Quantitio
Quantitio
← Back to Quantitio
Quantitio · Legal

Privacy Policy

Effective June 25, 2026

Your reflection is yours. The heart of Quantitio is a private space where you can honestly assess your spiritual walk against your church's membership covenant — an annual physical for the soul. What you write there is not for anyone else to read.

Your church leaders never see your individual answers. They see only de-identified trends across the congregation, and only for groups of five or more members. Any group smaller than five is hidden. Leaders see the shape of the flock, never a single sheep's private reflection.

This policy explains, plainly and completely, what we collect, how we use it, who helps us run the service, and the rights you have. We have tried to write it the way we would want it written for us: clear, honest, and without scary legalese.

The privacy promise, up front

Two commitments sit at the center of everything below.

First, your reflection data is private to you. Your covenant self-assessment answers, your private journal reflections, and any growth step you choose are yours alone. They are never shown to church staff, and they are never included in any individual-level form inside the aggregates leaders see.

Second, leaders only ever see the flock, never the individual. When church leaders look at trends, they see numbers combined across many members, with a strict minimum group size of five. If a group would be smaller than five, it is not shown at all. This is a deliberate safeguard against re-identification, not a setting that can be switched off.

Who we are

Quantitio is the product and the company that operates this service. We are based in and operate from California, United States.

You can reach us at the addresses below.

  • Privacy questions and requests: privacy@quantitio.com
  • General help and support: support@quantitio.com

Your church's role

Quantitio is offered through your church. Your church is the community that invites you to take part and that receives the de-identified aggregates about its congregation.

Quantitio acts as the service provider that stores and processes the data on behalf of you and your church. We handle the data; your church is the community it serves.

What we collect

We collect only what we need to run the service well and to support your church's care of its members. Several categories below are optional, and every optional field can be skipped.

  • Account: your name, email address, a securely hashed password (we use bcrypt; the plaintext password is never stored), your email-verification status, your assigned role, your church affiliation, and timestamps.
  • Optional profile: a phone number used only for direct pastoral contact by your own church (never automated messaging), recorded only with your explicit consent; and an opt-in for devotional and encouragement emails, with one-click unsubscribe.
  • Optional demographics: gender, age band, marital status, children status and age bands, and community-group status. These are bucketed categories — never exact birthdays or ages. Every field offers "prefer not to say," and all of it is skippable. It is used only to help a church understand its congregation in aggregate.
  • Reflection data: your covenant self-assessment answers, any private journal reflections, and any growth step you choose. This is private to you (see the promise above).
  • Operational records: consent events, administrative audit logs, and a session record. The sign-in cookie's token is stored only as a hash, never in the clear.

How we use your data

We use your information to provide and protect the service, and to support your church's care of its members. Specifically, we use it to:

  • Run your reflections and show you your own private dashboard.
  • Show church leaders de-identified aggregates, subject to the five-member minimum.
  • Send essential account email such as verification, invitations, and password reset.
  • Send devotional and encouragement email, but only if you have opted in.
  • Keep the service secure and operating correctly.
  • Support your church's care of its members through the de-identified trends it receives.

What we do not do

Some commitments are easiest to state as plain promises.

  • We do not sell or rent your personal information.
  • We do not use member data for advertising.
  • We do not use member reflections to train AI.
  • We do not send your member data to any AI provider.
  • We do not show your individual answers to church staff.

Our basis for processing your data, in plain terms

We process your data for a few clear and limited reasons.

We process the data we need to give you the service you signed up for — running your reflections, showing your dashboard, sending essential account email, and keeping the service secure.

Some data we process only because you have explicitly chosen to give it: your optional phone number for pastoral contact, your optional demographics, and your opt-in to devotional email. You can withdraw that consent at any time, and we record consent events so there is a clear history of what you agreed to.

We also process the de-identified aggregates so that your church — the community you belong to — can understand and care for its congregation as a whole.

Who we share data with

We do not sell or rent your personal information, and we do not share it for advertising. We do rely on a small set of trusted service providers (subprocessors) to run the service. Each receives only what it needs to do its job.

Your church receives only the de-identified aggregates described in this policy — never your individual reflections.

We may also disclose information if required by law, or to protect the rights, safety, and security of our members and the service.

  • Cloud hosting and database providers in the United States, which run the application and the primary database.
  • Resend, for transactional email delivery (verification, invitations, password reset, and optional devotional email).
  • Cloudflare R2, for object storage of uploaded images and branding, when configured.
  • fal.ai, used internally only to generate Quantitio's own marketing and brand imagery. No member data is ever sent to fal.ai or any other AI provider.

Cookies

Quantitio uses a single essential cookie to keep you signed in. That is it.

There are no third-party advertising cookies and no cross-site tracking. Because we do not track you across the web, there is no cookie-consent banner theater here — just the sign-in cookie that lets the service remember you are logged in.

How we protect your data

We take practical, deliberate steps to keep your information safe.

These measures include the privacy-by-design safeguards built into how leaders see data.

  • Passwords are hashed with bcrypt; the plaintext is never stored.
  • Session tokens are stored only as hashes.
  • Access is controlled by role, so people see only what their role allows.
  • Data in transit is protected with TLS.
  • The five-member minimum group size and the use of bucketed demographics are deliberate safeguards against re-identification.

Data retention and deletion

We keep your information for as long as your account is active and as needed to provide the service.

You can delete your account yourself at any time. Quantitio supports self-service account deletion, which removes your personal data and your reflections.

After deletion, we may retain limited records where the law requires it or where they are needed for legitimate security, accounting, or recordkeeping reasons — for example, consent and audit logs or payment records. We keep no more than we need, and only for as long as we need it.

Your rights

You have meaningful control over your data. You can exercise these rights at any time.

To make a request, write to privacy@quantitio.com.

  • Access a copy of your data.
  • Correct your data.
  • Delete your account, which removes your personal data and reflections. This is available as a self-service option in the app.
  • Unsubscribe from devotional email at any time, including with one-click unsubscribe.

California privacy rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you specific rights regarding your personal information.

Quantitio does not sell or share your personal information, as those terms are used under California law. We do not exchange your personal information for money or for cross-context behavioral advertising.

You will not be discriminated against for exercising any of these rights. To make a request, contact privacy@quantitio.com.

  • The right to know what personal information we collect and how we use and disclose it.
  • The right to delete personal information we hold about you.
  • The right to correct inaccurate personal information.
  • The right to opt out of the "sale" or "sharing" of personal information — though, as noted, Quantitio does not sell or share personal information.

Children

Quantitio is intended for adult church members and church leaders. It is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

Changes to this policy

We may update this policy from time to time as the service grows or as the law changes.

When we make a material change, we will update the effective date below and take reasonable steps to let you know. We encourage you to review this page periodically.

How to contact us

We are glad to answer your questions and help with any request.

  • Privacy questions and requests: privacy@quantitio.com
  • General help and support: support@quantitio.com
Privacy Policy · Quantitio