This Privacy Policy describes how the Saved By Grace mobile application ("the App", "Service", "we", "us") collects, uses, retains, and protects your information. By creating an account or using the App, you agree to the practices described below. If you do not agree, please do not use the App.
1. Who we are
Saved By Grace is operated by Brownappdev, a sole proprietorship based in the United States. Contact: jbrown.tyler@outlook.com.
2. Information we collect
The App uses Google Firebase (Authentication, Cloud Firestore, Cloud Storage, Cloud Functions, Cloud Messaging) and the Resend transactional email service as our data processors. We collect only what is needed for the App to function:
Account credentials: email address and password (if you sign up with email), or the identifier and verified email address Apple or Google provides when you choose Sign in with Apple or Continue with Google. We do not see your Apple or Google password.
Phone number: when you create an email/password account, we require a phone number for SMS verification to deter abuse. The verified phone credential is linked to your account via Firebase Authentication.
Profile information: first name, last name, display name, and an optional profile picture.
Group membership: the 6-digit group code(s) you join or create and your role (owner, admin, or member) within them.
User-generated content you choose to share: chat messages and any attached photos, videos, or audio; prayer requests and comments; media posts (photos, videos, captions); PDF documents uploaded by group admins; events you create; live audio broadcasts initiated by group admins; donation method details added by group admins.
Reactions, read receipts, and prayer counts: a record that you prayed for, liked, reacted to, or read a particular item, so the feature can display it to other group members.
Push notification token (FCM): a token issued by Apple Push Notification service through Firebase Cloud Messaging so we can deliver new-message, new-prayer, and similar notifications. Tokens are stored on your user record and removed when the underlying device permission is revoked or the account is deleted.
Personal block list: the user IDs of members you have personally blocked are stored on your profile so the app can hide their content from your view across devices. When you block someone, the developer is also notified so the blocked account can be reviewed for potential ejection from the Service.
Safety reports: when you tap Report on a post, comment, message, media item, member profile, or chat, we record the reported content ID, the reported user ID (when present), your user ID, the category you selected (e.g. "Harassment", "Hate speech"), any optional details you provide, and a timestamp. Reports are forwarded to our moderation team within seconds for review within 24 hours.
Notification preferences and appearance settings: stored on your device and synced to your account so they persist across sign-ins.
We do not collect: advertising identifiers, precise location, contacts, health or fitness data, financial information, biometric identifiers, or third-party tracking data. We do not use analytics, advertising, or third-party tracking SDKs.
3. How your information is used
Information collected is used solely to operate the App's features:
To create and authenticate your account, including phone verification and Sign in with Apple / Google flows.
To let you join a group and communicate with other group members.
To display your name, profile picture, posts, comments, reactions, and read status to other members of the same group.
To deliver chat messages and media between participants you have chosen to message.
To send push notifications for new messages, prayer requests, events, services, media posts, and direct mentions.
To enforce safety: respond to your reports, honor your blocks, and remove content or users that violate our Terms of Use.
To enable on-device search of admin-uploaded PDFs. Search uses Apple's on-device Vision framework to extract text from scanned PDFs. Text extraction runs entirely on your phone; no document content is sent to any third party.
We do not sell your personal information. We do not use your data for advertising. We do not share your data with third parties for their own purposes.
4. Who can see your content
Profile information (name, profile picture) is visible to other signed-in users who share a group with you or are in a chat with you.
Posts, prayer requests, comments, events, and uploaded media are visible to other members of the same group, plus members of any group your admin has explicitly linked for cross-group visibility.
Chat messages and any media attached to them are visible only to the participants of that chat. Both the message records (in Cloud Firestore) and the media bytes (in Cloud Storage) are gated by membership of the chat.
Group admins can remove members (kick), approve or reject join requests, manage admin roles, edit group metadata, and remove content within their group.
Group owners have the same powers as admins plus the ability to transfer ownership to another current member. Transfer requires the recipient's explicit acceptance.
Saved By Grace operators (us) may access content as needed to respond to safety reports and to operate the Service, but we do not browse private chats casually.
5. Content moderation: reports and blocks
Saved By Grace has zero tolerance for objectionable content and abusive users (App Store Review Guideline 1.2):
You can report any prayer request, comment, message, media item, member profile, or chat from within the App. Reports are reviewed by the Saved By Grace moderation team within 24 hours. Confirmed violations result in the content being removed and the offending user being ejected from the Service.
You can block any other user at any time. Blocking immediately hides that user's posts, prayers, comments, media, and chat messages from your view across the entire App and prevents them from delivering push notifications to you (including direct mentions). Blocks are recorded on your profile and synced across your devices. You can unblock at any time from Settings → Privacy & Security → Blocked Users.
Report records (reporter user ID, reported content ID, reported user ID, category, optional details, timestamp) are retained for as long as needed to investigate and enforce these terms, and as required by law. We do not use this data for advertising or share it with third parties beyond the data processors named in Section 10.
6. Data storage, transmission, and security
Data is stored using Google Firebase services on Google Cloud infrastructure. Access is restricted by Firebase Security Rules so that only authenticated users with appropriate group or chat membership can read or write the relevant records. Cross-service membership checks are enforced even at the storage layer for chat media. All transmission between the App and Firebase is encrypted via HTTPS/TLS. Server-side rate limiting is applied to sensitive Cloud Function endpoints to deter abuse. While we apply industry-standard safeguards, no system can be guaranteed completely secure, and you use the Service at your own risk.
7. Children's privacy
The App is rated 12+ and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete the account and associated data.
8. Your rights and choices
Access and correction: you may view and edit your profile information from within the App at any time.
Take a break (Deactivate): from Settings → Privacy & Security → Deactivate or Delete Account, you can choose "Take a Break (Deactivate)". Your account remains valid but is hidden from other users and from feeds. Signing in again at any time restores your account exactly as you left it.
Delete your account: from the same screen, you can choose "Permanently Delete Account". Your account and content are hidden immediately. A scheduled job permanently removes your authentication record, user profile document, profile picture, authored prayer requests, authored media posts, authored events, authored services, and chat memberships 30 days after the request. Signing in within that 30-day window cancels the deletion and restores your account. After 30 days, deletion is irreversible.
Group-owner constraint: if you currently own a group with other members, the App will require you to transfer ownership (or remove every other member) before you can deactivate or delete your account, so the group is not left without an owner.
Leave or change groups: you may leave a group at any time from the in-app Group settings. Leaving removes your association with that group's content going forward; content you previously posted to the group remains attributed to your account name, consistent with how other members' historical posts behave.
Removed by an admin (kick): a group owner or admin may remove you from their group. You are not blocked from Saved By Grace; you simply lose access to that group's content. You will see an in-app notice next time you open the App.
Push notifications: you can disable any category of push notification from Settings → Notifications. You can revoke push permission entirely from your iOS Settings app.
Withdraw consent: you may stop using the App at any time. Combined with the deactivate or delete flows above, this fully ends our processing of your data.
9. Data retention
We retain account and content data for as long as your account remains active.
When you deactivate, data is preserved indefinitely until you reactivate or delete.
When you delete, your data is hidden immediately and permanently purged after 30 days. After purge, recovery is not possible.
Safety reports are retained for a reasonable period to allow investigation of repeated or coordinated abuse, even after the related account is deleted.
Group records with zero remaining members are tombstoned for 7 days and then permanently deleted along with their subcollections and any associated Storage files.
Server backups maintained by Google Firebase may retain copies for a limited period as part of their standard service operation; we do not control those backup windows beyond Google's published retention.
10. Third-party data processors
We use the following third-party services strictly as data processors acting on our behalf:
Google Firebase (Authentication, Cloud Firestore, Cloud Storage, Cloud Functions, Cloud Messaging, Cloud Scheduler, Cloud Run) — provided by Google LLC. Firebase's privacy and security practices: https://firebase.google.com/support/privacy.
Apple Push Notification service — used for delivering push notifications to your device. Apple's privacy policy: https://www.apple.com/legal/privacy/.
Sign in with Apple and Google Sign-In — used when you choose those providers. We receive only the identifier and verified email address you authorize them to share; we do not see your password or other account details.
Resend (transactional email) — used only to notify our moderation team when a user submits a safety report. Reports are sent to a single internal mailbox. Resend's privacy policy: https://resend.com/legal/privacy-policy.
Apple Vision framework — runs on your device to extract searchable text from admin-uploaded PDFs. No document content is transmitted to Apple or any other party as part of this feature.
We do not sell or share your personal information with any party other than these processors and only for the purposes described.
11. International users
The App may be used from any country where it is available on the App Store. By using the App, you understand that your information will be transferred to and stored on Google Cloud servers, which may be located outside your country of residence (primarily in the United States). Where required by local law, we rely on appropriate safeguards (such as Standard Contractual Clauses adopted by Google as our processor) for international transfers.
12. European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR)
If you are located in the EEA, UK, or Switzerland, you have the following rights under the General Data Protection Regulation and equivalent national laws:
Access — request a copy of personal data we hold about you.
Rectification — correct inaccurate personal data.
Erasure — request deletion (the in-app delete flow satisfies this for most data).
Restriction and objection — limit or object to certain processing.
Data portability — request a machine-readable export of data you provided to us.
Lodge a complaint with your local Data Protection Authority.
Our legal bases for processing are: performance of a contract (operating the Service you signed up for), legitimate interests (keeping the Service safe and free of abuse), consent (for push notifications and optional profile photo), and legal obligation (responding to lawful requests).
To exercise these rights, contact us at jbrown.tyler@outlook.com. We will respond within 30 days.
13. California residents (CCPA / CPRA)
If you are a California resident, you have the right to know what personal information we collect (Section 2), the right to request deletion (the in-app delete flow satisfies this), and the right to opt out of the sale or sharing of personal information. We do not sell your personal information and we do not share it for cross-context behavioral advertising. We do not use it for targeted advertising. You will not be discriminated against for exercising any of these rights. To exercise them, use the in-app deletion flow or email us at jbrown.tyler@outlook.com.
14. Hosting of this policy
This Privacy Policy is hosted on Firebase Hosting, which serves static files over HTTPS and does not place tracking cookies on your device.
15. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be communicated through the App and may require renewed acceptance of our Terms of Use.
16. Contact
Questions, requests, or complaints about this policy or about your data can be sent to jbrown.tyler@outlook.com. We aim to respond within 14 days for general inquiries and within 30 days for rights requests.