Privacy Policy

Effective date: September 15, 2025

This Privacy Policy explains how Spoken (“Spoken,” “we,” “us,” or “our”) collects, uses, and shares information when you use our mobile applications, websites, and related services (collectively, the “Services”).

Fast facts

  • Intended audience: General users 13 and older.

  • We do not sell or share your personal information as defined by the California Consumer Privacy Act (CCPA/CPRA).

  • You can request access, correction, or deletion of your data by emailing support@spoken-bible.com.

1) Information We Collect

a) Account & Contact Information

  • Name, email address, profile photo (optional)

  • Authentication information (password or single‑sign‑on tokens)

b) Content You Create

  • Audio recordings (voice readings) and metadata (timestamps, duration, file size)

  • Text captions, titles, tags, playlist names

  • Invitations you send and your Family & Friends sharing settings (when you share, links are passed to your device’s native apps; we do not collect invitee contact details unless they sign up)

c) Usage & Device Data

  • App activity (screens viewed, features used), diagnostic logs, and crash data

  • Device information (OS version, device model, app version)

  • Language and time zone

d) Communications

  • Messages you send to support or feedback you submit

We do not intentionally collect sensitive categories (e.g., precise geolocation, biometric identifiers) unless a feature requires it and you opt in.

2) How We Use Information

  • Provide and improve the Services, including saving and streaming your recordings

  • Operate private sharing (“Family & Friends”) and manage invitations

  • Maintain safety, security, and integrity (fraud prevention, abuse detection)

  • Debugging, analytics-lite, and performance monitoring

  • Communicate with you about updates and new features

  • Comply with legal obligations

Legal bases (EEA/UK): performance of a contract; legitimate interests (e.g., service improvement, fraud prevention); consent where required (e.g., notifications, marketing).

3) How We Share Information

  • Service providers (processing under contract): Supabase (database, authentication, storage, logs), Google Cloud Storage (file storage/serving), SendGrid (email delivery)

  • Other users you choose: content you share inside your private network is visible to invitees per your settings

  • Legal/compliance: when required by law, to protect rights, or in a merger/sale

We do not sell personal information and do not share personal information for cross‑context behavioral advertising (CPRA). We do not allow third‑party advertising SDKs. We do not use push notifications in the MVP release; if we add them later, we will update this Policy.

4) Your Choices & Rights

Controls

  • Recording privacy settings; ability to delete your recordings

  • Opt‑out of non‑essential emails

California (CCPA/CPRA)

You may request to know, access, correct, delete, or limit the use of sensitive personal information. Submit requests to support@spoken-bible.com. We do not sell/share personal information.

EEA/UK (GDPR)

You may request access/portability, correction, deletion, restriction, and object to processing. You may withdraw consent at any time. You also have the right to lodge a complaint with your local supervisory authority.

5) Data Retention

  • User account & profile data: retained while the account is active; deleted within 30–60 days after account closure.

  • Audio recordings (User Content): retained until you delete them; after deletion, removed from active systems within 30 days and from backups within 90 days.

  • Authentication/login data: retained while the account is active; tokens/password hashes deleted promptly after account closure.

  • Crash/error logs: retained 30–90 days for debugging.

  • Email delivery logs: retained 30–60 days for deliverability troubleshooting.

  • Inactive accounts: accounts inactive for 24 months may be closed and data deleted after notice.

6) Children’s Privacy

Spoken is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it and disable the account.

7) Security

We employ reasonable administrative, technical, and physical safeguards appropriate to the nature of the data, such as encryption in transit and at rest, access controls, and audit logging. No method of transmission or storage is 100% secure.

8) International Transfers

If you access the Service from outside the United States, your information may be processed in the U.S. and other countries. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for cross‑border transfers.

9) Notice at Collection (California)

Categories collected: identifiers (name, email), internet/electronic network activity (logs), audio content you create, and inferences (basic feature preferences). Purposes: provide the Service, security, debugging, communications, legal compliance. Retention: as outlined in Section 5. Sensitive data: not collected except as disclosed and with your consent.

10) Changes & Contact

We may update this Policy from time to time. We do not use push notifications in the MVP release; if we enable push notifications in a future version, we will update this Policy accordingly.

Contact:
Email: support@spoken-bible.com
Mailing address: PO Box 719, Eustis, FL 32727, United States