Privacy Policy

Exposite is an exegetical workbench that helps pastors, seminary students, and theological researchers review their sermon text. When we say "we", "us", or "Exposite" in this policy, we mean the team behind this service.

We collect the following data when you use Exposite:

• Account information. Your email address, used for authentication via a magic link. We do not collect passwords.
• Sermon text. The text you submit for analysis. This is stored so you can return to your analyses later.
• Denominational lens selection. If you choose a lens (Reformed, Catholic, Pentecostal, or neutral), that selection is stored alongside your analysis.
• Analysis results. The observations, cross-references, and enrichment data generated during analysis.
• Feedback flags. If you flag an observation as unhelpful or incorrect, we store the flag type and your optional comment. We never store your sermon text in feedback data.
• Profile information. Your display name and denomination, if you choose to provide them. Both are optional.

Sermon text and denominational lens selection may reveal your religious beliefs. Under data protection law (including GDPR Article 9), this is classified as special category data and requires your explicit consent before we can process it.

Before you submit your first analysis, we ask for your consent to process this data. You can withdraw that consent at any time through your account settings. If you withdraw consent, we will stop processing new analyses, though your existing data will remain accessible to you until you choose to delete it.

We take this classification seriously. Exposite handles sacred texts, and we believe that demands a higher standard of care than typical software.

We use your data for the following purposes and no others:

• To provide the analysis service. Your sermon text is sent to an AI language model (currently Anthropic's Claude) to generate observations. This is the core function of the tool.
• To store your analyses. So you can return to them, export them, or share them at your discretion.
• To improve analysis quality. Feedback flags (not sermon text) help us refine the prompts that guide the AI. This improves accuracy for all users.
• To authenticate you. Your email address is used solely for login via magic link.

These are not aspirational statements. They are constraints built into how the system works.

• We never use your sermon text to train AI models. Your text is processed transiently by the AI provider to generate observations. It is not retained by the AI provider for training, fine-tuning, or any purpose beyond serving your request.
• We never sell or share your data with third parties for marketing, advertising, or any purpose unrelated to providing the service.
• We never include your sermon text in feedback data. When you flag an observation, only the flag type and your optional comment are stored.

To provide the service, we share limited data with the following providers:

• Anthropic (AI analysis). Your sermon text is sent to Anthropic's API to generate observations. Anthropic does not use API inputs for model training. See Anthropic's privacy policy.
• Supabase (database and authentication). Your account data, analyses, and findings are stored in a Supabase-hosted PostgreSQL database with row-level security. See Supabase's privacy policy.
• Vercel (hosting). The application is hosted on Vercel's infrastructure. See Vercel's privacy policy.
• Bible API and Step Bible (reference data). When cross-references or lexicon lookups are performed, only scripture references and individual Greek or Hebrew terms are sent to these services. Your sermon text is never shared with them.

Your analyses are stored for as long as your account is active. You can delete any analysis at any time, and deletion is permanent: the analysis, all associated findings, cross-references, and feedback are removed immediately. Backups are purged within 30 days.

You can delete your entire account at any time from your account settings. Account deletion permanently removes all of your data, including your profile, analyses, findings, annotations, saved resources, and share links. This action is irreversible and requires explicit confirmation.

You have the right to:

• Access your data. View all your analyses, findings, and profile information through the application.
• Export your data. Download your analyses in Markdown, plain text, or JSON format.
• Delete your data. Remove any individual analysis, or delete your entire account and all associated data, directly from your account settings. No need to email us or submit a request.
• Withdraw consent. Stop future processing of your religious data at any time through your account settings.
• Correct your data. Update your profile information at any time.

If you have questions about your data or wish to exercise any of these rights, please contact us at the address below.

All data is transmitted over HTTPS. Data at rest is encrypted using AES-256 via our database provider. Access to your data is protected by row-level security policies, meaning only you can view your own analyses and findings.

Authentication uses magic links sent to your email. We do not store passwords.

We may update this policy as the service evolves. If we make material changes to how we handle your data, we will notify you via email before the changes take effect.

If you have questions about this privacy policy or how we handle your data, you can reach us at click to reveal email.