Privacy Policy
Effective date: July 8, 2026
Christ's Reach ("we," "us," or "our") is a Christ-centered recovery companion. We take your privacy seriously — especially because the things you share here are personal. This policy explains what we collect, how we use it, and the rights you have over your own data.
If you have questions, email us at care@christsreach.com.
1. What we collect
When you join the waitlist
- Your name (optional) and email address.
- Your IP address and browser info, used only to filter automated submissions.
When you use the app
- Account info: username, email address, and an encrypted password.
- Profile & recovery context: your "why I'm here" selections and display name.
- Content you create: Tap-Ins, Reflections, Resets, Temptation logs, and daily Routine check-ins.
- Circle & reach-outs: who you invite, reach-out requests you send or receive, and any responses or reactions.
- Notification preferences: whether you've enabled push or email notifications, and your daily email settings.
- Device push token: used only to deliver push notifications you've opted into.
- Activity logs: timestamps of logins and key actions, retained for security auditing.
We do not store your card or bank details on our servers. Christ's Reach is free to use; optional donations are handled entirely by our payment processor, Stripe — you enter and submit payment details on Stripe's secure page, and we never see or keep your card number. We do not use advertising SDKs or embed third-party advertising or analytics tracking pixels (no Google Analytics, no Meta pixel).
2. How we use your information
- To operate and deliver the service — show you your reflections, send reach-out alerts to your circle, surface your daily Scripture.
- To send you emails you've opted into: invitation notifications, daily Scripture emails, and app alerts.
- To keep the service secure — detect abuse, prevent spam, and protect you and your circle.
- To let you delete your account and content when you ask.
We will never use your content to train AI models or sell insights about your recovery journey.
3. Who we share it with
We share nothing with advertisers, data brokers, or analytics companies. The only disclosures that occur are:
- Your circle: content you intentionally share with your circle members (reach-outs, reactions, circle alerts). You control what is shared and with whom.
- Email delivery: we use Brevo (Sendinblue) to send transactional and notification emails. Your email address is transmitted to Brevo for this purpose only.
- Payment processing: if you choose to make an optional donation, Stripe processes the payment and collects the name, email, and card details you provide on their page. We receive only a confirmation that a donation occurred, never your full card details.
- Safety exceptions: if we have a good-faith belief that someone is in imminent danger, we may act on conscience — for example, contacting emergency services. We will never use this exception for any commercial purpose.
- Legal requirements: if required by a valid court order or law enforcement request, we may be compelled to disclose information. We will resist overbroad requests.
4. Email communications & how to opt out
When you join the waitlist, we will email you to let you know when Christ's Reach opens for you. Each email includes an unsubscribe link. You may also email care@christsreach.com at any time to be removed.
Inside the app, you control all notification and daily email settings from Settings → Notifications. You can disable any or all emails at any time.
5. Data retention
We retain your data as long as your account is active. When you delete your account — via Settings or by emailing us — your reflections, check-ins, temptation logs, reach-outs, circle memberships, and profile are permanently deleted. Waitlist entries are removed upon your request or when you are no longer needed to be contacted.
Anonymized aggregate statistics (e.g., total users, feature usage counts) may be retained but cannot be linked back to you.
6. Your rights
Regardless of where you live, you may:
- Access the personal data we hold about you.
- Correct inaccurate data (via Settings or by contacting us).
- Delete your account and all associated data.
- Opt out of email communications at any time.
- Object to any processing you believe is improper.
California residents have additional rights under the CCPA, including the right to know what categories of personal information are collected and the right to non-discrimination for exercising privacy rights. We do not sell personal information — ever.
To exercise any of these rights, email care@christsreach.com.
7. Security
All data is transmitted over HTTPS (TLS). Passwords are hashed using bcrypt. We do not store passwords in plaintext. Access to the database is restricted to authorized personnel only.
8. Children
Christ's Reach is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with information, please contact us and we will delete it promptly.
9. Changes to this policy
We may update this policy as the service grows. Material changes will be communicated via email or an in-app notice. The "effective date" at the top of this page reflects the most recent revision.
10. Contact
Questions, requests, or concerns: care@christsreach.com