Path to Repentance

Data Privacy

Your heart is safe here.

Path to Repentance was built around one principle: what you confess, journal, or pray stays between you and God. The rest of this page is the careful, plain-language version of how we honor that promise.

All your data is private — period.

Every sin you record, every prayer you write, and every conversation you have with the AI companion is stored as your private record. We do not sell it, share it, or analyze it for advertising. No human at Path to Repentance reads your entries.

What we store, and why.

  • Account: your email, a chosen name (or anonymous label), and a hashed password (bcrypt — we never see your plaintext password).
  • Sin tracker entries: category, severity, trigger, emotional state, notes, resisted flag, confessed-to-priest flag, recovery actions. Tied to your account ID only.
  • Prayer journal: title, body, answered status, date.
  • AI Companion conversations: your messages and the AI's replies — so you can revisit and continue them.
  • Donation transactions: Stripe session id, amount, and status. We never store your card number — Stripe handles that.

How we protect it.

  • Passwords are hashed with bcrypt; even our admins cannot see them.
  • Authentication uses signed JWT tokens delivered over httpOnly cookies (your browser never exposes them to JavaScript).
  • All traffic to and from the app is over HTTPS / TLS.
  • Each record is scoped to your user ID — no other user can read your entries, and database queries are filtered server-side on every request.
  • Anonymous mode hides your chosen name across the app while keeping your data accessible to you.

Your rights.

  • Access: everything you've recorded is visible to you inside the app.
  • Deletion: you may delete any sin entry, prayer, or chat conversation at any time. Deleting your account erases every record we hold about you, irreversibly.
  • Export: an export feature is on our roadmap. Until then, contact us and we will send you a copy of your data.
  • Withdrawal: you may withdraw consent and close your account at any time, for any reason.

Third parties.

  • Anthropic Claude processes your AI Companion messages to produce its biblical responses. We send only your message and the system prompt — never your account email, sin entries, or prayer journal. Anthropic does not retain your messages for training when accessed via the API.
  • Stripe processes donations. We pass them an opaque session ID and your donation amount; they handle card data on their PCI-DSS infrastructure.
  • MongoDB stores your records on encrypted disks.
  • We use no advertising trackers, no behavioral analytics, no third-party fingerprinting.

GDPR / general data principles.

Path to Repentance adopts a minimal-data design: we collect only what makes the app function. You are the data subject and controller of your own spiritual record. Requests for access, rectification, restriction, portability, erasure, or to lodge a complaint can be sent to the email below and will be honored within 30 days.

Questions or data requests? Write to noreply@pathtorepentance.com.

This page was last updated on June 29, 2026.