Privacy Policy — PrayerReceipt

1. Introduction

PrayerReceipt is a Shopify embedded app developed and operated by Two Olive Trees LLC ("we," "us," or "our"). This Privacy Policy explains how we collect, use, store, and protect information when you, as a Shopify merchant, install PrayerReceipt in your store, and when your customers' order data is processed by our application.

We are committed to handling all personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), applicable US state privacy laws, and Shopify Partner Program requirements.

2. Who This Policy Applies To

This policy applies to:

Shopify merchants ("merchants") who install PrayerReceipt on their store.
Customers of those merchants ("customers") whose order information is processed by PrayerReceipt.

3. What Data We Collect

3.1 From Merchants

When you install PrayerReceipt, we collect:

Your Shopify store domain (e.g., yourstore.myshopify.com)
OAuth access tokens required to read order data from your store
Your billing plan status within Shopify's billing API

3.2 From Customer Orders

When PrayerReceipt processes an order to generate a prayer, we access the following customer data via the Shopify Orders API:

Customer Name	First and last name, used to personalize the prayer
Email Address	Used to deliver the prayer email via Resend
Order ID	Used to track which orders have been processed and to apply daily limits
Order Total	Included as optional context when generating the prayer
Line Items / Products	Product names, used as thematic context for the prayer content
Customer Profile Data	Supplementary context for prayer personalization, accessed via read_customers scope

We do not collect or store payment card numbers, full shipping addresses, or any other sensitive financial information.

4. Lawful Basis for Processing (GDPR)

For customers in the European Economic Area (EEA) and United Kingdom, we rely on the following lawful basis under GDPR Article 6:

Article 6(1)(f) — Legitimate interests: The merchant has a legitimate interest in delivering the PrayerReceipt service to their customers, and processing is limited strictly to what is necessary to generate and deliver a personalized intercessory prayer. We have assessed that this interest is not overridden by the rights and freedoms of the data subjects, given the limited and benign nature of the processing.
Where required by applicable law or at the merchant's direction, processing may alternatively be based on Article 6(1)(a) — Consent obtained by the merchant from their customer.

Merchants are responsible for ensuring they have a valid lawful basis for directing PrayerReceipt to process their customers' data and for disclosing PrayerReceipt's processing in their own store privacy policy.

5. Why We Collect This Data

We process customer data for one specific, limited purpose:

To generate a personalized, AI-powered intercessory prayer for each customer order.
To deliver that prayer to the customer via email on behalf of the merchant.

We do not use customer data for advertising, profiling, targeted marketing, or any purpose beyond the above. We do not sell, rent, or share personal information as defined under the CCPA/CPRA.

6. How Data Is Processed

6.1 Prayer Generation

Customer name, order context (line items, total), and merchant-configured prayer preferences are sent to the Anthropic API to generate a prayer. Only the minimum data necessary for a personalized prayer is transmitted. Anthropic does not use API data for model training under their commercial terms. No customer personal data is retained in Anthropic's systems after the API response is returned.

6.2 Email Delivery

The generated prayer and the customer's email address are transmitted to Resend (our email delivery provider) to send the prayer email. Prayer emails are transactional in nature — they are sent as a direct result of a customer's purchase and are not commercial marketing communications. Resend manages the unsubscribe mechanism in compliance with applicable law. Resend processes this data under its own privacy policy and data processing agreement with us.

7. International Data Transfers

PrayerReceipt is operated from the United States. When customer data is processed by our sub-processors, it may be transferred to and processed in the United States. For customers in the EEA or UK, we rely on the following transfer mechanisms:

Anthropic, Inc.: Transfers governed by Standard Contractual Clauses (SCCs) as set out in Anthropic's Data Processing Agreement (available at anthropic.com/legal).
Resend, Inc.: Transfers governed by Standard Contractual Clauses (SCCs) as set out in Resend's Data Processing Agreement (available at resend.com/legal).
Supabase, Inc.: Transfers governed by Standard Contractual Clauses (SCCs) as set out in Supabase's Data Processing Agreement (available at supabase.com/privacy).
Fly.io: Transfers governed by Fly.io's Data Processing Agreement (available at fly.io/legal).

We will update this section if transfer mechanisms change or if new adequacy decisions apply.

8. Data Retention

We retain customer-linked data only as long as necessary, in accordance with GDPR Article 5(1)(e) (storage limitation):

Prayer records	Retained while the merchant's store is active on PrayerReceipt
Post-uninstall	All shop data is deleted within 48 hours of receiving the shop/redact webhook from Shopify
Customer redact request	Customer-specific prayer records are deleted upon receiving the customer/redact webhook
Data export request	Customer data is compiled and returned upon receiving the customer/data_request webhook
Database backups	Supabase point-in-time recovery backups may retain data for up to 7 days; backup copies are not accessed after an erasure request and expire automatically
Legal hold	Data may be retained longer if required by applicable law (e.g. fraud investigation, tax compliance); merchants are notified of any such hold

These retention rules are enforced automatically by our GDPR webhook handlers.

9. Data Sharing & Sub-Processors

We share customer data only with the following sub-processors, each bound by appropriate data processing agreements:

Anthropic, Inc. (USA)	AI prayer generation — customer data sent solely to generate a personalized prayer; Anthropic does not use API data for model training under their commercial terms; data not retained post-response. Transfer mechanism: SCCs.
Resend, Inc. (USA)	Transactional email delivery — processes customer email address and prayer text. Transfer mechanism: SCCs.
Supabase, Inc. (USA)	PostgreSQL database hosting — data encrypted at rest. Transfer mechanism: SCCs.
Fly.io (USA)	Application hosting — Docker containerized deployment; TLS enforced; volumes encrypted at rest.
Infisical	Secrets management — stores application credentials only; never processes customer personal data.
Netlify	DNS provider — holds DNS routing records only; no customer data processed.
Namecheap	Domain registrar — nameserver delegation only; no customer data processed.

We do not sell, rent, or disclose personal data to any other third parties. We do not sell or share personal information as defined under the CCPA/CPRA.

10. Security

We implement the following security measures in accordance with GDPR Article 32:

All data in transit is encrypted via HTTPS/TLS — enforced by Shopify, Resend, Anthropic, and our hosting providers.
All data at rest is encrypted — Supabase encrypts PostgreSQL storage by default using AES-256.
Application secrets (API keys, database credentials) are managed via Infisical and never hardcoded.
Customer data is never written to application logs.
Production and development environments are strictly separated with isolated databases and independent secret sets.
Security controls are reviewed annually and following any significant architectural change.

11. Your Rights

11.1 Rights Under GDPR (EEA / UK)

If you are a customer of a merchant using PrayerReceipt and are located in the EEA or UK, you have the following rights:

Right of access (Article 15) — request a copy of data we hold about you
Right to rectification (Article 16) — request correction of inaccurate data
Right to erasure (Article 17) — request deletion of your data
Right to restriction (Article 18) — request we limit how we process your data
Right to data portability (Article 20) — receive your data in a structured format
Right to object (Article 21) — object to our processing based on legitimate interests at any time; we will cease processing unless we can demonstrate compelling legitimate grounds
Right to lodge a complaint — you have the right to lodge a complaint with your national data protection supervisory authority (e.g. the ICO in the UK, the CNIL in France, the DPC in Ireland) if you believe we have violated your rights

To exercise these rights, contact us at: privacy@twoolivetrees.live. Merchants may also exercise customer data rights on their customers' behalf through the Shopify admin.

11.2 Rights Under CCPA/CPRA (California)

If you are a California resident, you have the following rights under the CCPA/CPRA:

Right to know — request disclosure of the categories and specific pieces of personal information we have collected about you
Right to delete — request deletion of personal information we have collected from you
Right to correct — request correction of inaccurate personal information
Right to opt-out of sale or sharing — we do not sell or share personal information as defined under CCPA/CPRA
Right to non-discrimination — we will not discriminate against you for exercising any of these rights

To exercise California rights, contact us at: privacy@twoolivetrees.live.

11.3 Rights Under Other US State Laws

Residents of Virginia (VCDPA), Colorado (CPA), and other states with applicable privacy laws have equivalent rights to access, delete, correct, and opt out of certain processing. PrayerReceipt does not engage in profiling, targeted advertising, or sale of personal data. To exercise any state privacy right, contact us at: privacy@twoolivetrees.live.

12. Data Controller

For the purposes of GDPR, the data controller is:

Organization	Two Olive Trees LLC
Email	privacy@twoolivetrees.live
Website	https://twoolivetrees.live (coming soon)
App	https://prayerreceipt.fly.dev

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to merchants via in-app notification or email. Continued use of PrayerReceipt after changes constitutes acceptance. The version number and effective date at the top of this document reflect the most recent revision.

Version 1.0 | Last updated: March 14, 2026