Privacy Policy
Effective date: 2026-05-07 · Last updated: 2026-05-07
PleasePray (also operated as RezaPorMi for Spanish-speaking users) is a Catholic prayer-first crowdfunding platform owned and operated by Deo Duce Ventures Inc., a Delaware corporation ("PleasePray," "we," "us," or "our"). This Privacy Policy explains what personal information we collect when you use our websites, applications, and services (collectively, the "Service"), how we use and share that information, and the choices you have.
We've tried to write this in plain English. Each section starts with a one-line summary, followed by the details.
If you have questions, email us at cespinoza@pleasepray.app.
1. Scope
In short: This policy covers the PleasePray and RezaPorMi websites, mobile experiences, and the Beth SMS/WhatsApp assistant.
This policy applies to:
- The websites at
pleasepray.app(English) andrezapormi.com(Spanish), including subdomains. - The Beth assistant available over SMS and WhatsApp.
- Any related features such as Prayer Circle pages, prayer logging, donations, comments, prayer requests, push notifications, and email communications.
It does not apply to third-party services we link to or that you choose to use independently (for example, Stripe's payment forms or your mobile carrier).
The Service is intended for users 18 years of age or older. See Section 8.
2. Information We Collect
In short: We collect information you provide (like your name, email, phone, prayer intentions, photos), information generated by your activity on the Service (prayers, comments, donations), and a small amount of technical information your browser or device sends automatically.
2.1 Account information
When you create an account or sign in, we collect:
- Email address and/or phone number
- Password (stored hashed by our authentication provider — we never see your plaintext password)
- First name, last name, and an auto-generated username
- Optional profile photo
- Optional location (free text), country, timezone
- Optional parish, favorite saint, and how you heard about us
- Phone verification status and channel preference (WhatsApp, SMS, both)
- Opt-in flags for SMS and WhatsApp messaging
2.2 Prayer Circle content
When you create or interact with a Prayer Circle, we collect:
- The prayer circle title, intention or story you write, and any photos you upload
- The saint or Marian advocation you select as intercessor
- The prayer circle type (intercessor, rosary, or pilgrimage), prayer goal, dates, and category
- For pilgrimage prayer circles: prayer requests submitted to you by family and friends, including the requester's name, email, phone, and intention text — with their chosen anonymity and privacy flags
- Your prayer activity (prayers logged, comments, offerings, rosary progress, daily streaks)
If you log prayers as a guest (without an account), we generate a random session identifier so we can associate your prayers with your browser. This identifier is not tied to your real-world identity unless you later create an account.
2.3 Photos and media
Photos you upload (profile pictures and prayer circle cover images) are stored in our hosting provider's object storage. Media you send to Beth over WhatsApp may be downloaded and attached to a Prayer Circle you are creating.
2.4 SMS and WhatsApp messaging
When you opt in to messages from Beth (our prayer assistant), we collect:
- Your phone number and the channel you chose (SMS, WhatsApp, or both)
- The exact consent text you agreed to, the time and method of your consent, and the page where you opted in (these records are kept for compliance)
- The content of messages you send to and receive from Beth, the conversation state (for example, which step of the prayer circle creation flow you're on), and a count of AI tokens used to process each message
- A suppression record if you reply STOP, so we know not to send you further messages
2.5 Payment information
When you make a donation or set up a creator fundraising account, payment data flows through Stripe. We do not store your full card number, CVC, or bank account number. We do store:
- The Stripe payment ID, donation amount, tip amount, fees, and the connected account (if applicable)
- For creators using Stripe Connect Express: the connected account ID and KYC/payout status flags returned to us by Stripe
Stripe collects identity and payment information directly through its own forms, governed by Stripe's Privacy Policy.
2.6 Communications and notification preferences
- Email address(es) you give us, and the per-prayer circle notification settings you choose (frequency, quiet times, locale, channel)
- Web push subscription data (the push endpoint URL provided by your browser, plus the public keys needed to send you a notification)
- Logs of which transactional emails, push notifications, SMS, and WhatsApp messages we have sent you and whether they succeeded
2.7 Technical and device information
When you visit the Service, we automatically receive:
- Your IP address (used to derive an approximate country code via the
x-vercel-ip-countryheader for UI defaults — we do not store the IP itself) - Browser user-agent and device type (recorded with push subscriptions)
- Aggregate, privacy-friendly traffic analytics via Vercel Web Analytics (page views and referrers; no cross-site tracking)
2.8 AI processing inputs
When you use AI-assisted features, the following content is sent to our AI provider, Anthropic, for processing:
- Story enhancement: the raw story text you wrote and the cause category you selected
- Beth assistant (SMS/WhatsApp): the messages you send Beth, recent conversation history, and draft fields like the beneficiary's first name and intention text. Your phone number is included in system context but is not used by Anthropic to identify you
- Beth journal milestones: your first name, locale, and a short description of the milestone
Anthropic processes this content under its API terms and does not use it to train its models.
3. How We Use Your Information
In short: To run the Service, send the messages and notifications you ask for, process donations, prevent abuse, and improve PleasePray.
We use the information described above to:
- Create and maintain your account and authenticate you
- Operate Prayer Circles, prayer logging, comments, offerings, and prayer requests
- Send you the messages, push notifications, and emails you've signed up for (milestones, daily digests, comments on your prayer circle, prayer-request lifecycle updates, donation receipts, transactional auth emails)
- Process donations and, for eligible creators, payouts via Stripe
- Generate AI-assisted story enhancements and run the Beth assistant
- Detect and prevent fraud, abuse, spam, and violations of our Terms
- Comply with legal obligations (including TCPA recordkeeping for SMS opt-ins)
- Understand aggregate usage and improve the Service
4. How We Share Your Information
In short: We share data with the service providers that power PleasePray, with people you choose to share your Prayer Circle with, and when the law requires it. We do not sell your data, and we do not share your mobile information for marketing.
4.1 Service providers (processors)
We share information with vendors that help us operate the Service. Each one is bound by contract to use your data only to provide its service to us.
| Provider | What they do | What they receive |
|---|---|---|
| Supabase | Database, authentication, file storage, realtime, serverless functions | All persistent account, prayer circle, messaging, and notification data |
| Vercel | Web hosting, serverless functions, privacy-friendly analytics | Page request metadata, IP-derived country code |
| Stripe | Payment processing and Stripe Connect Express payouts | Donation amounts, payment IDs, and identity/bank data you provide directly to Stripe |
| Twilio | SMS delivery and SMS one-time-passcode verification | Phone numbers and message content |
| Meta (WhatsApp Cloud API) | WhatsApp message delivery for the Beth assistant | Phone numbers, message content, and media |
| Anthropic | AI processing for story enhancement, the Beth assistant, and journal milestone copy | The specific inputs described in Section 2.8 |
| Resend | Transactional and lifecycle email delivery | Email addresses and the contents of the emails we send you |
4.2 Public Prayer Circles
If you mark a Prayer Circle as public, the prayer circle title, story, photos, intercessor, prayer count, comments, offerings, and the creator's display name and avatar are visible to anyone who has the link or finds the prayer circle through Explore. Comments and offerings posted publicly are visible to other supporters; you can post anonymously where the option is offered.
For pilgrimage prayer circles, prayer requests submitted by family and friends are filtered through our prayer_requests_public view, which respects the requester's is_anonymous and is_private flags before showing anything publicly.
4.3 Legal compliance
We may disclose information if we believe in good faith that disclosure is required by law, legal process, or a valid government request, or to protect the rights, property, or safety of PleasePray, our users, or the public.
4.4 Business transfers
If PleasePray is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you (for example, by email and a notice on the Service) before your information becomes subject to a different privacy policy.
4.5 SMS data — no sharing for marketing
No mobile information (including your phone number, SMS opt-in status, and the content of text messages) will be shared with third parties or affiliates for marketing or promotional purposes at any time.
4.6 We do not sell your personal information
We do not sell your personal information, and we do not share it with third parties for cross-context behavioral advertising. This is true regardless of where you live, including for users covered by the California Consumer Privacy Act (CCPA/CPRA).
5. Your Rights and Choices
In short: You can access, correct, or delete your data, and you can opt out of messages at any time.
5.1 Account controls
You can review and update most of your information at any time from your profile and settings pages. You can delete your account by emailing cespinoza@pleasepray.app; we will delete your account and associated personal data within a reasonable timeframe consistent with applicable law, except where we are required to retain certain records (see Section 6).
5.2 Email preferences
Lifecycle and notification emails include an unsubscribe link. Transactional messages required to operate your account (such as security and authentication emails, and donation receipts) cannot be turned off while your account is active.
5.3 SMS and WhatsApp opt-out
Reply STOP to any message from Beth at any time to opt out of all further messages on that channel. Reply HELP for help. Once you opt out, your number is added to our suppression list and will not receive further messages unless you opt in again. You can also turn messaging off in your settings.
The exact consent disclosure shown to users when opting in is:
"By providing your number, you agree to receive messages from Beth by PleasePray. Up to 4 msgs/month. Msg & data rates may apply. Reply HELP for help, STOP to cancel."
Message frequency is up to 4 messages per month. Message and data rates may apply.
5.4 Push notifications
You can revoke web push permission in your browser at any time, or turn push off in your settings. We mark inactive push subscriptions as inactive automatically after extended non-use.
5.5 California privacy rights (CCPA/CPRA)
If you are a California resident, you have the right to:
- Know what personal information we have collected, used, and disclosed
- Correct inaccurate personal information
- Delete your personal information, subject to certain exceptions
- Limit use of sensitive personal information (we do not use sensitive personal information for purposes that trigger this right)
- Opt out of sale or sharing — as described in Section 4.6, we do not sell or share personal information for cross-context behavioral advertising
- Be free from discrimination for exercising any of these rights
To exercise these rights, email cespinoza@pleasepray.app from the email address associated with your account, or include enough information for us to verify your identity.
5.6 Other state privacy laws
Residents of other US states with comprehensive privacy laws (for example, Virginia, Colorado, Connecticut, Utah, Texas) have similar rights to access, correct, delete, and port their personal information, and to opt out of targeted advertising and sales. We do not engage in either. To exercise your rights, contact us at the email above.
5.7 Authorized agents
You may use an authorized agent to submit a request on your behalf. We may require the agent to provide proof of authorization and may require you to verify your identity directly.
6. Data Retention
In short: We keep most data for as long as your account is active, and we keep a few specific records (like SMS consent and opt-out lists) longer because the law requires it.
| Data | Retention |
|---|---|
| Account profile, Prayer Circles, prayers, comments, offerings, donations, prayer journal entries | While your account is active, and as needed for legal, tax, and audit purposes after account deletion |
Beth conversation message logs (whatsapp_message_log) |
90 days, then automatically deleted |
SMS/WhatsApp opt-in consent records (opt_in_records) |
At least 5 years for TCPA compliance |
| SMS suppression list (numbers that replied STOP) | Indefinitely, so we don't message you again after you opt out |
| Web push subscriptions | Marked inactive after ~90 days of non-use |
| Stale Beth conversation drafts | Marked closed after 24 hours of inactivity |
| AI usage and cost tracking | Retained for billing, abuse prevention, and analytics |
| Aggregate analytics | Retained in aggregated form indefinitely |
When you delete your account, we delete or de-identify your personal data on the schedule above. Backups are rotated on a regular cycle and any residual copies are removed in the normal course.
7. Security
In short: We use industry-standard safeguards. No system is perfect.
We use technical and organizational measures to protect your information, including encryption in transit (HTTPS), authenticated access to our database, role-based access controls, signed webhooks, rate limiting, and least-privilege keys for our service providers. Stripe handles cardholder data in a PCI-compliant environment that we never touch.
No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we work to mitigate risk and respond promptly to any security incident we identify.
8. Children's Privacy
In short: PleasePray is intended for adults 18 and older.
The Service is intended for users 18 years of age or older. We do not direct the Service to, and do not knowingly collect personal information from, anyone under 18. If you believe a child under 18 has provided us with personal information, please contact us at cespinoza@pleasepray.app and we will delete it.
9. International Users and Data Transfers
In short: PleasePray is a US-based service. If you use it from outside the US, your data is transferred to and processed in the US.
PleasePray is operated by Deo Duce Ventures Inc., a Delaware corporation in the United States. We process and store data in the United States and in the regions our service providers operate. If you use the Service from outside the United States, you understand and agree that your information will be transferred to, stored in, and processed in the United States.
We currently support sign-in and Beth messaging in countries our SMS provider permits (currently the United States, Canada, and Honduras). Creator fundraising is currently available only to creators in the United States; this list may expand over time. Donors may contribute regardless of country.
The Service is offered in English at pleasepray.app and in Spanish at rezapormi.com.
10. Changes to This Policy
In short: If we make material changes, we will tell you.
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top and, where appropriate, notify you by email or a prominent notice on the Service before the change takes effect. Your continued use of the Service after the effective date of an updated policy constitutes acceptance of that policy.
11. Contact Us
In short: Email us.
If you have questions about this Privacy Policy or want to exercise any of your rights, contact:
Deo Duce Ventures Inc. (d/b/a PleasePray)
Email: cespinoza@pleasepray.app
For SMS-program-specific questions, you can also reach us at support@pleasepray.app.