Legal
Effective April 29, 2026
This Privacy Policy explains what information Rhema.art collects, how we use it, and the choices you have. It applies to your use of our website and product (the “Service”). By using Rhema.art, you agree to the practices described here.
When you create an account, we collect your name, email address, and password (stored as a one-way hash). When you sign in with Google, we receive your name, email, and profile identifier from Google. When you contact support or submit feedback, we keep what you send so we can respond.
Flyer drafts, projects, uploaded images, canvas state, prompts, and AI-generated outputs are stored in your account so you can come back to them. We treat this content as yours — see the Terms of Service for ownership details.
We collect basic technical data when you use the Service — for example, your IP address, device and browser type, the pages you visit, and timestamps. We use this to keep the Service secure, debug problems, and understand how features are used.
We use your information to operate Rhema.art (run AI generations, save and display your designs, send transactional email like verification codes and password resets), to keep accounts secure (rate limiting, fraud prevention), to improve the product, and to communicate with you about your account. We don't sell your personal information.
Rhema.art runs on top of trusted third-party services. We share the minimum information needed for these services to do their job:
When you ask Rhema.art to generate content, the relevant prompt and event details are sent to our AI providers to produce the output. Don't include sensitive personal information in your prompts.
We use a small number of cookies and similar storage to keep you signed in (an HTTP-only authentication cookie), remember your theme preference, and run essential product features. We don't use third-party advertising cookies.
We keep your account information and content for as long as your account is active. If you delete your account, we remove your personal information and content within a reasonable period, except where we need to retain it to comply with legal obligations, resolve disputes, or enforce our Terms.
We use industry-standard practices including TLS in transit, hashed passwords (bcrypt), HTTP-only cookies for authentication, rate limiting, and access controls. No system is perfectly secure, so we encourage you to use a strong unique password and let us know immediately if you suspect a problem.
Depending on where you live, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. You can update your profile or delete your account from Settings, or contact us using the details below to exercise these rights.
Rhema.art isn't directed at children under 13 (or the age of digital consent in your country). If you believe a child has given us personal information, please contact us and we'll remove it.
Rhema.art and our service providers may process your information in countries other than where you live. We rely on appropriate safeguards, where required by law, when transferring information internationally.
We may update this Privacy Policy from time to time. If the changes are material, we'll notify you — for example, by email or via an in-app notice. The “effective” date at the top of this page tells you when the latest version took effect.
Questions or requests about your privacy? Reach us at support@rhema.art or through our contact page.