AppostolicAppostolic

Privacy Policy

Last updated: February 26, 2026

Appostolic (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at appostolic.com and related services (the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this policy.

Information we collect

Account information

When you create an account, we collect your name, email address, and password. If your church or organization creates an account, we also collect the organization name and denominational affiliation you choose to provide.

Content you create

We store the content you create within the platform, including sermons, lessons, growth activities, and related teaching materials. This content belongs to you and your organization.

Usage data

We collect anonymized usage data to improve the Service. This includes page views, feature usage counts, and session information. We do not track the content of your sermons, lessons, or teaching materials in our analytics. All analytics data uses opaque identifiers — never your email, name, or personal information.

Payment information

Payment processing is handled by Stripe. We do not store your credit card numbers or bank account details on our servers. Stripe’s privacy practices are governed by their own privacy policy.

Cookies and tracking

Our public website uses analytics cookies only with your explicit consent. You can opt out at any time through the cookie consent banner. The application itself uses essential cookies required for authentication and session management.

How we use your information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send administrative notifications (account changes, security alerts, billing)
  • Respond to your requests, comments, and questions
  • Monitor and analyze usage trends to improve the user experience

We will never sell your personal information to third parties.

AI and your content

When you use AI-assisted features (such as lesson generation or growth activity creation), your prompts and relevant context are sent to our AI providers to generate responses.

Important things to know:

  • Your content is not used to train AI models
  • AI-generated outputs require your explicit review and approval before use
  • All AI processing respects the guardrails and boundaries you configure
  • We do not share your teaching content across organizations

For more details on how AI operates within Appostolic, see our approach to AI.

Data security and organization isolation

We take the security of your data seriously. Key protections include:

  • Organization isolation: Each church or organization’s data is logically separated at the database level. Your content, settings, and user information are never accessible to other organizations.
  • Encryption: All data in transit is encrypted using TLS. Passwords are hashed using industry-standard algorithms.
  • Access control: Role-based permissions ensure that users within your organization can only access what their role allows.
  • Secure authentication: JWT-based authentication with token rotation and refresh token reuse detection.

Data retention

We retain your account and content data for as long as your account is active or as needed to provide the Service. If you or your organization administrator deletes your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it by law.

You may request a copy of your data or request deletion at any time by contacting us.

Third-party services

We use the following third-party services to operate the platform:

  • Stripe — Payment processing
  • OpenAI — AI-assisted content generation (your content is not used for model training)
  • PostHog — Product analytics (opt-in only, no personal information collected)
  • SendGrid — Transactional email delivery

Each third-party service is governed by its own privacy policy. We only share the minimum information necessary for each service to function.

Children’s privacy

The Service is intended for use by adults (teachers, pastors, and church administrators). Learner-facing features (such as growth activities and quizzes) may be used by minors under the supervision and authorization of their church or parent.

We do not knowingly collect personal information from children under 13 without verifiable parental or organizational consent. If you believe we have collected information from a child under 13 without appropriate consent, please contact us so we can promptly delete it.

Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access and receive a copy of your personal data
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict processing of your personal data
  • Withdraw consent for analytics cookies at any time

To exercise any of these rights, please contact us at privacy@appostolic.com.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the “Last updated” date at the top of this page and, where appropriate, by email.

Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

Contact us

If you have questions about this Privacy Policy or how we handle your data, please reach out:

Email: privacy@appostolic.com