Privacy Policy

Sacred Circle is a prayer community app operated by Proleptic LLC (“we,” “us,” or “our”). This Privacy Policy explains what personal information we collect, how we use it, and the choices you have. Sacred Circle is built for people who pray together — the content you share is deeply personal, and we take its protection seriously.

By creating an account and using Sacred Circle, you acknowledge the practices described here. Questions? Reach us at privacy@sacred-circles.co.

What Information We Collect

Information you provide directly

We collect personal information you voluntarily give us when you register or use the app:

• Account information — Your name, email address, and password when you register
• Profile information — Your faith tradition, if you choose to share it
• Prayer content — Prayer requests, responses, journal entries, and session notes you create
• Communications — Messages or feedback you send to us directly

Sensitive information

Information collected automatically

When you use the app, certain technical information is collected automatically:

• Device information — Device model, operating system version, and language settings
• Usage data — App feature interactions and session activity, used only to improve the service
• Push notification tokens — If you grant permission, we store a token to deliver notifications to your device

Information from third-party sign-in

If you register using Sign in with Apple, Apple provides us with your name and email address. See Section 4 for details.

Payment data

If you make a purchase, payment processing is handled entirely by the Apple App Store. We do not receive or store your payment card details. See Apple’s App Store Privacy Policy for details.

All personal information you provide must be accurate. Please notify us of any changes.

How We Use Your Information

We use the information we collect to:

• Create and manage your account, and keep it in working order
• Provide the Sacred Circle service — including circle membership, prayer requests, and responses
• Enable communications between users within your Sacred Circles
• Send push notifications about circle activity (only with your permission, revocable at any time in Settings)
• Respond to your feedback and support requests
• Improve the app through internal usage analysis
• Prevent fraud, diagnose bugs, and maintain security
• Comply with legal obligations and defend our legal rights

We will not use your personal information for purposes materially different from those above without giving you prior notice.

When and With Whom We Share Information

We do not sell your personal information. We do not share prayer content with advertisers or data brokers. We have not sold or shared personal information in the preceding twelve months and will not do so in the future.

Service providers

We work with third-party companies that help us operate Sacred Circle under written agreements that restrict how they use your data:

• Supabase — database hosting, authentication, and backend infrastructure
• Apple — payment processing (App Store) and push notification delivery (Apple Push Notification service)

Personal data disclosed to service providers is protected in transit and at rest. These providers may not use your data for their own advertising purposes.

Other users

Content you share within a Sacred Circle — prayer requests, responses, and your display name — is visible to other members of that circle. This is core to how the service works. You control what you share. Content within a circle is never visible to users outside it.

Business transfers

If Proleptic LLC undergoes a merger, acquisition, financing, or sale of assets, your personal information may be transferred as part of that transaction. We will make reasonable efforts to notify you before your data becomes subject to a different privacy policy.

Legal obligations

We may disclose information when required by applicable law, regulation, or valid legal process, or when necessary to protect the rights, property, or safety of Sacred Circle, our users, or others.

Social Logins (Sign in with Apple)

Sacred Circle supports Sign in with Apple. If you use this option, Apple authenticates your identity and provides us with your name and email address (or a relay address if you choose to hide your real one). We use this information only to create and manage your Sacred Circle account.

Apple controls its own data practices. Please review Apple’s Privacy Policy for information on how your data is handled during sign-in.

Encryption & Security

Sacred Circles encrypts sensitive content using AES-256-GCM before it is transmitted or stored. Encryption keys are held in your device’s secure Keychain.

Private journal entries and your faith tradition use a per-user encryption key that is generated on your device and never uploaded to our servers. We cannot read this content under any circumstances.

Prayer requests and responses shared within a Circle are encrypted with a per-circle key that is distributed to members when they join via an invite link. The wrapped key material is stored on our servers as part of the invite process. This means content is strongly encrypted at rest and in transit, but does not meet the strict definition of end-to-end encryption for circle content — Supabase, our infrastructure provider, holds key material associated with circle content. We cannot routinely access or read your prayer content, but we cannot make an unconditional guarantee for circle data the way we can for private journal entries.

While we use industry-standard technical and organizational security measures, no system can guarantee complete security. We encourage you to use a strong, unique password and to keep your device secure. If you believe your account has been compromised, contact us immediately at privacy@sacred-circles.co.

How Long We Keep Your Information

We retain your personal information for as long as your account is active or as needed to provide you with the service. When you delete your account, your personal data and all prayer content are permanently deleted from our servers within 30 days.

Some information may be retained longer if required by applicable law — for example, transaction records for accounting purposes. When we no longer have a legitimate need to retain personal information, we delete it or anonymize it.

Children’s Privacy

Sacred Circle is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13 (or under 16 for users in the EU or UK) without verifiable parental or guardian consent, as required by the Children’s Online Privacy Protection Act (COPPA) and the GDPR.

If you are a parent or guardian and believe a child under 13 has created an account, contact us at privacy@sacred-circles.co.

Your Privacy Rights

Depending on where you live, you may have rights regarding your personal information. Many can be exercised directly within the app:

• Access & export Download a copy of your data — Settings → Download My Data
• Correct Update your profile information — Settings → Profile
• Delete Permanently delete your account and all associated data — Settings → Delete Account
• Notifications Opt out of push notifications at any time — Settings → Notifications, or your device Settings
• Withdraw consent If we process data based on your consent (e.g., faith tradition), you may withdraw by removing that information from your profile or deleting your account. Withdrawal does not affect the lawfulness of prior processing.

To exercise any right not available through the in-app controls, email us at privacy@sacred-circles.co. We will not discriminate against you for exercising your privacy rights.

US State Residents — Specific Rights

If you reside in California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, additional rights may apply under your state’s privacy law.

Categories of personal information we collect

In the past 12 months we have collected:

• Identifiers — name, email address, and account name
• Internet or network activity — app feature usage and session interactions
• Sensitive personal information — account login credentials; religious or philosophical beliefs (if voluntarily provided)

We retain identifiers and sensitive personal information for as long as your account is active. We have not disclosed, sold, or shared any personal information to third parties for a commercial purpose in the preceding twelve months, and will not do so in the future.

Your rights

• Right to knowWhether we are processing your personal data
• Right to accessThe personal data we hold about you
• Right to correctInaccuracies in your personal data
• Right to deleteYour personal data
• Right to portabilityA copy of your personal data in a machine-readable format, to the extent technically feasible
• Non-discriminationWe will not deny you service or charge different rates because you exercised a privacy right
• Opt-out of saleWe do not sell personal data; you may nonetheless submit an opt-out request and we will honor it

Depending on your state, you may also have the right to obtain a list of specific third parties to whom we disclosed data (Minnesota, Oregon); limit use of sensitive personal data (California); and opt out of profiling for automated decisions (Connecticut, Minnesota).

How to exercise your rights

Email privacy@sacred-circles.co with the subject line “Privacy Rights Request.” Include enough information for us to verify your identity. We will respond within the time required by your state’s law, at no charge for reasonable requests. You may designate an authorized agent to act on your behalf; the agent must provide written proof of your authorization.

We also honor Global Privacy Control (GPC) signals as valid opt-out requests under applicable state laws.

Appealing a denial

If we decline your request, you may appeal by emailing privacy@sacred-circles.co with the subject line “Privacy Rights Appeal — [Your State].” We will respond in writing with our decision and reasoning. If your appeal is denied, you may submit a complaint to your state Attorney General.

California “Shine the Light”

Under California Civil Code § 1798.83, California residents may request information about personal data we disclosed to third parties for direct marketing purposes. We do not disclose personal information for third-party direct marketing, so no such disclosure has occurred.

Do-Not-Track & Global Privacy Control

Some browsers offer a Do-Not-Track (DNT) setting that signals your preference not to be tracked across sites. Because no uniform standard for interpreting DNT signals exists, Sacred Circle does not currently respond to DNT browser signals.

We do recognize and honor Global Privacy Control (GPC) signals. If your browser or device sends a GPC opt-out, we treat it as a valid request to opt out of the sale or sharing of your personal information for targeted advertising under applicable state privacy laws.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The “Last updated” date at the top of this page will always reflect the most recent revision. If we make material changes, we will notify you by posting a prominent notice in the app or by emailing the address on your account before the changes take effect. Your continued use of Sacred after the effective date constitutes your acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or how we handle your data:

• Email: privacy@sacred-circles.co
• Mail: Proleptic LLC, Attn: Privacy,
  5441 S Macadam Ave Ste N
  Portland, OR, 97239
  United States

We aim to respond to all privacy inquiries within 30 days.