Sembrae is a non-profit ministry. We don’t run ads, we don’t sell your information, and we don’t train AI on your private writing. This policy describes — in plain terms, and matching what our code actually does — what we collect, why, and the controls you hold.
Last updated: June 30, 2026
Sembrae is a Scripture-grounded AI service that helps individuals and churches carry Sunday’s message through the week. It is operated by Mataron as a non-profit ministry (“Sembrae,” “we,” “us”). This policy covers our website and app at the Sembrae domains.
Because we are non-profit and cost-recovery, our incentives are different from an ad-funded product: we collect the minimum we need to run the service well and keep it sustainable — not to profile you or monetize your data.
Your name and email, and a password if you create one (passwords are stored only as a strong one-way hash — we never see or store the password itself). If you sign in with Google, we receive your name, email address, and basic profile (Google scopes openid email profile) — nothing more, and no access to your Gmail, contacts, or files.
An optional profile picture you upload (stored as a small downscaled image), and an optional self-reported church affiliation (church name, denomination, location). Your affiliation is used only to gauge aggregate interest by church/region; you can revoke that consent at any time and it stops counting.
Questions you ask, sermons you submit (a link, an upload, or pasted text), and the study guides, devotionals, journals, prayers, notes, group shares, and music favorites you generate or save. Your private tier (journals, prayers, notes, personal devotionals) is private to you by default.
Which features you use and how often, the compute/token cost of AI generations, speech-to-text minutes, and timestamps. We use this to keep the free tier sustainable and to detect abuse. This metadata records counts and cost — never the text of your questions or answers.
Your IP address and basic device/browser information, and server logs that are automatically scrubbed of personal data. We use a single secure, HttpOnly session cookie to keep you signed in (it cannot be read by scripts) and store a short-lived access token in your browser. We do not use third-party tracking or advertising cookies.
If you contribute to a paid tier, payment is handled entirely by Stripe on Stripe-hosted pages. We never receive or store your card number. We keep only Stripe’s identifiers and your plan/status.
We do not use your information for advertising or to train AI models.
Sembrae uses AI to synthesize cited answers and to understand text. To do this we send the minimum necessary to specialized providers acting on our behalf: Anthropic (the Claude language model), Voyage AI (text embeddings for search), and Deepgram (speech-to-text for sermon audio). Under our agreements and their API terms, these providers process your content to return a result and do not use it to train their models.
Every substantive answer is grounded in retrieved sources and cited by authority tier; the AI never invents doctrine, and Scripture always outranks AI synthesis.
When you choose “Sign in with Google,” we request only your basic identity (openid email profile). Sembrae’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements. We use this data only to create and secure your account — never to advertise, and never sold or transferred for unrelated purposes. You can review or revoke Sembrae’s access anytime at your Google Account permissions page.
No system is perfectly secure, but we design for the principle that your reflection is yours.
You are in control of your information:
Depending on where you live (for example under the GDPR or California’s CCPA/CPRA), you may have rights to access, correct, delete, port, or object to processing of your personal data. Because we don’t sell personal information, there is nothing to opt out of selling. To exercise any right, use the in-app controls or contact us — we’ll respond within the time the law requires.
You can delete your data at any time:
When you delete your account, we remove your personal information and private content from our active systems and it ages out of encrypted backups on our normal cycle. Shared community content (for example, a sermon record that other people also reference) may remain as a community resource, but it is detached from your identity. We may retain a minimal, non-identifying record where the law requires it.
We keep your information for as long as your account is active and as needed to provide the service. After deletion, personal data is removed from active systems and expires from backups on our normal schedule. We may keep aggregate, non-identifying metrics (e.g. total compute cost) for sustainability planning — these contain no content and cannot identify you.
Sembrae is intended for adults and for church use. We do not knowingly collect personal information from children under 13 (or the minimum age in your country) without appropriate consent. If your church ministers to minors and uses Sembrae with them, the church is responsible for obtaining the consent its context requires. If you believe a child has provided us personal information without proper consent, contact us and we will remove it.
Sembrae is hosted on Microsoft Azure in the United States, and some of our providers process data in the United States. If you use Sembrae from another country, you consent to your information being processed in the United States, where data-protection laws may differ from your own.
We may update this policy as the Service evolves or the law changes. When we do, we’ll revise the “Last updated” date above and, for material changes, give notice in the app or by email. Continuing to use Sembrae after an update means you accept the revised policy.
Questions, requests, or concerns about your privacy? Email privacy@mataron.org and we’ll help. You can also reach us about a data deletion or access request at the same address.
8. Signing in with a third party
If you sign in through a third-party identity provider (such as Google, and others we may add), we receive only your name and email to create and maintain your account. We do not post on your behalf, read your messages, or access your contacts. You can revoke that connection with the provider, and you can delete your Sembrae account at any time (see “Deleting your data” below).