Privacy Policy

How We Handle Information About You

A companion to our Disclaimer — together they set out the terms under which this ministry operates.

Words of Plainness is a ministry, not a business. We do not sell advertising, we do not run tracking networks, we do not share your information with marketers, and we do not monetize your attention. The only reason we collect information at all is to make the website work and to serve the people who register as members of our reading community.

This policy describes—in plain language—what we collect, why we collect it, where it goes, how long we keep it, and what rights you have over it. If anything here is unclear, or if you want us to do something with your information that is not described below, please write to us at the address in the Contact section.

Information We Collect from Visitors

If you read this website without creating an account, filling out a form, or otherwise identifying yourself, we do not collect personal information about you. The only data generated by anonymous visits is aggregate, privacy- preserving analytics used to understand which pages people read.

Specifically, anonymous visits generate the following information, collected by our hosting and analytics providers:

  • Page views — which pages were visited, at what approximate time, and in what order.
  • Referrer — the website (if any) that sent you to ours.
  • Approximate country — determined from the general geographic region of your internet connection. We do not collect city- level or precise geolocation data.
  • Device type and operating system — for example, “mobile iOS” or “desktop Windows.”
  • IP address — retained temporarily in server request logs by our hosting providers for operational and security purposes, not used to profile you.

This analytics data is anonymized. It is not tied to your name or any other identifier, and we make no attempt to reconstruct your identity from it.

Information We Collect from Registered Members

Creating a free account on this site is entirely optional. Everything we publish can be read without an account. Members register only if they want their reflections, journal entries, witness testimonies, and commitments saved and synchronized across their devices.

When you register for an account, we collect:

  • Username — the name you choose to appear on the site.
  • Email address — used to authenticate your account, send you newsletters if you have opted in, and contact you about matters related to your account.
  • Display name — optional; used in place of your username where a more personal identifier is appropriate.
  • Password — stored only in a cryptographically hashed form. We cannot see, retrieve, or reveal your password. If you forget it, we can only issue you a reset.
  • Newsletter subscription status — your choice at registration (and at any later point) of whether to receive our newsletter.

Once you are signed in, we collect and store the following information as you engage with the site:

  • Reflect, Journal, and Witness entries — the text you write in the pause-point tabs within each chapter, along with the chapter identifier, the tab type, and your choices about whether each entry should be included in your portable discipleship document or submitted to the community witness stream for moderated publication.
  • Card commitment responses — in the interactive discipleship chapters, the commitment tier you select, any accompanying text, your personal reflection, and the confidence rating you assign to each commitment.
  • Engagement events — signals indicating that you viewed a page, played an audio file, opened a pause-point modal, saved an entry, bookmarked a chapter, or marked a chapter complete. These signals carry the chapter identifier, the event type, and a timestamp. They do not carry the content of anything you wrote.
  • Authentication tokens — short-lived access tokens and longer-lived refresh tokens stored in your browser so you can stay signed in across visits.

Information We Collect from Forms

Two forms on this site accept information without requiring a member account:

The newsletter signup form, which appears in the site footer and on the Connect page, collects your name and email address. We also record the time of your submission and your IP address for the limited purpose of preventing spam and abuse of the form.

The contact form, which appears on the Connect page, collects your name, email address, and whatever message you write. Contact form submissions are sent to Brother Aaron by email and are not stored in any other location.

How We Use Your Information

We use the information described above only for the following purposes:

  • To operate the website. Analytics help us understand which chapters and pages are reaching people, so we can improve them and prioritize what to write next.
  • To authenticate your account and keep you signed in across visits.
  • To store and display your own reflections, journal entries, witness testimonies, and commitments so they appear where you expect them and can be assembled into your portable discipleship document.
  • To send you the newsletter if you have subscribed to it, and to honor your choice if you later unsubscribe.
  • To respond to messages you send us through the contact form.
  • To moderate community witness submissions before they appear publicly. Community witnesses are never published without review.
  • To protect the integrity of the site — preventing abuse, detecting attempts to compromise the system, and honoring mandatory reporting obligations described in our Community Guidelines and Safety & Support pages.

We do not use your information for advertising, profile- building, resale, or any purpose unrelated to the ministry. We do not combine your information with data from third parties to build a richer picture of you.

How We Store and Secure Your Information

Your account information, reflections, commitments, and engagement data are stored in a database operated by the ministry and hosted on a private, password-protected server at PythonAnywhere. Connections to our servers are encrypted in transit using HTTPS. Passwords are stored only as one-way cryptographic hashes; the original passwords are not recoverable even by us.

We take reasonable measures to protect your information, including keeping our software up to date, limiting administrative access, and periodically reviewing our security posture. However, no system connected to the internet can be guaranteed to be perfectly secure. If a security incident affects your data in a way that is likely to cause you harm, we will notify you as promptly as we are able.

Third-Party Services

Running a website requires the help of a small number of outside service providers. We have chosen providers that respect user privacy and minimize data collection. Each one is listed below, along with what information it receives and why.

Cloudflare — provides our domain-name system, content delivery network, website security, privacy-preserving web analytics, and the media server at media.wordsofplainness.org. Cloudflare receives your IP address and the standard information sent by your browser as part of every page request. Cloudflare Web Analytics does not use cookies and does not track visitors across sites.

Vercel — hosts the website itself and provides an additional layer of anonymized web analytics. Vercel’s analytics are cookie-free and identify visitors only by a temporary, anonymous hash that is discarded automatically after twenty-four hours. Vercel receives request logs as part of hosting the site.

PythonAnywhere — hosts the database and application server that handle member accounts, reflections, commitments, and engagement data. PythonAnywhere sees this information only because it operates the infrastructure on which the data is stored.

Buttondown — delivers our newsletter. If you have subscribed, Buttondown stores your email address, name, and subscription preferences in order to send you the newsletter and honor your unsubscribe requests.

Google Fonts — provides the typefaces used throughout the site. When your browser loads a page, it requests these typefaces from Google, and Google can therefore observe the request (including your IP address) as part of serving the font file.

Discord — provides our community discussion platform. Discord is not integrated into the website in a way that transfers data about you; it is linked as an external destination. If you choose to join our Discord server, your interaction with Discord is governed by Discord’s own privacy policy.

churchofjesuschrist.org — the external destination for every scripture citation on this site. We do not send data to the Church website; if you follow a scripture link, your browser transmits the usual request information directly to their servers.

Cookies and Local Storage

This website does not use tracking cookies. It does not participate in any advertising network. It does not employ third-party analytics that track users across multiple sites. Under the rules that govern cookie consent in most jurisdictions, strictly necessary storage does not require a consent banner, which is why you do not see one on this site.

The site does use your browser’s local storage for a small number of functional purposes:

  • Reader preferences — your chosen font size and similar display settings.
  • Reading progress and bookmarks — so the site can remember where you left off.
  • Anthem player state — whether the ministry anthem audio controls are expanded or collapsed.
  • Unsynced entries — if you write a reflection while not signed in, it is saved locally until you sign in, at which point it transfers to your account.
  • Authentication tokens — short-lived tokens that keep you signed in.

All of this local storage lives on your own device and is never transmitted to any third party. You can clear it at any time through your browser’s settings.

Children’s Privacy

This ministry is written for adults and is not directed to children under the age of thirteen. We do not knowingly collect personal information from children under thirteen. If we learn that we have inadvertently collected such information, we will delete it promptly. If you are a parent or guardian and you believe your child has provided personal information to this site, please contact us at the address below and we will assist you.

Your Rights Over Your Information

The information on this site belongs to the people it describes. Whether or not the law where you live uses these words, we will honor the following rights for everyone:

  • The right to know what information we have about you. You can ask us and we will tell you.
  • The right to correct information about you that is inaccurate. You can update most of your own information directly through your account; for anything you cannot change from the site, write to us and we will correct it.
  • The right to delete your account and the information associated with it. Account deletion is permanent. We will remove your personal information from our active systems within thirty days of your request, subject to any narrow exceptions described in Data Retention.
  • The right to export your reflections, journal entries, witness testimonies, and commitments in a portable document. This is already a built-in feature of your account. You do not need to ask our permission to use it.
  • The right to withdraw consent to any communication you previously agreed to. Every newsletter email contains a one-click unsubscribe link. You can also write to us and we will remove you.
  • The right to be told about meaningful changes to how we handle your information.

To exercise any of these rights, write to us at the address in the Contact section below. We do not require you to cite a statute or prove a jurisdiction; asking is enough.

Data Retention

We retain different kinds of information for different lengths of time:

  • Active accounts and their associated data are retained for as long as you maintain the account.
  • Deleted accounts — when you delete your account, your personal information is removed from active systems within thirty days. A small amount of information may persist briefly in encrypted backups that are themselves rotated on a normal retention schedule.
  • Newsletter unsubscribes — when you unsubscribe, your email address is retained in a suppression list solely so that we do not accidentally re-add you in the future. It is never used for any other purpose.
  • Contact form messages are kept in Brother Aaron’s email as part of normal correspondence and are not systematically purged. You may ask him to delete any message you have sent.
  • Anonymous analytics data is retained according to the defaults of each analytics provider: Cloudflare retains its analytics for a rolling thirty-day window at our account tier; Vercel discards its per-visitor hashes after twenty-four hours.
  • Server request logs are retained by our hosting providers on their standard rolling schedules and are used for operational and security purposes only.
  • Aggregated, anonymized engagement statistics (for example, “how many readers have played the Chapter 9 audio this month”) may be retained indefinitely. These statistics contain no information that identifies any individual.

Changes to This Policy

We may update this policy from time to time as the ministry grows, as the services we rely on change their own practices, or as the laws governing online privacy evolve. Every version of this policy is dated at the bottom of the page. Material changes will be announced in the newsletter and in a short notice on the site.

Continued use of the website after a revision constitutes acceptance of the revised policy. If you do not accept a revision, you may delete your account or stop using the site at any time.

Contact About Privacy

Questions about this policy, requests to exercise the rights described above, and any other privacy-related correspondence should be sent to Brother Aaron using the contact form on our Connect page. We respond personally; there is no automated privacy queue and no call center. Your question reaches a person.

A Word from Brother Aaron

A privacy policy is a legal document, but for a ministry it is also a promise. What you write in your journal belongs to you. What you confess in your reflection is between you and the Lord. What you offer as witness belongs to you until you choose to share it. I do not read private entries. No one on the ministry staff reads private entries. The database stores them because you asked it to; it does not display them to anyone but you.

The community witness stream is the one exception, and it exists only because a reader has actively chosen to share. Even then, nothing appears publicly until it has passed through moderation. If you change your mind later, write to me and I will remove it.

If you trust this ministry with words you have never said to anyone else, I want you to know that trust is received with the gravity it deserves. That is not a promise I can prove in a document. It is a promise I can only keep by the way this ministry is operated over time. I will keep it.

Words of Plainness Privacy Policy v1.0 — Aaron Powner Publishing — April 2026. This policy is reviewed periodically and updated as the ministry’s scope and the services we rely on change.

Stay Connected

Receive chapter announcements, ministry updates, and devotional insights delivered to your inbox.