Data processing addendum
The operational summary for processing, subprocessors, deletion windows, and security responsibilities.
Version: v1
Effective: 2026-04-26
This data processing addendum summarizes how Prayer acts as a processor or service provider for account, content, and compliance operations.
Processing scope
- Account identity, consent state, and privacy-request workflows.
- Sacred content generation and delivery through approved providers.
- Audit, security, reliability, and abuse-prevention records.
Security posture
- Sensitive data is protected in transit and, where configured, at rest.
- Access is limited by role, environment, and operational need.
- Audit trails are retained for compliance and incident response.
Subprocessors and retention
- Approved infrastructure, email, and model providers may process limited data required to fulfill a request.
- Retention follows the product privacy policy, legal obligations, and configured deletion windows.
- Export and deletion workflows are available for eligible accounts through in-app privacy controls.