Last updated: May 20, 2026

Summary

The Latin Prayer App is designed to collect as little personal data as possible. By default, your prayers stay on your device and we only see anonymous, aggregate usage statistics.

The app also offers an optional sign-in feature for syncing your notes, bookmarks, and vocabulary progress across devices. If you choose to sign in (via Apple, Google, or an emailed magic link), some personal data is processed — see Optional Account & Sync below.

What We Collect

Anonymous usage statistics

To understand which prayers and rosary tracks are most valued, the app sends anonymous, aggregate statistics to our server (hosted on Supabase). These include:

  • Which prayer or rosary track was viewed or completed (e.g. “Glorious Mysteries”)
  • The date (day only, not time)
  • Your timezone (e.g. “America/New_York” — used only for geographic context)
  • A daily pseudonymous identifier — a rotating hash that resets every day, making it impossible to track you across days or identify you individually

This data is aggregated into daily totals. We cannot identify individual users, devices, or usage patterns from this data. This stream runs the same whether you sign in or not — sign-in does not link anonymous statistics to your account.

What we do NOT collect via analytics

  • Your name, email, or any personal information (anonymous stream)
  • Your device ID, advertising identifier, or hardware identifiers
  • Your precise location (timezone is the coarsest geographic signal)
  • How long you spend in the app
  • Any content you read or type

If you make a purchase

When you choose to support development via in-app purchase:

  • RevenueCat (our payment processor) receives:
  • An anonymous device identifier
  • Your purchase history with us
  • Basic device info (OS version, app version)
  • Apple processes the payment per their privacy policy

We do not receive your name, email, or payment details. If you are also signed in (see below), your active subscription / Plus entitlement is mirrored to your Latin Prayer account so the apps on your other devices know you’ve supported us.

iCloud

Rosary completion history syncs across your devices via iCloud. This data:

  • Is stored in your personal iCloud account
  • Is not accessible to us
  • Can be disabled in iOS Settings

Optional Account & Sync

The app offers an optional sign-in feature so your notes, bookmarks, and vocabulary progress can follow you across devices. The sign-in flow is initiated from inside the iOS app and also from the web account portal at my.latinprayer.org. The app works fully without signing in; opting in is a deliberate choice.

If you sign in, we process the following personal data:

  • Sign in with Apple — Apple sends us your Apple-issued unique user identifier and (on first sign-in only) the email address you authorize Apple to share. Apple’s privacy policy applies to the sign-in flow itself: https://www.apple.com/privacy
  • Sign in with Google — Google sends us your Google account identifier (a non-human-readable DWMDCODESPAN_1 claim), your email address, and your profile name. Google’s privacy policy applies to the sign-in flow itself: https://policies.google.com/privacy
  • Email magic-link sign-in — if you sign in by email, we receive the email address you enter, and we send you a one-time tap-to-sign-in link via MXroute, our transactional-email provider (see MXroute under Third-Party Services below). We do not store passwords; there is no password to remember.

What we do with this data:

  • Create a Latin Prayer account identified by your sign-in provider and the identifier they send. We do not store passwords; authentication is delegated to Apple, Google, or the email magic-link.
  • Tie your synced content — notes (your annotations on Bible verses), bookmarks (which verses you marked), and vocabulary progress (your Leitner box for each Latin word) — to that account so it appears on your other devices.
  • Display your email address back to you on the account screen so you know which account you are signed in to.
  • Mirror your active in-app purchase entitlement (e.g. Plus subscription) to your account.

What we do NOT do with this data:

  • We do not sell, rent, or share it with any third party for any purpose.
  • We do not use it for advertising, profiling, behavioural analytics, or remarketing.
  • We do not access any other data from your Apple or Google account beyond what is listed above. We do not request access to your contacts, files, calendar, drive, photos, or any other API scope.
  • We do not link your sign-in account to the anonymous usage statistics stream described earlier.

Our use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Where it’s stored: sign-in data and your synced content are stored in a PostgreSQL database hosted in the European Union (Hetzner, Helsinki). We use TLS encryption for all data in transit and standard server hardening for data at rest.

Account deletion: to delete your Latin Prayer account and all associated synced content, email dushan@dushan.org with the subject “Delete my account”. We will confirm the deletion and complete it within 30 days. Deleting the iOS app from your device does not delete the server-side account — the email request does.

Legal basis (EU/GDPR): Performance of a contract with the user (Art. 6(1)(b) GDPR). The sync feature is an explicit service the user opts into.

Retention: Account data is retained as long as the account is active. After an account-deletion request, all account-linked data is removed within 30 days, except where legal retention obligations require otherwise.

What We Do NOT Collect

The following are never collected — neither anonymously nor when signed in:

  • Precise location data
  • Contacts
  • Photos
  • Health data
  • Browsing history outside the app
  • Advertising identifiers
  • Device fingerprints or persistent identifiers

Personal information (your email, name) is collected only if you opt into sign-in, as described above. The base app — browsing, reading, praying, learning vocab, marking bookmarks locally — works fully without revealing personal data to us.

Third-Party Services

Supabase

Hosts our anonymous, aggregate usage statistics. Data is stored on Supabase-managed infrastructure. No personal data is sent. Their privacy policy: https://supabase.com/privacy

RevenueCat

Handles in-app purchase processing. Their privacy policy: https://www.revenuecat.com/privacy

Apple

Processes payments, provides iCloud sync, and (if you choose) provides Sign in with Apple. Their privacy policy: https://www.apple.com/privacy

Google

If you choose to sign in with Google, Google’s identity service authenticates you and sends us the data listed above. Their privacy policy: https://policies.google.com/privacy

MXroute (Transactional Email Provider)

If you choose to sign in by email magic-link, MXroute LLC (Texas, US) delivers the one-time sign-in link. Only your email address and the link itself are shared with them, solely to deliver that single message. MXroute’s published terms + privacy notice: https://mxroute.com/terms (Privacy section near the bottom).

Data Transfers Outside the EEA

Some of our service providers (e.g. Supabase, RevenueCat, MXroute) are headquartered outside the European Economic Area (EEA) and may process data in the United States or other regions. Where this occurs, we ensure appropriate safeguards are in place — most commonly the EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) or an adequacy decision by the European Commission (Art. 45 GDPR).

Account data + synced content (notes, bookmarks, vocabulary progress) is stored exclusively in the EU.

Data Retention

  • Anonymous usage statistics: Retained indefinitely as anonymous daily aggregates (cannot be tied to individuals).
  • Purchase records: Retained by RevenueCat per their policy.
  • iCloud data: Controlled by you in your Apple account.
  • Local data on your device: Stored on your device until you delete the app.
  • Account data + synced content (if signed in): Retained while your account is active; removed within 30 days of an account-deletion request.

Your Rights (EU/GDPR)

If you live in the EEA, you have the following rights regarding any personal data we hold (which only applies if you signed in):

  • Right of access (Art. 15 GDPR) — request a copy of your account data.
  • Right to rectification (Art. 16 GDPR) — correct inaccurate data.
  • Right to erasure (Art. 17 GDPR) — delete your account (see Account deletion above).
  • Right to data portability (Art. 20 GDPR) — request your synced content in a structured, machine-readable format.
  • Right to object (Art. 21 GDPR) — object to processing based on legitimate interests at any time.
  • Right to withdraw consent (Art. 7(3) GDPR) — withdraw consent (e.g. by deleting your account) at any time, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint — with your local data-protection supervisory authority. The competent authority for Spain (where the controller is established) is the Agencia Española de Protección de Datos (AEPD), https://www.aepd.es.

To exercise any of these rights, email dushan@dushan.org.

Children’s Privacy

Latin Prayer does not knowingly collect information from children under 13. The app contains no features that would require age verification. The sign-in feature is intended for adults.

Controller

Dushan Wegner

Calle Maria Cristina no 38, 2o Piso

ES-38004 Santa Cruz de Tenerife

Spain

Email: dushan@dushan.org

Changes to This Policy

We may update this policy occasionally. Changes will be posted here with an updated date. Continued use of the app constitutes acceptance.

Contact

Questions about privacy? Email: dushan@dushan.org

This policy applies to the Latin Prayer iOS app distributed via the Apple App Store and to the related account portal at my.latinprayer.org. There is a privacy policy for latinprayer.org covering the broader website.

Mark · 9 · 1 — daily verse
MMXXVI