# Privacy Policy for Peter AI

**Effective Date:** June 24, 2026

**Last Updated:** June 24, 2026

Welcome to Peter ("we," "our," or "us"). We are committed to protecting your personal privacy and maintaining a transparent data ecosystem. This Privacy Policy outlines how we collect, use, process, disclose, and safeguard your information when you use our online AI Pastoral Assistant website, mobile application, and related services (collectively, the "Service").

Please read this policy carefully. By accessing or using the Service, you agree to the collection and use of information in accordance with this policy.

---

## 1. Information We Collect

We collect information that you voluntarily provide to us, as well as data automatically generated through your usage of the AI system.

### A. Personal Data Provided by You

* **Account Data:** When you sign up using Google Account or Apple ID, we collect your unique provider user identifier (`provider_user_id`), email address (or Apple's masked proxy email), and name.
* **Profile & Customization Data:** We collect preferences you actively save, such as your selected theological denomination, preferred Bible translations, or structural roles (e.g., layperson vs. clergy).
* **User-Generated Content (Prompts & Inputs):** We collect and temporarily store the text, questions, context clues, and variables you type or upload into the chat interface or sermon draft text editors.
* **Payment & Transaction Data:** All billing is handled directly through our third-party payment gateway, **Stripe**. We do not collect or store credit card numbers, CVVs, or full bank details on our servers. Stripe provides us with tokenized identifiers, subscription status updates, and transaction receipts.

### B. Automatically Collected Data

* **Usage Logs:** We collect information on how you interact with the Service, including the times you use the AI, features accessed, search history within the Bible library, and device/browser technical metadata.

---

## 2. How We Use Your Information

We use your data to maintain a secure, highly personalized RAG (Retrieval-Augmented Generation) infrastructure:

* **To Personalize the AI System:** We use your denomination and Bible preference to dynamically adjust Peter’s system prompt and filter the vector database, ensuring you receive relevant, tradition-specific responses.
* **To Save History & Drafts:** We maintain your chat histories, sermon text revisions, and past liturgical drafts in our relational databases (`MySQL`) so you can seamlessly access your records across devices.
* **To Prevent AI Hallucinations & Track Sources:** We link exact Bible and article citations to your prompt history to verify accuracy and build trust.
* **To Manage Subscriptions:** We process subscription tier statuses ($9.99 Premium features) via secure webhooks received from Stripe.
* **Safety and Moderation:** We use automated keywords and intent scanners to instantly identify crisis requests (e.g., self-harm, severe domestic abuse) to immediately trigger our emergency safety guardrails and direct you to official national crisis hotlines.

---

## 3. How Data is Shared & Processed by Large Language Models (LLMs)

To generate responses, your text inputs are processed using advanced artificial intelligence tools.

* **No Training on Private Data:** Your personal inputs, specific sermon drafts, and conversational chat histories are strictly passed to third-party LLM providers (e.g., OpenAI, Anthropic, or similar API platforms) as a transient execution pipeline. **We ensure that our API agreements prohibit these providers from using your private questions or church drafts to train their underlying public AI models.**
* **Third-Party Infrastructure:** Your data passes strictly through trusted core providers: Google/Apple (for Identity), Stripe (for Billing), and secure cloud-hosted vector/relational databases. We do not sell your personal data or spiritual conversations to third-party brokers or advertisers.

---

## 4. Data Retention and Deletion

* **Control Over Your History:** You can delete individual chat threads or sermon drafts at any time through your account settings. Deleting a thread permanently purges it from our active `chat_messages` tables.
* **Account Deletion:** If you choose to close your account entirely, we will completely purge your core `users` entry, `social_accounts` maps, active conversational histories, and ministry text drafts within thirty (30) days, unless retention is legally required for billing compliance.

---

## 5. Security

We implement industry-standard encryption protocols (TLS/SSL) to protect your conversations and data transmissions between your frontend client and our backend RAG server layers. However, please remember that no method of transmission over the internet or electronic storage database is 100% secure.

---

## 6. Your Legal Rights (GDPR & CCPA/CPRA Compliance)

Depending on your geographic location, you may possess the following privacy rights:

* The right to access and receive a copy of the personal data we hold about you.
* The right to rectify inaccurate data or request deletion.
* The right to object to or restrict processing.

To exercise any of these rights, please contact our privacy compliance officer at: **[Insert Your Support Email, e.g., privacy@peter-ai.com]**.

---

## 7. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any structural modifications by posting the new policy on this page and updating the "Effective Date" at the top of this document.

---

> **Disclaimer:** This document is a foundational template tailored to the technical architecture of your RAG app. It does not constitute formal legal advice. Before publishing your app to production or submitting it to the Apple App Store / Google Play Store, have a licensed legal professional review it to align perfectly with local laws and your corporate structure.