Last updated: April 17, 2026 · Version 1.3
Ask Brother John is a Bible companion chatbot. The service is available as a website at askbrotherjohn.com. For operator details, see the Contact section below.
| Data Type | When Collected | Stored Where |
|---|---|---|
| Email address | When you create an account | Server database (Hetzner, Germany) |
| Hashed password | When you create an account (bcrypt, irreversible) | Server database |
| Google profile (email, full name, Google account ID) | When you sign in with Google. We retain only these three fields; any other data from the Google sign-in response is discarded at sign-in. | Server database |
| Conversation history | Every message you send and every response | Server database, linked to your user ID |
| Anonymous browser session ID (UUID) | On first visit; issued by the server and stored in a secure browser cookie (“bj-sid”). Strictly necessary for session continuity and for protecting actions that modify your account. | Server-signed cookie + server database |
| Preferences | When you change settings (dark mode, scripture style) | Your browser (localStorage) |
| Bible reading progress | When you use reading plans | Server database |
| IP address + User-Agent | Every request (access logs); also included in the consent_log row created when you accept or decline the consent banner | Server access logs (Hetzner, 14 days) and consent_log (see retention table) |
| Processing Activity | Legal Basis |
|---|---|
| Conversation storage | Your explicit consent (Article 6(1)(a) + Article 9(2)(a)) |
| Account creation and management | Performance of contract (Article 6(1)(b)) |
| Security and abuse prevention | Legitimate interest (Article 6(1)(f)) |
| Server logging | Legitimate interest (Article 6(1)(f)) |
Conversations with Brother John may reveal your religious beliefs, which are classified as “special category data” under GDPR. The consent banner is non-skippable: until you click Accept, the service does not transmit any message to Mistral AI or store it on our server. By clicking Accept you give explicit consent to the processing of messages that may relate to your faith, beliefs, or spiritual questions.
The banner also requires you to confirm you are at least 16 years old before the Accept button is enabled. This confirmation is stored in your browser and applies to anonymous browsing as well as to account creation.
You may withdraw this consent at any time via the “Manage Consent” link in the sidebar, by stopping use of the service, or by deleting your account (if you have one). Withdrawal does not affect the lawfulness of processing already carried out under your consent.
Your messages are processed by Mistral AI (Mistral AI SAS, Paris, France) to generate Brother John's responses.
| Data | Retention Period |
|---|---|
| Account data | Until you delete your account |
| Conversation history (logged-in) | Until you delete it, delete the session, or delete your account |
| Anonymous conversations (no account) | Stored on the server indefinitely while you continue to use the service. If you clear your browser data, our automatically-managed “bj-sid” cookie is removed and a new one is issued; your past messages remain on our server but are no longer accessible to you via the browser. To request deletion, email us. |
| Consent records (consent_log) — IP address and User-Agent | 90 days. After that we automatically null these fields; the action (accepted / declined), timestamp, and policy version remain as the consent audit trail. |
| Consent records — action / timestamp / policy version | Retained indefinitely in anonymized form after any account deletion — required to prove that consent was freely given under a specific policy version. |
| Server access logs | Hetzner / our nginx logrotate — 14 days. Includes IP address and request metadata for security purposes. |
Under the GDPR, you have the following rights:
GET /api/auth/export (sent automatically when you click “Export my data” in the account menu). The export includes your profile, sessions, messages, preferences, and consent history.Ask Brother John uses a single server-signed HTTP cookie and a small number of localStorage items. We do not use third-party analytics, advertising, or cross-site tracking cookies.
| Name | Where | Purpose | Type |
|---|---|---|---|
| bj-sid | HttpOnly Secure cookie (1 year) | Server-issued, HMAC-signed anonymous browser session ID. Used to link your messages to your browser without exposing the ID to JavaScript. | Strictly necessary |
| bj-auth-token | localStorage | JWT that keeps you logged in for 30 days | Strictly necessary (only if you create an account) |
| bj-user-id | localStorage | Legacy anonymous ID (migrated into bj-sid on first v1.2 visit). Not used for new visitors. | Functional (consent required; cleared on Decline) |
| bj-theme | localStorage | Remembers dark/light mode | Functional (consent required) |
| bj-scripture | localStorage | Remembers card/accent bar choice | Functional (consent required) |
| bj-consent | localStorage | Remembers your consent decision (accepted or declined) | Strictly necessary |
| bj-consent-version | localStorage | Records which version of this policy you consented to, so the banner re-appears when the policy changes materially | Strictly necessary |
| bj-consent-date | localStorage | Records when you accepted. Only stored on Accept; removed on Decline. | Strictly necessary (only when you accept) |
| bj-age-confirmed | localStorage | Records that you affirmed you are at least 16 years old (GDPR Art. 8 gate) when you accepted the consent banner. Only stored on Accept; removed on Decline. | Strictly necessary (only when you accept) |
| __cf_bm | Cookie, set by Cloudflare | Cloudflare bot-management cookie, classified by Cloudflare as strictly necessary. Set by the edge network on every request; not readable by our application JavaScript. Typical lifetime is 30 minutes. | Strictly necessary |
| Service | Purpose | Data Shared | Location |
|---|---|---|---|
| Mistral AI | AI response generation | Your messages (text only). Not called before you accept consent. | EU (France / Netherlands) |
| Hetzner Online GmbH | Server hosting (DPA signed; EU-only processing) | All data stored on server | EU (Germany) |
| Cloudflare, Inc. | DNS, CDN, TLS termination, DDoS protection (Data Processing Addendum with Standard Contractual Clauses) | IP address, request metadata, and message body (which Cloudflare may decrypt as a TLS terminator) | Global CDN, US company |
| Google OAuth (Google Identity Services) | Optional sign-in | Email, full name, Google profile ID (sub) | Google servers (EU DPA applies) |
| Google Identity Services JS | Renders the Sign in with Google button. In v1.2 this script is loaded on-demand only when you open the account panel, so Google does not receive your IP merely for visiting the homepage. | IP, browser info — only if you open the account panel | Google CDN |
Cormorant Garamond, our display font, is self-hosted on our own server (no Google Fonts CDN call). html2canvas (for the share-image feature) is also self-hosted. We do not embed any social widgets, analytics scripts, or advertising pixels.
All primary data processing occurs within the European Union:
Transfers to a third country occur only through Cloudflare's global CDN and, if you use Google Sign-In, Google LLC (US). Both providers have signed Data Processing Addenda with us that incorporate the European Commission's Standard Contractual Clauses (SCCs) as the safeguarding mechanism under GDPR Article 46. Where additional safeguards are required under EU case law, we rely on the CDN/TLS-only nature of the Cloudflare transfer (CF does not persistently store message content in the US) and, for Google, on the public-client ID-token flow (Google does not receive our service's private data beyond the OAuth credential you submit).
Using the service without an account is entirely voluntary — you are not required by law or contract to provide any information. Creating an account is a contract; in that case the email you provide (or your Google profile) is required to perform the contract.
Brother John uses artificial intelligence to generate responses. This is automated content generation, not automated decision-making as defined in GDPR Article 22 — no decisions with legal or similarly significant effects are made about you based on automated processing. The AI generates conversational responses only. Per the EU AI Act (Regulation 2024/1689), we disclose clearly that you are interacting with an AI system (sidebar and per-message badges, this policy, and the Terms of Service).
A Data Protection Officer has not been appointed, as the operator is a sole individual and the processing does not require one under GDPR Article 37. For all data protection inquiries please contact: [email protected].
This service is not directed at children under 16. Both account creation and the anonymous consent banner require you to affirm that you are at least 16 years old before you can enable religious-data processing. If we become aware that we have collected personal data from a child under 16 without parental consent, we will delete it promptly. National age thresholds under GDPR Art. 8 vary (Czech Republic: 15; Germany: 16; United Kingdom: 13). For clarity and simplicity we apply the strictest common threshold (16+) to everyone. Bible reading does not require consent or age confirmation and remains available to all ages.
extra="forbid", request-body size limits (128 KB)javascript: / vbscript: / data: URL schemes from any AI output before return (defense-in-depth against a jailbroken model)You have the right to lodge a complaint with your local supervisory authority:
Czech Republic (the operator's seat) — ÚOOÚ (Úřad pro ochranu osobních údajů)
Pplk. Sochora 27, 170 00 Praha 7, Czech Republic
Website: www.uoou.cz
Email: [email protected]
United Kingdom — ICO (Information Commissioner's Office)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk · Helpline: 0303 123 1113
We do not have a UK representative appointed under UK GDPR Art. 27; you can contact us directly at the address above.
Other EEA residents may complain to their national data protection authority.
Ask Brother John is a Czech-operated service. To the extent that California's CCPA / CPRA, Virginia's VCDPA, Colorado's CPA, Connecticut's CTDPA, Utah's UCPA, or comparable laws apply to you, you may have additional rights, including the right to know what personal information we hold, the right to delete it, the right to correct it, and the right to opt out of “sale” or “sharing” for cross-context behavioral advertising. We do not sell or share personal information for cross-context behavioral advertising. To exercise any of these rights, email [email protected].
If a personal data breach occurs that is likely to result in a high risk to your rights and freedoms, we will notify affected users promptly via a prominent notice on askbrotherjohn.com and, where an email address is on file, by email. We will also notify the Czech DPA (ÚOOÚ) within 72 hours as required by the GDPR.
We may disclose your data if compelled by a valid legal order from a competent court or authority. Where legally permitted, we will notify you in advance. We will resist overbroad requests and requests from non-EU authorities that do not comply with EU law (including GDPR Article 48).
GDPR does not apply to deceased persons. Czech Civil Code § 81 protects post-mortem personality rights for close relatives. If you are a close family member of a deceased user and wish to request access to or deletion of their data, please contact us with proof of the relationship and the account details. We will consider each request carefully.
We may update this policy from time to time. Material changes are announced by (a) bumping the “Version” number at the top of this page, (b) bumping a matching version constant on the server so the consent banner reappears for existing users, and (c) posting a notice on the website. Existing consent records stay in the consent_log under the policy version they were given against.
The complete version history, including archived copies of each prior policy, is maintained internally for audit purposes. A summary:
For any questions about this privacy policy, your data, or to exercise your rights, please contact us at the email address above.