daily Bible study — we collect the following:

  • Family Controls authorization status — whether you have granted VerseMine permission to use Apple's Screen Time / Family Controls APIs. Stored locally on your device.
  • Selected app tokens — opaque, encrypted identifiers representing the apps and categories you have chosen to restrict. By Apple's design, these tokens cannot be decoded into app names by VerseMine or our servers. The actual app restriction is enforced on-device by iOS, not by us.
  • Focus session events — timestamps for when you start and end focus sessions, and whether you completed your daily Bible study task. We do not collect or transmit data about which apps you use outside of VerseMine, how long you use them, or what you do within them.
  • Schedule preferences — your chosen focus session schedule (e.g., morning blocking, all-day blocking).

We use Family Controls data solely to provide the Focus feature on your own device. We do not use it for advertising, analytics, or any other purpose. The Focus feature is optional. You can revoke Screen Time authorization at any time through iOS Settings > Screen Time, or disable focus sessions in VerseMine Settings > Focus.

1.9 Accountability Partner Data

If you choose to add an accountability partner, we share limited focus session metadata with that partner through in-app notifications:

  • The partner is notified if you disable a focus session before completing your daily Bible study.
  • The partner is notified if you do not complete your daily Bible study by the end of the day.

These notifications contain no information about which apps you use, how long you use them, or what you do within those apps. The partner sees only that a focus session was disabled or that today's reading was missed — the same information you would share by saying "I missed today" out loud.

Accountability sharing is off by default. You must explicitly choose a partner in Settings > Accountability to opt in. You can remove your partner at any time, which immediately stops all sharing.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the service — delivering daily Bible passages, processing your submissions, generating AI-powered study feedback, transcribing voice recordings, and displaying your reflections.
  • Community safety — scanning user-generated text (reflections, comments, display names) for content that violates our Community Guidelines.
  • Account management — authenticating your identity, managing your subscription, and communicating with you about your account.
  • Age verification — verifying that you meet the minimum age requirement (13 years) as required by COPPA.
  • App improvement — analyzing aggregated, non-identifying usage data to improve features, fix bugs, and understand usage patterns.
  • Notifications — sending push notifications you have opted into (e.g., daily reminders, friend activity).
  • Focus and productivity — enforcing the focus sessions you have configured (restricting access to apps you have selected on your own device) and, if you have explicitly enabled accountability sharing, notifying your chosen accountability partner of focus session events as described in Section 1.9.
  • Marketing and product announcements — sending you a welcome email and occasional announcements about VerseMine features, updates, and launch offers. These are first-party messages about our own app, sent by us (through our email provider, Resend). You can opt out at any time using the unsubscribe link in the email or by emailing privacy@versemine.app; you will still receive essential account and transactional messages.

We do not use your information for third-party advertising, cross-app ad targeting, or selling to data brokers, and we do not share your email with third parties for their own marketing. As used above, "marketing" means only our own first-party communications about VerseMine, which you can opt out of as described above.

3. Third-Party AI Services

VerseMine uses third-party AI services to provide core features. This section names each provider, describes what data is sent, explains why, and states each provider's data retention policy. Per Apple Guideline 5.1.2(i), we disclose each provider that processes your data.

3.1 Anthropic, PBC — AI Counselor

  • What data is sent: Your AI Counselor conversation text. When anonymization is off, your raw 1:1 counseling text is sent. When anonymization is on, anonymized/tokenized text is sent instead. In all cases, raw text is always sent to the safety classifier on every turn so that crisis and abuse detection continue to work even when anonymization is on. Raw group/couples counseling and discipleship text, and your Bible-study questions and answers, are also sent.
  • Why: To generate counselor responses, faith-growth recaps, and Bible-study answers, and to run crisis and safety classifiers that detect when you may need urgent help.
  • When: On each counseling or Bible-study Q&A turn. The AI Counselor is available only to US users at launch; the core Bible-study app is global.
  • Retention and model training: We require a data processing agreement with Anthropic; provider retention and training terms are governed by that agreement. See the AI Counselor section of our Terms of Service for more detail.

3.2 Google Gemini (Google LLC)

  • What data is sent: Photos of your Bible pages, plus other user text you provide for features such as translation, theology analysis, and historical-quote matching. We also send numeric embeddings (mathematical representations) computed over your anonymized counseling notes — not your raw conversation text.
  • Why: To analyze your highlighting work and generate personalized study feedback and annotated images that identify observations in the passage, and to power the related text features above.
  • When: Each time you submit a photo for study feedback, or use one of the related text features. Photos are sent only if you have enabled AI Study Feedback.
  • Retention: Google retains submitted data for up to 30 days for abuse monitoring and safety purposes, after which it is deleted. VerseMine uses the paid API tier, which provides enhanced data protections.
  • Model training: Google does not use data submitted through the paid API tier to train or improve its models.

3.3 OpenAI (OpenAI, LLC)

  • What data is sent: User-generated text (reflections, comments, and your display name) for content moderation; audio recordings for cloud transcription of longer counseling recordings (model gpt-4o-transcribe, which is gated, off by default, and consent-gated); and AI Counselor reply text for optional read-aloud (text-to-speech) voice output (revocable consent, off by default).
  • Why: To scan user-generated content for violations of our Community Guidelines and to maintain community safety (this moderation is part of our Terms of Service), to transcribe longer counseling recordings into text, and to read counselor replies aloud when you turn that option on.
  • When: Moderation runs automatically when you post reflections or comments, or when your display name is set or changed; it is always active for all users who participate in community features and cannot be turned off, as it is necessary to enforce our Community Guidelines. Cloud transcription and read-aloud run only when you have enabled and consented to those features.
  • Retention: OpenAI retains data submitted through its moderation API for up to 30 days for abuse monitoring and safety purposes, after which it is deleted.
  • Model training: OpenAI does not use data submitted through its API to train or improve its models.

3.4 Voice Transcription (Hybrid: On-Device + Cloud)

Short dictation is transcribed on your device using a local Whisper model, and that audio never leaves your device. Longer counseling recordings may be sent to OpenAI (model gpt-4o-transcribe) for transcription, but only after you grant explicit consent (this is off by default). When cloud transcription is used, the audio is purged on a retention timer, and the resulting text transcript is saved to your account (see Section 4 — Supabase) so that it can be displayed and synced across your devices.

3.5 Your Control Over AI Features

You control which optional AI features process your data:

  • AI Study Feedback (Google Gemini) — you can enable or disable this at any time in Settings > AI & Privacy. When disabled, your photos are not sent to Google Gemini.
  • Voice Transcription (hybrid) — short dictation is transcribed on your device and that audio never leaves it. Cloud transcription of longer counseling recordings (OpenAI) is consent-gated and off by default. You can disable voice reflections at any time in Settings > AI & Privacy.
  • Content moderation (OpenAI) — this is always active when you use community features (reflections and comments). It cannot be disabled because it is necessary to enforce our Community Guidelines and maintain community safety. This is disclosed during the consent process and in our Terms of Service.

Before your data is first sent to Google Gemini, the App will present a consent screen explaining which providers will process your data and asking for your explicit opt-in. The AI Counselor (Anthropic) consent, along with the counseling-specific provider disclosure, is presented before your first counseling turn. The AI Counselor is available only to US users at launch. You can decline and continue using the App for Bible reading, text reflections, journaling, and on-device voice transcription without sharing data with cloud AI providers.

4. Other Third-Party Services

In addition to the AI providers listed above, we use the following third-party services to operate the App:

Provider Purpose Data Processed Location
Supabase, Inc. Database, user authentication, and file storage Account data, profile data, user content, uploaded photos United States
PostHog, Inc. Product analytics Anonymized usage data (device type, OS, app usage patterns). No IDFA. No cross-app tracking. United States
Sentry (Functional Software, Inc.) Error and crash reporting Crash logs, device info, app performance data. We take measures to exclude personal content. United States
Resend, Inc. Transactional and marketing email delivery Email address and the content of emails we send you (welcome, announcements, account messages). United States
RevenueCat, Inc. Subscription management (individual subscriptions) Subscription status, purchase timestamps, plan type. No payment card data. United States
Stripe, Inc. Group/church plan checkout and billing Subscription and transaction identifiers. No payment card data. United States
Apple Inc. In-app purchases (App Store), push notifications (APNs) Purchase transactions, push notification tokens United States
Google LLC In-app purchases (Google Play), push notifications (FCM) Purchase transactions, push notification tokens United States

Each of these providers processes data on our behalf and is bound by their respective terms of service and privacy policies.

5. AI Model Training Disclosure

We do not use your data to train, fine-tune, or improve any artificial intelligence or machine learning models, and we contractually require our AI processors not to train their models on your content (see provider-specific terms below).

We require each AI provider listed in Section 3 not to use your data for model training. Specifically:

  • Google Gemini (paid API tier): Your data is not used for model training.
  • OpenAI (API): Your data is not used for model training.
  • Anthropic (AI Counselor): governed by our data processing agreement with Anthropic; we do not direct Anthropic to train on your data.
  • On-device Whisper (voice transcription): Runs locally on your device; no audio is transmitted to any external service.

This disclosure is made in compliance with Connecticut Senate Bill 1295 and to provide you with clear information about how your data is handled.

6. Automated Decision-Making

VerseMine uses AI to provide educational study feedback on your Bible highlighting. This feedback is informational and educational in nature. It does not constitute a consequential decision as defined under applicable law (e.g., it is not used for employment, housing, insurance, credit, or similar decisions).

Specifically:

  • AI study feedback is a learning tool. It scores and comments on your highlighting to help you engage more deeply with the text. It has no impact on your access to the App, your account standing, or any real-world outcome.
  • Content moderation uses automated scanning to flag potential Community Guidelines violations. Flagged content may be reviewed and actioned according to our Community Guidelines. You can appeal moderation decisions by contacting us at support@versemine.app.

7. Data Sharing

We do not sell your personal information. We do not share your personal information with third parties for their own marketing purposes.

We share your data only with the service providers named in Sections 3 and 4 of this policy, and only to the extent necessary to provide the App's functionality. Each provider acts as a data processor on our behalf.

If you have explicitly opted into the Accountability Partner feature (Section 1.9), we share limited focus session metadata with the partner you have chosen. This sharing is consent-based, opt-in, and can be revoked at any time by removing your partner in Settings > Accountability.

We may also disclose your information if required to do so by law, regulation, legal process, or governmental request, or to protect the rights, safety, or property of VerseMine, our users, or others.

8. Data Retention

Data Type Retention Period
Account data (email, display name, username, date of birth) Retained while your account is active. Deleted when you delete your account.
Profile data (bio, city, church, Instagram handle) Retained while your account is active. Deleted when you delete your account.
User content (reflections, comments, photos, recordings) Retained while your account is active. Deleted when you delete your account.
AI-generated results (feedback text, annotated images, transcriptions) Retained while your account is active, even if you later disable the corresponding AI feature. Deleted when you delete your account.
Counseling conversations & messages Retained while your account is active; subject to an inactivity-based retention sweep (~365 days of inactivity). Deleted when you delete the conversation or your account.
Counseling profile notes & faith-growth recaps Derived from your conversations; deleted automatically when the source conversation is deleted, and when you opt out of counseling memory or delete your account.
Voice-output (read-aloud) audio cache Auto-purged after approximately 30 days.
Raw counseling session audio (group counseling, opt-in) Auto-purged after approximately 30 days.
Usage data (PostHog analytics) Retained for up to 24 months, then automatically deleted.
Crash data (Sentry) Retained for up to 90 days, then automatically deleted.
Purchase data (RevenueCat) Retained in accordance with RevenueCat's data retention policy and applicable tax/legal requirements.
Push notification tokens Retained while your account is active and notifications are enabled. Deleted when you delete your account or disable notifications.
Screen Time / Focus session data Retained while your account is active and the Focus feature is enabled. Deleted when you delete your account, revoke Screen Time authorization, or disable focus sessions.
Accountability partner relationships Retained while both users have the relationship active. Deleted immediately when either user removes the relationship or deletes their account.

When you delete your account, we delete all personal data associated with your account from our systems. Data that has already been transmitted to third-party AI providers is subject to those providers' retention policies as described in Section 3.

9. Data Security

We implement reasonable technical and organizational measures to protect your personal data, including:

  • All data transmitted between the App and our servers is encrypted in transit using TLS.
  • User data is stored in Supabase with row-level security (RLS) policies that ensure users can only access their own data.
  • AI provider API keys are stored server-side and are never exposed in the App's client code.
  • Photos and files are stored in user-scoped storage paths with access controls.
  • Authentication uses industry-standard protocols (email/password with email verification, Apple Sign-In, Google Sign-In).

No method of electronic storage or transmission is 100% secure. While we strive to use commercially reasonable means to protect your data, we cannot guarantee absolute security.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

10.1 All Users

  • Access — You can request a copy of the personal data we hold about you. Automated export is not yet available; we fulfill access requests manually on a best-effort basis.
  • Deletion — You can delete your account and all associated data at any time from within the App (Settings > Account > Delete Account). You may also request deletion by emailing privacy@versemine.app.
  • Withdrawal of AI consent — You can disable AI Study Feedback and Voice Transcription at any time in Settings > AI & Privacy. Withdrawal of consent does not affect the lawfulness of processing that occurred before withdrawal.
  • Withdrawal of Screen Time access — You can revoke VerseMine's Screen Time / Family Controls authorization at any time through iOS Settings > Screen Time, or disable focus sessions in VerseMine Settings > Focus.
  • Removal of accountability partner — You can remove your accountability partner at any time in Settings > Accountability. Removal immediately ends all sharing of focus session metadata with that partner.
  • Opt out of marketing email — You can unsubscribe from welcome and announcement emails at any time using the unsubscribe link in those emails or by emailing privacy@versemine.app. You will still receive essential account and transactional emails.

10.2 European Economic Area (EEA), United Kingdom, and Switzerland Residents

Under the General Data Protection Regulation (GDPR) and equivalent laws, you also have the right to:

  • Rectification — Request correction of inaccurate personal data.
  • Restriction — Request that we restrict processing of your personal data in certain circumstances.
  • Data portability — Request a copy of your personal data in a structured, commonly used, machine-readable format. Automated portability is not yet available; we fulfill portability requests manually on a best-effort basis.
  • Object — Object to processing based on legitimate interest (including content moderation). We will cease processing unless we demonstrate compelling legitimate grounds.
  • Lodge a complaint — File a complaint with your local data protection authority (e.g., the ICO in the UK, the CNIL in France, or any EU supervisory authority).

10.3 California Residents

Under the California Consumer Privacy Act (CCPA) as amended by the CPRA, you have the right to:

  • Know — Request the categories and specific pieces of personal information we have collected about you.
  • Delete — Request deletion of your personal information.
  • Opt out of sale — We do not sell your personal information. No opt-out is necessary.
  • Non-discrimination — We will not discriminate against you for exercising your CCPA rights.

10.4 Connecticut Residents

Under the Connecticut Data Privacy Act and SB 1295, you have the right to:

  • Know — Access and obtain a copy of your personal data.
  • Delete — Request deletion of your personal data.
  • AI disclosure — Be informed about how AI processes your data, including whether your data is used for model training (it is not — see Section 5).

10.5 Exercising Your Rights

To exercise any of these rights, contact us at:

We will respond to verified requests within 30 days (or the timeframe required by applicable law). We may ask you to verify your identity before processing your request.

11. Children's Privacy

VerseMine is intended for users aged 13 and older. We comply with the Children's Online Privacy Protection Act (COPPA).

  • Age gate: All new users must provide their date of birth during account creation. Users under 13 are not permitted to create an account.
  • No data collection from children: If a user indicates they are under 13, no personal information is collected, stored, or transmitted. The user is shown a friendly message and returned to the login screen.
  • Parental contact: If you believe your child under 13 has provided personal information to us, please contact us immediately at privacy@versemine.app. We will promptly delete any such information.

The AI Counselor (a special category of counseling features) is available only to US users at launch and is subject to additional age safeguards: a fail-closed age gate denies access to the counselor when age cannot be verified.

12. International Data Transfers

VerseMine is based in the United States. All data processing occurs in the United States through US-based service providers (Supabase, PostHog, Sentry, RevenueCat, Stripe) and cloud AI providers (Google, OpenAI, Anthropic). Short dictation is transcribed on your device, but longer counseling recordings may be transcribed by OpenAI in the United States. The AI Counselor is available only to US users at launch.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, your data is transferred to the United States. We rely on the following safeguards for these transfers:

  • Standard Contractual Clauses (SCCs) — we require Standard Contractual Clauses, as adopted by the European Commission, with our processors that transfer EEA/UK/Switzerland personal data, including Anthropic.
  • Data Processing Agreements (DPAs) — we require Data Processing Agreements with our processors that transfer EEA/UK/Switzerland personal data on our behalf, establishing data handling, retention, and deletion obligations.

By using the App, you acknowledge that your data will be processed in the United States, which may have different data protection laws than your country of residence.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy.
  • Notify you through the App (e.g., an in-app notice or push notification) if the changes are material.
  • Where required by law (e.g., changes to AI processing or new third-party providers), request your renewed consent before processing your data under the new terms.

Your continued use of the App after an updated policy takes effect constitutes your acceptance of the changes, except where renewed consent is required by law.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:

Kreyman Enterprises LLC ("VerseMine," "we," "us," or "our")
Website: https://versemine.app
Privacy Policy: https://versemine.app/privacy