Altars — GDPR Privacy Policy

Last updated: 01/11/2025

Altars (“we”, “our”, “us”) is committed to protecting your personal data and respecting your privacy.
This GDPR Privacy Policy explains how we collect, use, store, and protect your data according to the UK GDPR and EU GDPR regulations.

By using Altars, you agree to the practices described in this policy.

1. Controller Details

Altars is the Data Controller responsible for your personal data.

Controller: Altars (Vorentoo UK Limited)
Email: hello@altarsapp.com

2. Personal Data We Collect

We collect only the information necessary to operate and improve the Altars app.

A. Data You Provide

  • Account details: name, email address, password (encrypted)

  • Testimony content: text, photos, videos, audio

  • Church information (optional): church name, country, locality, street name

  • Profile choices: categories, tags, preferences

B. Automatically Collected Data

  • Device type, operating system

  • Usage statistics (taps, page views, time in app)

  • IP address (for security purposes)

  • Crash logs and performance data

C. Payment Data (If You Donate or Subscribe)

Payments are processed through Stripe.
We do not store card details — Stripe handles all financial information.

3. Legal Basis for Processing (GDPR Article 6)

Your data is processed under the following lawful bases:

A. Consent (Article 6(1)(a))

  • When you choose to share testimony content publicly

  • When you connect to a church

  • When you upload media

  • When you subscribe to emails or newsletters

B. Performance of a Contract (Article 6(1)(b))

  • To create and maintain your Altars account

  • To provide app functionality and support

C. Legitimate Interests (Article 6(1)(f))

We process certain data to:

  • Improve app performance

  • Maintain platform security

  • Prevent fraud and misuse

D. Legal Obligation (Article 6(1)(c))

We may process certain data to comply with laws or respond to lawful requests.

4. How We Use Your Data

We use personal data to:

  • Operate and maintain your Altars account

  • Enable creation, saving, and viewing of testimonies

  • Display testimonies to the public (only if you publish them)

  • Improve app features, search, and church discovery

  • Communicate important updates or security notices

  • Provide customer support

  • Ensure security, detect misuse, and prevent fraud

We never sell your personal data.
We never use testimonies for advertising profiling.

5. Sharing Your Data

We share your data only when necessary and only with trusted partners:

A. Service Providers (Processors)

  • Cloud storage providers (for images, videos, audio)

  • Analytics providers

  • Email delivery services

  • Stripe for payments

These providers must comply with GDPR and process data only under our instruction.

B. Public Sharing

Only the testimonies you choose to publish are visible to the public.
Drafts, private notes, and unpublished content remain private.

C. Legal Requirements

We may disclose personal data when required to comply with:

  • Court orders

  • Regulatory bodies

  • Legal obligations

6. International Transfers (Outside UK/EU)

Some third-party processors (like cloud or email services) may be located outside the UK/EU.
In such cases, we ensure:

  • Adequacy decisions, or

  • Standard Contractual Clauses (SCCs), or

  • Other GDPR-approved safeguards

Your data is always protected according to GDPR standards.

7. Data Retention

We retain data only as long as necessary:

  • Account data: retained while your account is active

  • Testimonies: retained unless deleted by you

  • Drafts: retained until you delete them

  • Account deletion: all data erased within a reasonable period

We may retain limited data to comply with legal obligations.

8. Your GDPR Rights

Under GDPR, you have the right to:

✔ Access your data

Request a copy of the personal data we hold.

✔ Rectify inaccurate data

Correct or update your information.

✔ Erase your data (“Right to be forgotten”)

Delete your account and stored content.

✔ Restrict processing

Limit how your data is used.

✔ Data portability

Obtain your data in a structured, machine-readable format.

✔ Object to processing

Object to processing based on legitimate interests.

✔ Withdraw consent at any time

Withdraw consent for any processing you previously agreed to.

To exercise these rights, email us at:
📧 support@altarsapp.com

9. Children’s Privacy

Altars is not intended for children under 13.
If we learn a child has created an account, we will delete it promptly.

10. Security Measures

We implement technical and organisational measures including:

  • Encrypted passwords

  • Secure servers and firewalls

  • Limited access to user data

  • Regular audits and vulnerability checks

We work continuously to keep your data safe and secure.

11. Changes to This Policy

We may update this policy as Altars evolves.
If changes are significant, we will notify you via app notification or email.

12. Contact

For questions, concerns, or GDPR requests:

📧 hello@altarsapp.com
📍 United Kingdom (update with your company address)

Closing Statement

Your stories matter to God — and to us.
We are committed to protecting your privacy while helping you preserve and share testimonies that inspire the world.