Legal · Privacy

Privacy Policy

How Risk Vector Tools LLC collects, uses, stores, and protects your information across all of our applications.

Effective: April 9, 2026 · Last updated: May 14, 2026 · Version: 2.0

The Short Version

  • We collect only what we need to run our apps and sync your data across your devices.
  • We never sell your personal information to anyone — not now, not ever.
  • Our apps contain no advertising and no advertising trackers.
  • Your data is encrypted in transit and at rest, protected by row-level security.
  • You can delete your account and all associated data at any time from within the app.
  • AI features process your text through Anthropic's API and are not used to train any models.

01Scope & Overview

This Privacy Policy describes how Risk Vector Tools LLC ("Risk Vector Tools," "we," "us," or "our") collects, uses, shares, and protects personal information when you use any of our applications, services, or our website at riskvectortools.com (collectively, the "Services").

Our Services currently include, but are not limited to:

  • Lantern: KJV Bible & AI Study — a mobile Bible study application with AI-powered features.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.

02Information We Collect

We collect information in the following categories:

Information You Provide

  • Account information: Your email address when you create an account. We do not require or collect names, phone numbers, dates of birth, or physical addresses.
  • User-generated content: Bookmarks, highlights, notes, journal entries, reading progress, and similar content you create within our apps.
  • AI queries: Text you submit to AI-powered features, such as search queries or study questions.
  • Communications: Information you provide when you contact us for support, feedback, or other inquiries.

Information Collected Automatically

  • Device information: Device model, operating system version, app version, language settings, and approximate region (derived from system locale, not GPS).
  • Diagnostic data: Crash reports and basic error logs to help us identify and fix bugs.
  • Authentication metadata: Sign-in timestamps and session tokens necessary to keep you logged in securely.

Information We Do Not Collect

To be explicit about what we don't do: we do not collect or have access to your precise location (GPS), contacts, photos, microphone, camera, browsing history outside our apps, advertising identifiers, or biometric data.

03How We Use Information

We use your information only for the following purposes:

  • Provide the Services: Authenticate your account, sync your bookmarks and notes across your devices, and deliver the features you've requested.
  • Process AI requests: Send your queries to our AI provider so we can return responses to you.
  • Maintain and improve quality: Diagnose crashes, fix bugs, and understand which features are working well at an aggregate level.
  • Manage subscriptions: Verify your premium status and respect your purchase history.
  • Communicate with you: Respond to your support requests and notify you of material changes to our Services or this Policy.
  • Protect our users and Services: Detect and prevent abuse, fraud, and security incidents.
  • Comply with the law: Meet our legal, regulatory, and law-enforcement obligations.

We do not use your information for advertising, profiling, or to train any machine learning or AI models.

04AI-Powered Features

Several of our apps include features powered by large language models. When you use these features:

  • The text of your query is transmitted over an encrypted (TLS) connection to our secure backend.
  • From there, it is forwarded to Anthropic (the provider of the Claude API) for processing.
  • The generated response is returned to your device and shown in the app.
Important: Per Anthropic's commercial API terms, your AI query content is not used to train Anthropic's models. We do not retain your AI query content beyond what is necessary to deliver the response and provide standard service reliability and abuse-prevention functions.

You can review Anthropic's privacy and data handling practices at anthropic.com/legal/privacy.

05Service Providers

We rely on a small number of trusted third-party service providers to operate our Services. Each provider is contractually bound to handle your information securely and only for the purposes we've authorized.

Supabase
Authentication and database hosting. Stores your account credentials (hashed) and synced user content with row-level security. Privacy policy →
Anthropic
Provides the AI model used to process queries in our apps. Does not use API content for model training. Privacy policy →
RevenueCat
Manages subscription state and entitlement verification. Does not receive payment card numbers. Privacy policy →
Google Play
Handles all in-app purchases and subscription billing. We never see or store your payment information. Privacy policy →
Netlify
Hosts our public website. May collect standard web access logs (IP, user agent) for security and operational purposes. Privacy policy →

We periodically evaluate our service providers and may add, remove, or replace them. Material changes will be reflected in this Policy.

06Sharing & Disclosure

We do not sell your personal information. We do not share your personal information with third parties for their own marketing purposes. We disclose information only in these limited circumstances:

  • To service providers listed in Section 5, strictly to operate our Services.
  • For legal reasons, if we are required to do so by law, valid legal process, or to protect our rights, safety, or property, or that of our users or the public.
  • In a business transfer, such as a merger, acquisition, or sale of all or part of our assets — in which case any successor will be bound by privacy commitments at least as protective as this Policy.
  • With your consent, when you direct us to share information for a specific purpose.

07Data Retention

We retain your information for as long as your account is active and for a limited period thereafter for legitimate operational and legal purposes:

  • Account & user content: Retained until you delete your account. Upon deletion, your data is removed from our active databases within 30 days and from backups within 90 days.
  • Diagnostic data: Retained in aggregated form for up to 12 months for trend analysis.
  • Subscription records: Retained as required by applicable tax, accounting, and consumer-protection laws (typically up to 7 years).
  • Support communications: Retained for up to 24 months to ensure continuity of support.

08Data Security

We take security seriously and implement industry-standard safeguards to protect your information:

  • All data is encrypted in transit using TLS 1.2 or higher.
  • Data at rest is encrypted using AES-256 on our database provider's infrastructure.
  • Row-level security policies ensure that each user can only access their own data.
  • Account passwords are hashed using industry-standard algorithms (we never see your plaintext password).
  • Access to our production systems is limited to authorized personnel and protected by multi-factor authentication.

No method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. If we become aware of a security incident affecting your personal information, we will notify you as required by applicable law.

09International Data Transfers

Risk Vector Tools LLC operates from the United States. If you access our Services from outside the United States, your information may be transferred to, stored in, and processed in the United States or other countries where our service providers operate.

Where required, we rely on appropriate safeguards for international data transfers, including the European Commission's Standard Contractual Clauses (SCCs) for transfers from the European Economic Area, the United Kingdom, and Switzerland.

10Your Rights & Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Update or correct inaccurate information.
  • Deletion: Delete your account and associated data at any time from within the app under Settings → Delete Account, or by contacting us directly.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to certain types of processing.
  • Withdrawal of consent: Withdraw any consent you previously gave, without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at riskvector.tools@gmail.com. We will respond within 30 days, or as required by applicable law. We will not discriminate against you for exercising any of these rights.

11California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) give you additional rights, including:

  • The right to know what categories of personal information we collect, use, and disclose.
  • The right to delete personal information we have collected from you.
  • The right to correct inaccurate personal information.
  • The right to opt out of the sale or sharing of personal information (we do not sell or share personal information).
  • The right to limit use of sensitive personal information (we do not collect sensitive categories such as government IDs, financial accounts, precise geolocation, or biometric data).
  • The right to non-discrimination for exercising your privacy rights.

To exercise these rights, contact us at riskvector.tools@gmail.com. You may also designate an authorized agent to make a request on your behalf, subject to verification.

12European Users (GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent local laws apply. The legal bases on which we process your personal information are:

  • Contract: To provide the Services you've requested under our Terms of Service.
  • Legitimate interests: To maintain, secure, and improve our Services, where those interests are not overridden by your rights.
  • Consent: Where required, such as for certain optional features.
  • Legal obligation: To comply with applicable law.

You have the right to lodge a complaint with your local data protection authority, though we encourage you to contact us first so we can address your concerns directly.

13Children's Privacy

Our Services are not directed to children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children under 13.

If we learn that we have inadvertently collected personal information from a child under 13, we will delete that information as quickly as possible. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at riskvector.tools@gmail.com.

14Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our Services, or applicable law. When we make material changes, we will:

  • Update the "Last updated" date at the top of this Policy.
  • Notify users within the app and/or by email for changes that materially affect your rights.
  • Where required by law, obtain your renewed consent.

Your continued use of the Services after the effective date of an updated Policy constitutes acceptance of the changes.

15Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please reach out to us:

Entity
Risk Vector Tools LLC
Email
riskvector.tools@gmail.com
Website
riskvectortools.com