Privacy Policy

This Privacy Policy describes how Sojourner ("Sojourner", "we", "us", or "our") collects, uses, shares, and protects information about you when you access or use the Sojourner website, mobile applications, software, APIs, and related services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy and our Terms of Service.

1. Information we collect

We collect information in the following categories.

1.1 Information you provide

• Account information. When you create an account or sign in (including through a third-party identity provider), we receive identifiers such as your email address, first and last name (where available), profile image URL, authentication identifiers, and account status and role.
• Your Content. The journal entries you write, photos you attach, voice recordings you make, tags you create, journals you organize, calendar entries, bookmarks, Scripture references you attach, trips and places you log, AI-generated stories and illustrations created on your behalf, story prompts and settings you submit, and any other content you create, upload, generate, or store through the Service ("Your Content").
• Children and family-member profiles. If you choose to use the story features, you may add profiles for your children or other family members (which can include a display name, age or age range, pronouns, role, and notes) and upload reference photos so the Service can render consistent illustrations of those people in AI-generated stories. By doing so, you confirm that you are the parent or legal guardian of any child you add, or that you otherwise have the authority and consent required to provide that information and any reference photos.
• Location and place data. If you enable location features (such as tagging a journal entry or trip with where you were), we collect the latitude, longitude, and accuracy reading provided by your device, and we may derive a human-readable place name (for example, city or country) using a third-party reverse-geocoding service. Location features are optional and require your operating system's permission, which you can revoke at any time. Photos you attach may also contain embedded location ("EXIF") and device metadata that we may store with the photo unless your device or settings strip it before upload.
• Mobile-app data. If you install our mobile application, your device may share push-notification tokens, app-version and operating-system information, and the OS-level permissions you have granted (such as Camera, Microphone, Photo Library, and Location). Push tokens allow us to send reminders and similar notifications you have opted into; you can disable them in your device settings.
• Sharing data. If you generate a public or email-restricted share link for a story or other content, we store the link, its access settings, and basic information about access (such as the viewer email used to authenticate to an email-restricted share, timestamps, and IP-derived approximate location) for security, abuse-prevention, audit, and rate-limiting purposes.
• Preferences and settings. Your selected Bible translation, theme, reminder schedule, notification settings, and similar configuration choices.
• Billing information. If you purchase a paid plan, our payment processor collects payment information directly. We receive limited transaction information such as plan, status, billing cycle, the last four digits of a card or similar identifiers, and renewal dates. We do not store full payment-card numbers.
• Communications. If you contact us for support or feedback, we receive the content of those communications and your contact information.

1.2 Information we collect automatically

• Device and technical data. IP address, user-agent string, browser type and version, operating system, device type and identifiers, language, time zone, screen size, and similar technical attributes.
• Usage data. Pages or screens viewed, features used, in-product actions, referral pages, dates and times of access, error reports, performance data, and approximate location derived from IP address.
• Cookies and similar technologies. We use cookies, local storage, and similar technologies to keep you signed in, remember your preferences, secure the Service, and understand how the Service is used. You can control cookies through your browser settings; disabling them may degrade portions of the Service.
• Logs. Server logs may record requests, error stacks, request identifiers, and similar diagnostics.

1.3 Information from third parties

• Identity providers. If you sign in with a third-party identity provider, we receive the account information you authorize that provider to share with us (typically a unique identifier, name, email, and profile image).
• Service providers. Our hosting, payments, analytics, AI, and infrastructure providers may share technical information with us to help us operate the Service.

2. How we use information

We use the information we collect to:

• provide, operate, secure, sync across your devices, back up, debug, and maintain the Service;
• authenticate users, prevent fraud and abuse, enforce our Terms of Service, and protect the safety and rights of Sojourner, our users, and the public;
• process payments, manage subscriptions, free trials, and billing;
• provide AI-powered features such as voice-to-text transcription, reflection prompts, cross-entry insights, summaries, Scripture suggestions, and the generation of illustrated bedtime stories — including illustrations rendered to resemble the children or family members you have added with reference photos (see Section 3);
• display map-based features and place names by transmitting coordinates you provide to a third-party reverse-geocoding service, and store the resulting place data with your entries or trips (see Section 11);
• enable you to share specific stories or other Service content with people you choose, including via public links or email-restricted links, and to track and audit access to shared content (see Section 12);
• send push notifications, calendar reminders, and similar messages on your devices when you have opted into them;
• personalize the Service to you (for example, by remembering your preferred Bible translation or recently viewed Scripture);
• respond to your support requests and communicate with you about updates, changes, and operational notices;
• send marketing or promotional messages, where permitted by law and subject to your communication preferences;
• analyze and improve the Service, including measuring usage patterns, diagnosing errors, and developing new features; and
• comply with legal obligations, enforce our agreements, and respond to lawful requests from public authorities.

The legal bases on which we process personal information (where required by applicable law such as the GDPR/UK GDPR) include the performance of our contract with you, our legitimate interests in operating and improving the Service, your consent (where required), and compliance with legal obligations.

3. Artificial-intelligence features and third-party AI providers

The Service includes optional AI-powered features ("AI Features"), which currently include, without limitation:

• Voice-to-text transcription of voice notes you record;
• Reflection prompts, cross-entry insights, and summaries based on the journal entries you choose to include;
• Scripture suggestions that recommend Bible passages based on the content of an entry;
• Bedtime-story generation that produces multi-page, illustrated short stories based on the prompts, settings, and child or family-member profiles you provide; and
• AI image generation that produces illustrations to accompany generated stories, including illustrations rendered to resemble the children or family members you have added by reference photo.

To provide these features, Your Content (which may include the text of journal entries, audio recordings, attached Scripture references, tags, metadata, story prompts and settings, child and family-member profiles, and reference photos of the people to be illustrated) is transmitted to and processed by third-party AI providers.

Sojourner uses third-party AI providers — which may include, for example and without limitation, OpenAI, Anthropic, Google, fal.ai, and other large-language-model, image-generation, transcription, or machine-learning service providers — to power the AI Features. The specific providers, models, model versions, geographic processing locations, and configurations we use may change at any time, with or without notice to you. We may add new providers or remove existing ones at our discretion as the AI ecosystem evolves. We are not committing to any single provider, model, or version.

Where we transmit Your Content to AI providers for inference, we make commercially reasonable efforts to do so under contractual terms that prohibit those providers from using Your Content to train or improve their underlying models. However, providers may temporarily retain inputs and outputs for short periods for abuse monitoring, safety, and legal compliance in accordance with their own policies. Their practices are governed by their own terms and privacy policies, which we encourage you to review for the providers currently in use.

Reference photos and likeness. If you upload reference photos so the Service can render a child or family member in AI-generated illustrations, those photos are transmitted to image-generation providers solely so they can produce illustrations on your behalf. We do not use reference photos for biometric identification, facial-recognition matching, or any purpose other than rendering the illustrations you have requested. AI-generated images are artistic interpretations and may differ from the real appearance of the subject.

Story prompts and outputs. Story prompts, settings, and the resulting story text and images are stored with your account so you can revisit or share them. You can delete generated stories and their illustrations at any time from within the Service.

You may decline to use the AI Features. Where the Service provides controls to enable, disable, or limit AI processing, you may use those controls. Some features may be unavailable if AI Features are disabled.

We do not use Your Content to train AI models. Sojourner does not sell Your Content. Sojourner does not use Your Content (including journal text, voice recordings, photos, reference photos, story prompts, or AI inputs and outputs) to train, fine-tune, or otherwise improve any third-party large language model, image-generation model, or general-purpose AI model.

AI outputs may be inaccurate. AI Features may produce inaccurate, incomplete, biased, fabricated, or unintended results, including illustrations that do not fully resemble the intended subject or that contain unwanted elements. AI outputs are not professional, theological, medical, mental-health, legal, or other expert advice. See our Terms of Service for additional disclaimers and your responsibilities when using AI outputs.

4. How we share information

We do not sell your personal information. We share information only as described below.

• Service providers. We share information with vendors and contractors that perform services for us, including cloud hosting and storage, database management, authentication and identity, payment processing, voice transcription and AI inference, error monitoring, analytics, customer support, and email delivery. These providers are authorized to use your information only as necessary to provide services to us and are bound by confidentiality and data-protection obligations.
• Third-party AI providers. As described in Section 3, we share Your Content with third-party AI providers when you use AI Features. The specific providers may change over time, with or without notice.
• Reverse-geocoding and mapping providers. When you use location features, we transmit the coordinates you provide to a third-party reverse-geocoding service (currently OpenStreetMap's Nominatim service) so we can return a human-readable place name. Map tiles and similar map data may also be provided by third parties.
• Push-notification services. If you opt into push notifications, we transmit messages and your device push token to operating-system push providers (such as Apple Push Notification service and Firebase Cloud Messaging via Expo's push infrastructure) so they can deliver notifications to your device.
• Recipients of content you share. If you generate a share link or invite specific recipients, the story or other content you share — together with any associated AI-generated images — will be made available to those recipients (and, in the case of a public link, may be accessible to anyone who obtains the link). You are responsible for who you share with and for the consequences of sharing. See Section 12 for more.
• Identity and authentication providers. If you sign in through a third-party identity provider, we exchange information with that provider as necessary to authenticate you.
• Scripture and content providers. The Service retrieves Scripture content from third-party APIs. Requests to those APIs may include technical information such as IP address and user-agent. See our Copyright & Attribution page for details on these sources.
• Legal and safety. We may disclose information if we believe in good faith that disclosure is necessary to (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce our Terms of Service or other agreements, including investigating potential violations; (c) detect, prevent, or otherwise address fraud, security, or technical issues; or (d) protect against harm to the rights, property, or safety of Sojourner, our users, or the public.
• Business transfers. If Sojourner is involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of all or a portion of its assets, or other similar transaction, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information where required by law.
• With your consent. We may share information in any other manner with your consent or at your direction.

We may also share aggregated or de-identified information that does not reasonably identify you for analytics, research, marketing, and similar purposes.

5. Data retention

We retain your information for as long as your account is active and as needed to provide the Service. Specifically:

• Active content. Your Content is retained until you delete it or your account is deleted.
• Drafts and transient content. Unsaved drafts and similar transient content may be cleaned up after a reasonable period as part of routine maintenance.
• Backups and audit logs. We may retain copies of information in encrypted backups, audit logs, and similar systems for a limited additional period after deletion for security, integrity, and legal-compliance purposes.
• Account and billing records. We retain account, transaction, and billing records for as long as required to comply with our legal, accounting, tax, and reporting obligations.
• AI processing. Inputs and outputs sent to third-party AI providers may be retained briefly by those providers in accordance with their own policies, as described in Section 3.

When we no longer need to retain your information, we will delete or de-identify it.

6. Security

We use a combination of administrative, technical, and organizational measures designed to protect your information, including encryption in transit, restricted access controls, authentication safeguards, and regular review of our security practices. No method of transmission over the Internet or electronic storage is, however, 100% secure, and we cannot guarantee absolute security. You are responsible for safeguarding your account credentials and for any activity that occurs under your account. Promptly notify us if you suspect unauthorized access.

7. International data transfers

Sojourner is operated from, and may transfer, store, and process information in, the United States and other countries. Privacy and data-protection laws in those countries may differ from the laws of the country in which you reside. By using the Service or providing information to us, you consent to such transfer, storage, and processing. Where required by law (including for personal data of individuals in the European Economic Area, the United Kingdom, or Switzerland), we rely on appropriate safeguards such as standard contractual clauses for international transfers.

8. Your choices and rights

8.1 Access, update, delete. You can review and update much of your account information from your account settings. You can delete Your Content from within the Service. You may request to delete your account by contacting us through the support channels made available within the Service.

8.2 Communications. You can opt out of promotional emails by following the unsubscribe instructions in those emails. We may continue to send transactional or service-related messages (for example, about your account, billing, security, or material changes to the Service).

8.3 AI Features. Where the Service offers controls to enable, disable, or limit AI Features, you may use those controls.

8.4 Cookies. You can control cookies through your browser settings, including blocking or deleting them. Some features of the Service may not work properly without cookies.

8.5 Regional rights. Depending on your jurisdiction, you may have additional rights, such as the right to access, correct, port, restrict or object to certain processing of, or delete your personal information, and the right to lodge a complaint with a supervisory authority. To exercise these rights, please contact us through the support channels made available within the Service. We will respond consistent with applicable law. We may need to verify your identity before fulfilling a request.

8.6 California privacy rights. If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the CPRA, provides you with rights regarding your personal information, including the right to know, the right to delete, the right to correct, the right to opt out of "sales" or "sharing" (we do not sell personal information and do not share it for cross-context behavioral advertising), and the right to non-discrimination for exercising your rights. To exercise these rights, please contact us through the support channels made available within the Service.

8.7 "Do Not Track". Our Service does not currently respond to browser "Do Not Track" signals.

9. Children's privacy and parent-provided child information

The Service is not directed to children under the age of 13, and children under 13 are not permitted to create accounts or use the Service directly. Other than the information an adult account holder voluntarily provides about their own child as described below (which is provided to us at the direction of the child's parent or legal guardian), we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 outside of that parent-directed context, we will delete it. Where required by local law, the minimum age may be higher.

Information you provide about a child. The story features allow an adult account holder to add profiles for their own children or other family members (including a display name, age or age range, pronouns, role, notes, and optional reference photos used to render illustrations of that person). By adding such information, you confirm that you are the parent or legal guardian of any child you add, or that you otherwise have the authority and consent required from the child's parent or legal guardian (and from any other family member depicted) to provide the information and any reference photos. You are responsible for what you upload and for ensuring that any AI-generated stories and illustrations involving a child are appropriate for that child.

You can delete a child or family-member profile, its reference photos, and the stories that depict them at any time from within the Service. If you are a parent or legal guardian and believe that information about your child has been provided to us without your authorization, please contact us through the support channels in the Service and we will take steps to delete it.

10. Third-party links and services

The Service may include links to or interact with third-party websites, applications, or services. We are not responsible for the privacy practices or content of those third parties. Their use of your information is governed by their own privacy policies, which we encourage you to review.

11. Location and place data

Location features are optional. When you choose to attach a location to a journal entry, photo, or trip, your device captures a coordinate reading (latitude, longitude, and an accuracy estimate) using its operating-system location services. You control whether the Service is permitted to access your location through your device's permission settings, and you can revoke that permission at any time.

To turn coordinates into a human-readable place name (for example, "Boulder, Colorado"), we transmit the coordinates to a third-party reverse-geocoding service (currently OpenStreetMap's Nominatim). The resulting place name and country are stored alongside the entry or trip. Place names are estimates and may be incomplete or inaccurate; do not rely on them for navigation, emergency response, or any other safety-critical purpose.

Photos you attach may contain embedded location and device metadata (commonly called "EXIF" data), which we may store with the photo unless your device, browser, or operating system strips that metadata before upload. You can remove location from individual entries, photos, or trips from within the Service.

We may also derive an approximate location from your IP address for security, fraud prevention, analytics, and abuse-investigation purposes (for example, to help detect unauthorized account access). This is independent of the precise location features described above.

12. Public sharing and recipients of shared content

The Service allows you to share specific stories or other content by generating a share link. Depending on the settings you choose, a share link may allow access to anyone who has the link (a "public" link) or only to email addresses you specify (an "email-restricted" link).

Once you share, you cannot fully take it back. Recipients may view, screenshot, download, copy, forward, or republish the shared content. If you revoke a share link, the Service will stop serving the content at that link, but copies that have already been viewed, downloaded, or screenshotted are outside our control. You are responsible for who you share with and for the consequences of sharing — including the consequences of sharing AI-generated stories or illustrations that depict a child or other identifiable person.

To operate the sharing feature we collect basic information about share access — such as the share link used, the viewer email used to authenticate to an email-restricted share, timestamps, IP-derived approximate location, and technical information about the requesting device — for security, abuse-prevention, audit, and rate-limiting purposes.

Recipients who view content you share are not necessarily Sojourner account holders. If a recipient provides personal information to us in connection with viewing shared content (for example, an email address used to authenticate to an email-restricted share), we process that information to operate the sharing feature and as otherwise described in this Privacy Policy.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we update the Privacy Policy, we will revise the "Last updated" date above. For material changes, we will provide additional notice as required by applicable law (for example, by posting an in-product notice or sending you an email). Otherwise, changes are effective when posted, and your continued use of the Service after the changes take effect constitutes your acceptance of the updated Privacy Policy. We encourage you to review the Privacy Policy periodically.

14. Contact us

If you have questions, comments, or requests about this Privacy Policy or our privacy practices, please contact Sojourner through the support channels made available within the Service.