Effective Date: 23 January 2026 | Last updated: 6 February 2026
Plain Language Summary
We collect only what we need to provide Doxa. We never sell your data. We never use it for advertising. Your spiritual content is encrypted and protected. You can export or delete your data at any time. This full policy explains everything in detail.
Key updates (February 2026): See Section 6B for complete transparency about what data is shared with AI providers (Google, Anthropic, ElevenLabs, AssemblyAI), what protections exist, and your choices. We've also added Sentry session replay disclosure, updated payment processor information, and expanded jurisdiction-specific rights.
The Doxa Way Ltd ("Company," "we," "us," "our") is the data controller for your personal data.
Company Number: 16744139
Registered Address: 108 Kings Road, New Haw, Addlestone, KT15 3BH, United Kingdom
Email: privacy@doxa.app
"Company Personnel" means the directors (including Garth Hilton Watson in his capacity as director and in his personal capacity), officers, employees, agents, contractors, and affiliates of The Doxa Way Ltd. References to the Company include Company Personnel acting in their official capacity.
POPIA Information Officer: Garth Hilton Watson — privacy@doxa.app
We built Doxa with privacy at its core. Your spiritual records, prayers, testimonies, and encouragements are deeply personal. We treat this data with the utmost respect and implement robust security measures to protect it.
To diagnose bugs and improve reliability, we use Sentry's session replay feature. This records a visual representation of your app session, but with all text, images, input fields, and vector graphics fully masked. What we see is a blurred wireframe of interactions — we cannot read your content.
We use your data exclusively to:
What this means
We only use your data to make Doxa work for you. We don't sell it, we don't advertise with it, and we don't share it with anyone except the specific service providers listed in Section 6 below.
Under data protection laws (including UK GDPR, EU GDPR, and POPIA), we must have a lawful basis to process your personal data. Here's how we justify each type of processing:
Processing necessary to perform our contract with you—i.e., to provide the Doxa Service:
Processing necessary for our legitimate interests (or those of third parties), balanced against your rights and freedoms:
We conduct a balancing test for each legitimate interest to ensure your rights are not overridden. You may object to processing based on legitimate interests by contacting us.
Where you have freely given specific, informed, and unambiguous consent:
You can withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
Processing required to comply with legal obligations:
In rare emergency situations, we may process data to protect vital interests of you or another person (e.g., if we become aware of an imminent threat to life and need to contact emergency services).
We engage trusted third-party service providers ("processors") to help deliver the Service. All processors are bound by data processing agreements with equivalent security and confidentiality obligations. By using the Service, you acknowledge that we may engage, replace, or add processors without prior notice, provided they meet our security standards.
| Processor | Purpose | Location | Data Processed |
|---|---|---|---|
| Supabase Inc. | Database, Auth, Storage, Edge Functions | USA (us-east-1) | All user data, content, authentication |
| Apple Inc. | App distribution, push delivery (APNs), in-app purchase payment processing, Sign in with Apple | USA | Device tokens, payment information (for IAP), authentication credentials, app usage analytics (if enabled) |
| Google LLC | App distribution (Play Store), in-app purchase payment processing, Google Sign In, website analytics (GA4) | USA | Device tokens, payment information (for IAP), authentication credentials, website page views (anonymized) |
| ElevenLabs Inc. | Voice chat (Conversational AI), text-to-speech | USA | Voice audio (real-time streaming, not stored), text prompts (not retained after session) |
| AssemblyAI Inc. | Audio transcription | USA | Audio files (temporarily, deleted after processing) |
| Google LLC (Gemini) | Grace Record synthesis, content embeddings, writing quality review | USA | Public testimony content only (not private vault data) |
| Anthropic PBC (Claude) | Title generation, content review, Grace Record red team review | USA | Text content (not stored by Anthropic per API terms) |
| Stripe Inc. | Secondary payment processing for certain payment methods | USA | Payment information, billing details, subscription status |
| Expo (650 Industries) | Push notifications | USA | Device tokens, notification content |
| Functional Software (Sentry) | Error monitoring, masked session replays (all text/images/vectors hidden) | EU (Frankfurt) | Error logs, device info, stack traces, masked session recordings |
| Vercel Inc. | Website hosting | Global CDN | Access logs, IP addresses (website only) |
We do not sell, rent, or trade your personal data. We may disclose data if required by law, court order, or to protect our legal rights.
We may disclose your personal data without your consent only where required or permitted by law:
We will notify you of any such disclosure where legally permitted to do so.
We handle voice data with particular care. Here's exactly what happens:
Why This Section Exists
We understand that sharing spiritual data with AI providers raises legitimate concerns. This section provides complete transparency about what data goes where, what protections exist, and what choices you have. We believe you should have all the facts to make your own informed decision.
Protecting Your Prayers & Prophecies
Your prayers and prophecies are sacred. We take this responsibility seriously. Here's what you need to know:
| Provider | What Data | When | How Long Retained |
|---|---|---|---|
| ElevenLabs | Voice audio stream + compact text context from your vault (max 3 prophecies at 200 chars, 3 vault items at 200 chars, 2 testimonies at 150 chars, 3 scriptures at 150 chars) | During Engage voice chat sessions only | Audio: NOT stored after session. Conversation data deleted after session ends |
| AssemblyAI | Audio file of your voice recording | When you record a prophecy or testimony by voice | Deleted immediately after transcription. Transcoded copies: 3 days max |
| Google (Gemini) | Public testimony content for Grace Record synthesis and embeddings | When processing public Grace Record content only | API data not used for training per Google's API terms |
| Anthropic (Claude) | Text content for title generation and content review | When generating titles or reviewing Grace Record content | 7-day API retention, not used for training per Anthropic's API terms |
Each AI provider has made legally binding commitments about how they handle data:
"Could AI provider employees read my prayers?"
Technically possible but highly restricted. ElevenLabs, Google, and Anthropic all have internal access controls audited under SOC 2. Data access requires business justification. Your prayers are one of millions of API calls — no one is actively reading them. However, we cannot guarantee what happens inside third-party systems.
"Could my spiritual data train AI models?"
No — contractually prohibited. All our AI providers' API terms explicitly exclude API data from training unless the customer opts in. Doxa has NOT opted in. This is a legally binding commitment. ElevenLabs, Google (Gemini), Anthropic (Claude), and AssemblyAI all confirm this in their terms.
"Could my data be leaked in a breach?"
Risk exists but is mitigated. All three providers have SOC 2 Type 2 certification. Encryption protects data in transit and at rest. Short retention periods limit the exposure window. These companies invest heavily in security as high-value targets. However, no system is 100% secure — this is true of all digital services.
"What if the government subpoenas my data?"
Possible but limited. Our AI providers have stated they fight overly broad requests. Minimal retention periods limit what data exists to be produced. Doxa's data is stored in the USA (Supabase) and is subject to US law. We would notify you of any request where legally permitted.
"Could my prayers be connected to me personally?"
Low risk. We do not send your email, name, or Doxa account ID to AI providers. Your prayers arrive as anonymous text context. AI providers see our Edge Function server IP, not your device IP directly. However, your voice is biometrically unique, and your prophecy content may contain personal details (e.g., names, locations, churches mentioned in the text). While theoretical re-identification through content correlation is possible, it would require deliberate effort, access to multiple data sources, and a specific reason to target you. Such an exercise would be costly — requiring engineering resources, cross-referencing external databases, and violating access policies — with no business justification. This makes it a low-probability scenario for ordinary users. Minimal retention periods further limit any exposure.
"Could AI companies use my content on Doxa for evil?"
This is the heart of the concern, and it deserves a thoughtful answer.
The short answer: We have done everything reasonably possible to prevent this, but we cannot make absolute guarantees about systems we don't control.
What "evil" would look like: Selling your prayers to advertisers. Training AI on your spiritual struggles. Profiling your faith to manipulate you. Targeting you based on your vulnerabilities. Using your content against you.
Why this is unlikely:
• No business incentive: AI providers make money selling API access, not harvesting prayer data. Your prayers have no commercial value to them.
• Legal liability: Misusing data would violate contracts, data protection laws (GDPR, CCPA), and expose them to lawsuits worth far more than any profit.
• Reputational suicide: A single scandal would destroy enterprise trust—their primary revenue source.
• Technical barriers: Your data arrives anonymously, in fragments, mixed with millions of other API calls. Targeting you specifically would be like finding one drop in an ocean.
• Short retention: Data is deleted within hours to days. There's no archive of your prayers sitting on a server.
What we cannot guarantee: We cannot see inside ElevenLabs, Google, or Anthropic's systems. We cannot prevent a rogue employee. We cannot stop a government with a warrant. We cannot predict future policy changes. These are honest limitations of any cloud service—including email, messaging apps, and every other digital tool you use.
The wisdom: Perfect privacy exists only in your own heart and in prayer spoken to God alone. Every digital tool involves some trust. We have chosen providers carefully, implemented technical safeguards, and secured contractual protections—but ultimately, you must decide if the benefits of AI-assisted encouragement are worth this measured risk. If they are not, Doxa works without AI features. Your spiritual life does not depend on technology.
"What's the difference between my private vault and The Grace Record?"
Private Vault (your prophecies, prayers, notes): Only sent to AI when you use voice chat or voice recording. Never shared publicly. Never bulk-processed. Only you can see it.
The Grace Record (public testimonies): A public archive of historical and user-submitted testimonies. If you submit a testimony to The Grace Record, it becomes public content that others can read. This public content is processed by AI for synthesis, review, and discoverability. Your private vault is never connected to The Grace Record unless you explicitly submit something.
"What if AI companies change their policies in the future?"
Valid concern. If any AI provider materially changes their data practices in a way that weakens protections for your spiritual content, we commit to: (1) notifying you promptly, (2) evaluating alternative providers, and (3) giving you the option to export your data and delete your account before any adverse changes take effect. We chose providers with strong privacy track records, but we remain vigilant and will act in your interest if circumstances change.
You have control over how much data is processed by AI providers:
The Bottom Line
When you use Engage voice chat, compact excerpts of your vault (max 3 prophecies, 3 vault items, 2 testimonies, 3 scriptures — all truncated) are sent to ElevenLabs to personalise your encouragement. This data is processed in real-time and is not stored after your session ends. Your data is not used for AI training. When you record by voice, your audio goes to AssemblyAI, is transcribed, and immediately deleted. For Grace Record content, Google (Gemini) handles synthesis and Anthropic (Claude) handles title generation and review. We have implemented technical and contractual safeguards, but we cannot control what happens inside third-party systems. We believe in transparency — you should have all the facts to decide what's right for you.
Your data may be processed in the United States and other countries where our processors operate. For transfers from the UK/EEA, we rely on:
What this means
Because our service providers are mostly based in the USA, your data travels internationally. We use legal agreements approved by UK and EU regulators to ensure your data receives equivalent protection wherever it's processed.
We respect privacy rights worldwide. Depending on where you live, you may have additional rights:
POPIA Transfer Provisions: We transfer data outside South Africa on the basis that our processors are bound by contractual obligations that provide an adequate level of protection as required by Section 72 of POPIA.
CCPA/CPRA Notice at Collection
Categories of personal information collected: Identifiers (name, email), internet activity (usage data), audio data (voice recordings for transcription), and inferences (AI-generated content). Purpose: To provide and improve the Service as described in Section 4. Retention: As described in Section 8. Right to opt out of sale: We do not sell your personal information. Right to limit use of sensitive information: We only use sensitive information to provide the Service. To exercise any CCPA/CPRA rights, contact privacy@doxa.app or use the in-app data management features.
EEA Representative: If you are located in the European Economic Area and need to contact a representative under Article 27 GDPR, please email privacy@doxa.app and we will direct your inquiry appropriately. We are in the process of appointing a formal EEA representative and will update this policy when that appointment is confirmed.
To exercise any of these rights, contact us at privacy@doxa.app. We respond to all requests within the timeframes required by applicable law.
You have the right to:
You can request deletion of your data through any of these methods:
You will receive a confirmation email when your deletion request has been processed. If you do not receive confirmation within 30 days, please contact us at privacy@doxa.app.
To exercise these rights, contact privacy@doxa.app. We will respond within 30 days (or as required by applicable law).
We implement industry-standard and beyond security measures:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
No system is completely secure. You are responsible for:
We cannot be held responsible for breaches resulting from your failure to maintain adequate security of your account credentials or devices.
The Service is not intended for children under 13 years of age (or under the applicable age threshold in your jurisdiction — see Section 7A). We do not knowingly collect personal data from children below the applicable age threshold. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at privacy@doxa.app.
We use minimal cookies and tracking technologies. We do not use advertising or marketing cookies. The mobile app uses no analytics cookies. The website uses Google Analytics for basic traffic metrics. See our Cookie & Tracking Policy for details.
We may update this policy from time to time. Material changes will be communicated via the app, email, or this page. The "Last updated" date at the top indicates when this policy was last revised. Your continued use of the Service after changes constitutes acceptance.
For privacy inquiries, data requests, or complaints:
Data Protection Contact: privacy@doxa.app
POPIA Information Officer: Garth Hilton Watson — privacy@doxa.app
Address: The Doxa Way Ltd, 108 Kings Road, New Haw, Addlestone, KT15 3BH, United Kingdom
You have the right to lodge a complaint with a supervisory authority if you believe we have processed your data unlawfully:
We encourage you to contact us first so we can try to resolve your concern directly.
We do not use your personal data for automated decision-making that produces legal effects concerning you or similarly significant effects. While we use AI to provide features like transcription, title generation, and voice chat, these are assistive tools—not automated decision-making systems that affect your legal rights.
If we ever introduce automated decision-making with significant effects, we will update this policy and provide appropriate safeguards including the right to human review.
We recognise that Doxa may contain sensitive personal data, including religious or philosophical beliefs (as spiritual content is central to the Service). By using Doxa to record prophecies, testimonies, or other spiritual content, you explicitly consent to the processing of this special category data as necessary to provide the Service.
We apply additional safeguards to sensitive data, including enhanced encryption and stricter access controls. We never share your spiritual content for advertising, profiling, or any purpose unrelated to providing the Service.
We do not:
This is a core commitment. We believe your spiritual journey should never be commoditised.
While we take extensive measures to protect your data, you acknowledge that:
Nothing in this section limits or excludes liability for breach of applicable data protection laws to the extent such limitation is not permitted by law.
This Policy creates obligations for The Doxa Way Ltd as a corporate entity. Nothing in this Policy shall be construed as a personal guarantee, warranty, or undertaking by any director, officer, employee, or agent of the Company in their personal capacity.
The obligations, liabilities, and commitments set forth in this Policy are those of the Company alone. Company Personnel may enforce the protective provisions of this Policy (including limitation of liability and disclaimer provisions) as express third-party beneficiaries under the Contracts (Rights of Third Parties) Act 1999.
Questions? Contact us at privacy@doxa.app. We're here to help.