Security and privacy

Ministry data is private by default and access is checked on the server.

Sermons may contain pastoral, personal, or unpublished material. The platform treats tenant isolation, session control, recovery, and clear sharing boundaries as core product requirements.

Account isolation

Sermons, research, transcripts, projects, profiles, training progress, reports, uploads, and workspace membership are scoped to an authenticated user or authorized workspace.

Session protection

Cookies are HTTP-only, secure in production, and checked against the database for expiry and revocation on protected requests. Administrators can revoke sessions.

Machine boundaries

Background transcription and import endpoints require dedicated worker credentials; a normal signed-in browser session cannot substitute for a worker token.

Payments

Stripe hosts checkout and the customer portal. Sermon Analyzer does not receive or store full card details. Signed webhooks update subscription status.

Recovery

The production database is integrity-checked during automated backups. User data and source snapshots use verified retention, and the service has local health monitoring.

Responsible AI

AI output is ministry-assistance material, not professional medical, legal, or crisis care. Evidence levels, source boundaries, usage limits, and human review remain visible.

Try the complete workflow with a real sermon.

Create a private workspace, import one source, and see how analysis, coaching, training, and Studio connect.

Security and privacy | Sermon Analyzer