Pulpit AIBack to pulpit

Privacy Policy

Last updated: May 2, 2026

1. Who we are

This Privacy Policy describes how The Preach Pad ("we", "us") processes personal data when you use Pulpit AI (the "Service"). The Preach Pad is the data controller for personal data we collect about you in connection with the Service.

2. Data we collect

We collect the following categories of personal data:

  • Account data — name, email, password hash, login provider (e.g. Google).
  • Profile data — display name, avatar URL, optional bio.
  • Content you create — sermon inputs (scripture, topic, occasion, audience, style, length) and the AI-generated sermon text saved to your library.
  • Usage data — number of sermons generated per month, plan tier, in-app actions, error logs.
  • Device & technical data — IP address, browser/user-agent, device identifiers, language, timestamps.
  • Support communications — messages you send to us.
  • Cookies and similar technologies — see "Cookies" below.

Payment card details are collected directly by Paddle and are not accessible to us. We only receive subscription metadata (status, plan, customer ID, billing period dates).

3. How and why we use your data

  • Provide the Service — create your account, generate and store sermons, enforce plan limits. Legal basis: performance of contract.
  • Security and fraud prevention — monitor abuse, rate limits, and unauthorized access. Legal basis: legitimate interests.
  • Customer support — respond to your questions. Legal basis: performance of contract / legitimate interests.
  • Service improvement — debug errors, improve quality of AI prompts and product features in aggregate. Legal basis: legitimate interests.
  • Marketing — only with your consent (e.g. opt-in newsletter). You can unsubscribe at any time.
  • Legal compliance — meet tax, accounting, and other legal obligations. Legal basis: legal obligation.

We use third-party AI providers to generate sermon content from your inputs. Inputs and outputs are processed by these providers solely to deliver the Service.

4. Who we share data with

  • Paddle — our online reseller and Merchant of Record for all sales. Paddle handles checkout, billing, payment processing, tax collection and remittance, invoicing, refunds, returns, customer service inquiries for orders, and subscription management. See Paddle's privacy notice at paddle.com/legal/privacy.
  • Hosting and infrastructure providers — to run our database, storage, and serverless functions.
  • AI model providers — to generate sermon content from your inputs.
  • Authentication providers — e.g. Google, when you choose to sign in with them.
  • Professional advisers — legal, accounting, and tax advisers, where strictly necessary.
  • Authorities — where required by law or to protect rights, property, or safety.

We do not sell your personal data.

5. International transfers

Some of our service providers (including Paddle and our hosting and AI providers) may be located outside your country, including in the United States. Where personal data is transferred outside the UK/EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or an adequacy decision.

6. Data retention

We keep your personal data only as long as necessary for the purposes set out above:

  • Account and content — while your account is active and for a reasonable period after you delete it (typically up to 30 days) to allow recovery, then deleted or anonymized.
  • Billing and tax records — retained by Paddle for the period required by applicable tax and accounting law.
  • Logs and security data — retained for a limited period (typically up to 12 months).

7. Your rights

Subject to applicable law, you have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate data;
  • request deletion of your data ("right to be forgotten");
  • request restriction of processing;
  • request data portability;
  • object to processing based on legitimate interests;
  • withdraw consent at any time, where processing is based on consent;
  • lodge a complaint with your local data protection supervisory authority.

We aim to respond to verified requests within one month. Contact us through the support channel listed in the app to exercise any of these rights.

8. Security

We use appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), restricted access controls, hashed passwords, and row-level security in our database. No system is perfectly secure, but we work to continuously improve our protections.

9. Cookies

We use a small number of strictly necessary cookies and local storage entries to keep you signed in and remember your preferences. We may also use limited analytics cookies to understand how the Service is used. You can manage cookies through your browser settings; disabling essential cookies may break sign-in.

10. Children

Pulpit AI is not directed at children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect their data. If you believe a child has provided us with personal data, contact us and we will delete it.

11. Changes to this notice

We may update this Privacy Notice from time to time. We will post the updated version with a new "last updated" date and, for material changes, notify you in-app or by email.

12. Contact

For privacy policy questions or to exercise your rights, contact The Preach Pad via the support channel listed in the app. For payment-related data handled by Paddle, you can also contact Paddle at paddle.net.