← Deep Bible

Privacy Policy

In accordance with the GDPR (Regulation 2016/679) and German BDSG.

1. Data controller

Details are listed in the Impressum. Impressum →

2. Data we collect

  • Authentication data: email and name via Google OAuth when you sign in.
  • Technical data: IP address, country (from IP), device type, User-Agent — for rate-limiting and abuse prevention.
  • Usage: search queries, viewed verses, saved parallels (when signed in).
  • Cookies: technical only (NextAuth session, language preference, visitor ID). No third-party cookies are set without your consent.

3. Legal basis

Processing is based on Art. 6(1)(b) GDPR (service performance) and Art. 6(1)(f) GDPR (legitimate interests — security, abuse prevention). Authentication is based on your consent under Art. 6(1)(a) GDPR.

4. Recipients

  • Vercel Inc. (USA) — application hosting.
  • Supabase Inc. (USA, EU regions) — database.
  • Google LLCOAuth sign-in.
  • Anthropic / OpenAIprocessing query text for AI analysis.

Transfers to the USA are based on Standard Contractual Clauses (SCC) and the EU-US Data Privacy Framework.

5. Retention period

Authentication data — until account deletion. Technical logs — 30 days. Saved parallels — until you delete them.

6. Your rights

Under GDPR you have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21). To exercise — write to velovoriesdeepbible@gmail.com.

You also have the right to lodge a complaint with a supervisory authority — for Germany this is the BfDI or your state DSB.

7. Changes

We may update this policy. Material changes will be marked by the date below.

Last updated: 2026-05