Privacy Policy
This Privacy Policy explains what information Merit Apps LLC collects when you use 9:10 (the “Service”), how we use it, who we share it with, and the choices you have. Our goal is the smallest amount of data needed to run a thoughtful, safe community around scripture — and clear control over what you share. We don't sell your personal information.
1. Information we collect
Information you give us
- Account. Email address, username, display name, optional avatar, optional bio. If you sign in with Google, we receive your name, email, and profile photo from Google.
- Content you post. Text, photos, video, captions, comments, reflections, reading-plan progress, highlights, group memberships, tagged users, and any other content you create or upload.
- Communications. Messages you send to support (e.g. emails to our help address).
Information we collect automatically
- Device and app data. Device model, OS version, app version, and basic event logs needed to keep the Service running (e.g., a crash, a sign-in attempt). We do not maintain analytics SDKs from third parties at this time.
- Push notification token. A device-level token provided by Apple when you opt in to notifications. We use it only to deliver notifications you've enabled.
- IP address. Captured incidentally by our backend (Supabase) for security and abuse-prevention purposes; retained for a limited period.
Permissions you grant on the device
- Photo library. When you tap into the composer, the app asks for permission to read your photo library. We only access photos you select; we do not enumerate your library outside the picker.
- Camera. Used solely to scan profile QR codes when you choose to add a friend that way. We do not record video or take pictures without your action.
- Notifications. Optional. You can change notification preferences in iOS Settings or in the app.
2. How we use your information
- Operate the Service. Authenticate you, store and serve your content to people you've shared it with, and enable features like reading plans, tagging, and groups.
- Communicate with you. Send service messages, security alerts, and notifications you've enabled. We will not send you marketing emails without your consent.
- Safety and moderation. Detect, investigate, and respond to reports of abuse, spam, or violations of our Terms.
- Improve the Service. Diagnose problems, monitor performance, and develop new features. We rely on aggregated, non-identifying signals where possible.
- Comply with the law. Respond to lawful requests, enforce our Terms, and protect our rights and the rights of our users.
3. How we share your information
We do not sell your personal information. We share it only in the following circumstances:
- With other users, as you direct. Your profile information and the posts, reels, comments, reflections, and tags you create are visible to the audience you choose (public, friends-only, or a specific group). If you tag another user, that user can see they've been tagged.
- With service providers. We use Supabase to host our database, handle authentication, and store media. We use Google to provide single sign-on if you choose that option, and Apple Push Notification service to deliver notifications. These providers act on our behalf under contractual data- processing terms.
- For safety, legal, or business reasons. We may share information when we reasonably believe it's required by law, necessary to protect users or the public, or required to enforce our Terms. In a sale, merger, or other corporate transaction, your information may be transferred to a successor as part of that transaction, subject to this Privacy Policy.
4. Where your information is stored
Your information is stored on servers operated by Supabase, primarily in the United States. By using the Service from outside the United States you understand that your information may be transferred to and processed in the United States, where privacy laws may differ from those in your jurisdiction.
5. How long we keep your information
We keep account information and User Content for as long as your account is active. When you delete your account (see Section 7) we permanently remove that data within 30 days, except for information we are required to retain by law, content needed to enforce our Terms, or backup copies that age out on a routine retention schedule.
6. Security
We use industry-standard administrative, technical, and physical safeguards (including encryption in transit and at rest, secure access controls, and least-privilege provisioning) designed to protect your information. No system is perfectly secure, and we cannot guarantee the security of any information you transmit to us. If you believe your account has been compromised, contact us immediately at support@nineten.app.
7. Your choices and rights
- Access and correction. You can view and edit most profile information directly in the app under Settings → Edit profile.
- Delete your account. You can delete your account at any time from Settings → Account → Delete Account. We will delete your account and User Content within 30 days, subject to the retention exceptions above. You may also email us at support@nineten.app to request deletion.
- Notifications. Turn notifications on or off in iOS Settings or in the app.
- Photo library and camera permissions. Revoke either at any time from iOS Settings → Privacy.
8. Region-specific rights
If you're in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and similar laws apply. Our legal bases for processing your information are: (a) performance of our contract with you (to operate the Service), (b) our legitimate interests in keeping the Service safe and improving it, (c) your consent (for example, to send notifications), and (d) compliance with legal obligations. You have the right to access, correct, delete, restrict, and port your information, and to object to certain processing. To exercise these rights, email support@nineten.app. You may also lodge a complaint with your local supervisory authority.
If you're a California resident, the California Consumer Privacy Act (CCPA, as amended by the CPRA) gives you rights to know, delete, and correct personal information we hold about you, and to opt out of the “sale” or “sharing” of personal information for cross-context behavioral advertising. We do not sell or share personal information for those purposes. To exercise your rights, email support@nineten.app.
9. Children's privacy
9:10 is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact support@nineten.app and we will delete the account.
10. Waitlist, marketing site, and cookies
Until 9:10 launches publicly, our website at nineten.app collects email addresses through a waitlist form so we can notify you when the product is available. We store the email address you submit, a free-form “source” tag indicating which page on the site you submitted from, and a timestamp. We use this information only to operate the waitlist and to send a small number of launch- related messages. You can ask us to delete your waitlist entry at any time by emailing support@nineten.app.
The website itself does not set advertising or analytics cookies and does not embed third-party tracking pixels. We use the browser's local storage to remember that you have already joined the waitlist on this device so we can show you the appropriate confirmation state on return visits; you can clear this at any time through your browser's site-data controls. Our backend (Supabase) may set short-lived cookies strictly necessary to operate the form (for example, to issue rate-limit tokens).
11. Apple App Store privacy disclosures
If you obtained the app from the Apple App Store, the App Store's privacy “nutrition label” mirrors this Privacy Policy. The categories of data linked to your identity are: contact info (email), user content (photos, videos, posts, comments, reflections, tags), identifiers (account ID, device- level push token), and app interaction (basic event logs needed to operate the Service). We don't use this data to track you across other companies' apps and websites.
12. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes we will notify you in the app or by email. Continued use of the Service after the effective date of an update constitutes acceptance of the revised policy.
13. Contact
Questions, concerns, or rights requests? Email us at support@nineten.app.