Privacy Policy

Last updated July 14, 2026

Who we are

Pray for Your People ("we", "us") is a service that helps churches, Christian nonprofits, and para-church ministries pray for their people: it sends a few people a personal prayer email each week, collects their replies, and shares them with the organization's leadership. This policy explains what information passes through the service and how we handle it. Throughout, "organization" means the church or ministry that registered an account.

Your organization is in charge of its own data. The organization that registers acts as the data controller for its people's information; we process that information only on the organization's behalf and instructions.

What we collect

  • Leader accounts — the name and email address of the admins, leaders, and elders who sign in. We use passwordless sign-in links, so we never store passwords.
  • People directory — the names, email addresses, optional notes, and groupings (people who share a home receive one email together) your organization imports or enters so prayer emails can be sent.
  • Prayer content — replies to prayer emails and private prayer requests submitted through the personal link in each prayer email.
  • Operational records — delivery logs for the emails we send (recipient, subject, delivery status) and billing records for paid plans.

How prayer content is protected

  • Prayer replies and private requests are encrypted at rest (AES-256-GCM) before being stored, in addition to encrypted connections (TLS) in transit and the hosting provider's disk encryption.
  • Requests submitted through the private link are visible only to your organization's elders and admins. Weekly digests include a count of private requests, never their contents.
  • Each organization's data is isolated: leaders of one organization can never see another's directory or prayer content.

How we use information

Only to run the service: choosing who to email each week, sending prayer and reminder emails, routing replies to your leadership, and producing digests. We do not sell or rent any information, we do not use prayer content for advertising or analytics, and we do not use your data to train AI models.

Retention and deletion

  • By default, prayer content is kept so your organization has its prayer history. Your organization's admins can instead set a retention window, after which prayer replies and private requests are permanently deleted on a daily schedule.
  • Admins can remove people (and their groupings) at any time, which removes their directory information.
  • To delete a leader account or an entire organization, email [email protected] and we will complete the deletion within 30 days.
  • Every prayer email includes an unsubscribe link; anyone who unsubscribes is not emailed again.

Service providers (subprocessors)

We rely on a small number of providers to run the service:

  • Railway — application hosting and database (United States).
  • Mailgun — sending and receiving email.
  • Stripe — payment processing for paid plans. Card details go directly to Stripe and never touch our servers.

Children

Organizations may include family and household information in their directory. That information is provided and controlled by the organization; prayer emails are addressed to adults.

Changes and contact

If this policy changes in a way that matters, we will notify organization admins by email before the change takes effect. Questions or requests: [email protected].