Privacy Policy

Effective Date: 2 January 2026
Last Updated: 2 January 2026

Introduction

Daily Selah ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and services at dailyselah.app (the "Service").

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (GDPR).

Who We Are

Data Controller: Daily Selah
Contact Email: hello@dailyselah.app

If you have any questions about this Privacy Policy or how we handle your data, please contact us at the email address above.

Information We Collect

Personal Information You Provide

When you use Daily Selah, we may collect the following personal information:

• Email Address: Required for account creation and authentication
• Reflections and Prayers: Text you write in our reflection and prayer features
• User Preferences: Settings such as daily verse email opt-in/opt-out

Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on the Service
• Device Information: Browser type, operating system, IP address
• Cookies: See our Cookies section below

Legal Basis for Processing (UK GDPR / GDPR)

We process your personal data under the following legal bases:

• Consent: When you sign up for daily verse emails or use our Service
• Contractual Necessity: To provide the Service you've requested
• Legitimate Interests: To improve our Service and communicate with you

How We Use Your Information

We use your information to:

• Provide the Service: Enable account access, store your reflections and prayers
• Send Daily Verse Emails: If you've opted in (you can opt-out anytime)
• Communicate: Send important updates about the Service
• Improve: Analyze usage patterns to enhance user experience
• Comply with Legal Obligations: Respond to legal requests when required

Data Retention

• Account Data: Retained while your account is active
• Reflections & Prayers: Retained until you delete them or close your account
• Email Communications: Retained according to legal requirements
• Usage Analytics: Anonymized after 12 months

You may request deletion of your data at any time by contacting hello@dailyselah.app.

Your Rights (UK GDPR / GDPR)

Under UK GDPR and GDPR, you have the right to:

1. Access: Request a copy of your personal data
2. Rectification: Correct inaccurate or incomplete data
3. Erasure ("Right to be Forgotten"): Request deletion of your data
4. Restriction: Limit how we use your data
5. Data Portability: Receive your data in a machine-readable format
6. Object: Object to processing based on legitimate interests
7. Withdraw Consent: Opt-out of emails or delete your account anytime

To exercise these rights, contact us at hello@dailyselah.app. We will respond within 30 days.

Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption: Data transmitted over HTTPS
• Secure Storage: Database hosted on secure infrastructure (Neon/Vercel)
• Access Controls: Limited access to personal data
• Regular Updates: Security patches and monitoring

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

Third-Party Services

We use the following third-party services that may process your data:

Vercel (Hosting)

• Purpose: Website hosting and serverless functions
• Data Shared: Usage data, IP addresses
• Privacy Policy: vercel.com/legal/privacy-policy

Neon (Database)

• Purpose: Database storage for user data
• Data Shared: Email, reflections, prayers, preferences
• Privacy Policy: neon.tech/privacy-policy

OpenAI (Optional - AI Summaries)

• Purpose: Generate reflection summaries (if used)
• Data Shared: Reflection text only (anonymized)
• Privacy Policy: openai.com/policies/privacy-policy

Email Service Provider

• Purpose: Send daily verse emails and authentication emails
• Data Shared: Email address only
• Privacy Policy: Varies by provider

International Data Transfers

Your data may be transferred to and processed in countries outside the UK/EU where our service providers operate. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs)
• Adequacy Decisions where applicable
• Data Processing Agreements with all processors

Cookies and Tracking

We use essential cookies to:

• Authentication: Keep you signed in
• Session Management: Remember your preferences during your visit
• Security: Prevent fraud and abuse

We do not use advertising or tracking cookies.

You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

Children's Privacy

Daily Selah is not intended for children under 13 (or 16 in the EU/UK). We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at hello@dailyselah.app.

Marketing Communications

If you opt in to receive daily verse emails:

• You can unsubscribe at any time via the link in every email
• You can manage preferences in your account Settings
• We will never share your email with third parties for marketing

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting the new policy on this page
• Updating the "Last Updated" date
• Sending an email to registered users (for material changes)

Data Protection Authority

If you're in the UK or EU and have concerns about how we handle your data, you have the right to lodge a complaint with your local data protection authority:

UK: Information Commissioner's Office (ICO) - ico.org.uk
EU: Your local supervisory authority

Contact Us

For any questions about this Privacy Policy or to exercise your data rights:

Email: hello@dailyselah.app

We will respond to all requests within 30 days.

---

Selah. Pause. Listen. Receive.

---

© 2024-2026 Daily Selah. All rights reserved.