Pilgrim Privacy Policy
This Privacy Policy describes how Everlight Digital ("we", "us") handles information when you use the Pilgrim: Bible & Prayer iOS app.
Accounts & Sign-In
Pilgrim works fully without an account — your reading, highlights, notes, and prayers live on your device. If you want to sync across your devices, or connect with friends and groups, you can create a free account. You can sign in two ways:
- Email — we send a 6-digit code to your email address to sign you in; there is no password.
- Sign in with Apple — Apple shares a private identifier with us instead of your real email. You may choose to hide your email through Apple's relay.
You can use the app indefinitely without ever creating an account.
What We Collect
When you sign in, the following is stored on our servers (operated for us by Railway — see Third-Party Services):
- Email address or Apple identifier — used only to sign you in and, for email sign-in, to send your one-time login codes.
- An account identifier — a user ID we generate to associate your synced data with your account.
- Your synced content — the highlights, Bible notes, sermon notes, prayer requests, journal entries, saved plans, reading-plan progress, and memory-card progress you create. This is stored so it can sync to your other devices.
- Profile — if you use the community features, an optional display name, short bio, and profile photo so friends and group members can recognize you.
- Friends, groups & shared content — if you add a friend, join or create a group, or share a reading plan or prayer list, we store those connections, the invite codes used, and the items you chose to share so the people you shared with can see them.
- PDF attachments — if you attach a PDF to a prayer request, the file is stored so you (and anyone you shared it with) can open it.
- Device push token — if you enable notifications for shared prayer-time reminders, we store the Apple-issued push token for your device so we can send those reminders.
We collect no analytics, advertising data, location, contacts, browsing history, or device tracking identifiers.
What Stays Only on Your Device
- If you never sign in, none of your content leaves your device.
- Personal prayer reminders (e.g. "pray at 8 pm") are scheduled by your own device as local notifications — they are not sent to our servers. (Shared group prayer-time reminders are sent as push notifications, which require the device token described above.)
How We Use Your Information
Only to make the app work: to sign you in, sync your content between your devices, deliver the plans and prayer lists you share with friends and groups, send prayer reminders, and let you export or delete your data. We do not use it for advertising, profiling, or any purpose unrelated to providing Pilgrim.
Third-Party Services
- Railway — hosts our application server, database, and file storage (your account, synced content, groups, shared items, and attachments). Subject to Railway's privacy policy.
- Resend — delivers your one-time email sign-in codes. Receives your email address for that purpose only. Subject to Resend's privacy policy.
- Apple — provides Sign in with Apple, and the Apple Push Notification service delivers shared group prayer-time reminders to your device. Subject to Apple's privacy policy.
- api.esv.org — Bible passage requests are sent through our Cloudflare Worker proxy so your IP address is not exposed to Crossway. The proxy caches responses to minimize traffic. Subject to Crossway's privacy policy.
- API.Bible (American Bible Society) — Bible passage requests for CSB / NIV / NLT translations, proxied through our Cloudflare Worker. Subject to API.Bible's terms.
- Cloudflare — runs the Bible-API proxy Worker (no account data passes through it). Subject to Cloudflare's privacy policy.
What We Do Not Do
- No analytics, no telemetry, no crash-reporting SDKs
- No advertising and no advertising identifiers
- No In-App Purchase, no subscription, no payment processing
- No tracking across apps or websites
- No selling or sharing of your data with anyone, for any purpose
Your Choices & Rights
- Export your data. From Pilgrim's profile, "Export my account data" downloads everything tied to your account as a JSON file.
- Delete your account. From Pilgrim's profile, "Delete account & synced data" permanently erases your account and all of its server-stored content (synced records, your profile, groups you own, friend connections, shared items, and attachments). This cannot be undone.
- Sign out at any time — your local on-device data remains.
- Delete the app to remove all local data from your device.
Data Retention
Your synced content is kept while your account exists, so it remains available across your devices. When you delete your account, it is removed from our active systems immediately; routine encrypted backups roll off on our hosting provider's standard schedule. One-time login codes expire within minutes.
Children
Pilgrim is designed for adult Christians and is not directed to children under 13. We do not knowingly collect data from children.
Changes
If we change what we collect or how we use it, we will update this page and its "Last updated" date.