Privacy Policy

Last updated: January 19, 2026

Glossa ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our biblical research platform. This policy is designed to comply with applicable data protection laws including the UK GDPR, EU GDPR, US privacy laws, and Singapore's Personal Data Protection Act (PDPA).

Contents

  1. 1. Information We Collect
  2. 2. How We Use Your Information
  3. 3. Legal Basis for Processing (GDPR)
  4. 4. Data Sharing and Disclosure
  5. 5. Data Retention
  6. 6. Your Privacy Rights
  7. 7. International Data Transfers
  8. 8. Cookies and Tracking
  9. 9. Data Security
  10. 10. Children's Privacy
  11. 11. Changes to This Policy
  12. 12. Contact Us
  13. 13. Jurisdiction-Specific Rights

1. Information We Collect

Information You Provide

  • Account Information: When you create an account, we collect your email address, username, and password.
  • Profile Information: Optional information you provide such as display name and bio.
  • User Content: Notes, bookmarks, and reading preferences you save on the platform.
  • Communications: Information you provide when contacting us for support.

Information Collected Automatically

  • Usage Data: Pages visited, features used, search queries, and reading history.
  • Device Information: Browser type, operating system, and device identifiers.
  • Log Data: IP address, access times, and referring URLs.

2. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our biblical research platform
  • Personalize your experience with AI-powered recommendations
  • Process and manage your account
  • Respond to your inquiries and support requests
  • Send service-related communications
  • Analyze usage patterns to improve our services
  • Ensure platform security and prevent abuse
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Service Providers: Third parties that help operate our platform (hosting, analytics)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger or acquisition
  • With Your Consent: When you explicitly agree to sharing

5. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy. Account data is retained while your account is active and for a reasonable period afterward. You may request deletion of your data at any time, subject to legal retention requirements.

6. Your Privacy Rights

Depending on your location, you may have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request limited processing of your data
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Where processing is based on consent

To exercise these rights, contact us at privacy@glossa.dev.

7. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by relevant authorities
  • Adequacy decisions where applicable
  • Other legally recognized transfer mechanisms

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for platform functionality (authentication, preferences)
  • Analytics Cookies: To understand how users interact with our platform
  • Preference Cookies: To remember your settings and choices

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect platform functionality.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit and at rest, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure.

10. Children's Privacy

Our platform is not directed at children under 16 (or the applicable age in your jurisdiction). We do not knowingly collect personal data from children. If we become aware of such collection, we will promptly delete the data.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of the platform after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related inquiries or to exercise your rights:

Email: privacy@glossa.dev

For UK/EEA users, you also have the right to lodge a complaint with your local data protection authority.

13. Jurisdiction-Specific Rights

United Kingdom & European Economic Area (GDPR)

Under the UK GDPR and EU GDPR, you have enhanced rights including data portability, the right to erasure, and the right to object to automated decision-making. Our legal bases for processing are detailed in Section 3 above.

United States

California Residents (CCPA/CPRA): You have the right to know what personal information we collect, request deletion, opt out of "sales" of personal information (we do not sell your data), and not be discriminated against for exercising your rights.

Other US States: Residents of Virginia, Colorado, Connecticut, Utah, and other states with privacy laws may have similar rights. Contact us to exercise these rights.

Singapore (PDPA)

Under Singapore's Personal Data Protection Act, you have the right to access and correct your personal data. We will respond to access requests within 30 days. You may also withdraw consent for the collection, use, or disclosure of your personal data.

See also: Terms of Service