Hosanna Privacy Policy
Effective Date: March 3, 2026
Last Updated: July 7, 2026
This Privacy Policy explains how Faith Comes By Hearing / Hosanna (“FCBH,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when you use the Hosanna mobile application (the “App”) and related services we provide (collectively, the “Services”).
By using the Services, you understand that we will process information as described in this Privacy Policy. If you do not agree, please do not use the Services.
Our Commitment to Privacy
We are committed to using data responsibly and transparently. Hosanna is designed to provide Bible reading, listening, video viewing, film content, and related functionality. We do not sell personal information, share personal information for cross-context behavioral advertising, display third-party ads in the App, use App data to target ads, build advertising profiles, or engage in cross-context behavioral advertising.
Information about how you use the App may be considered sensitive in certain jurisdictions. For example, use of a Bible, Scripture, ministry, audio, or video app may reveal, or allow someone to infer, religious interests, religious beliefs, or religious predispositions.
Optional usage analytics, crash diagnostics, and performance monitoring are controlled through in-app choices. We may use the country or region set for your App Store account, Google Play account, or similar regional signal to determine whether these optional features are enabled by default or require your prior consent. Where opt-in consent is required based on that country or region, the App may ask on first launch after installation whether you want to allow limited analytics and diagnostics from your device. In other countries or regions, these optional features may be enabled by default unless you turn them off. You can change your choice at any time in the App’s Account settings.
In countries, states, provinces, or regions where applicable law requires opt-in consent, special handling of religious or sensitive information, a permit, authorization, or another legal condition before optional analytics or diagnostics may be collected, we do not collect that optional data unless the applicable requirement has been satisfied or an exception applies. We may make this determination using the country or region set for your App Store or Google Play account. Where a permit, authorization, or similar requirement applies and has not been satisfied, we may disable optional analytics or diagnostics entirely and/or not make the Services available in that country or region.
Who We Are and How to Contact Us
Controller / Business / Organization: Faith Comes By Hearing / Hosanna (FCBH)
Mailing Address: Faith Comes By Hearing, 2421 Aztec Rd., Albuquerque, NM 87107
Phone: (800) 545-6552; (505) 881-3321
Privacy Contact Email: info@faithcomesbyhearing.com
You may contact us at any time to ask questions about this Privacy Policy or to exercise privacy rights described below.
What Information We Collect
We collect information in three main ways: (A) information you provide, (B) information collected automatically when you use the Services, and (C) information from third parties when you choose to use third-party sign-in or related features.
A. Information You Provide to Us
Account information. If you create or use an account, we may collect information such as your email address, name (if provided), and authentication-related identifiers (including identifiers from sign-in providers).
Newsletter/communications. If you opt in to receive newsletters or similar communications, we collect the information you submit (typically email address, and if provided first and last name). This is opt-in and you can unsubscribe at any time.
Support communications. If you contact support, including by opening our support website from the App in an external browser, we collect the information you choose to provide, such as your email address, the content of your messages, ticket details, troubleshooting details, and any other information you include in your request. Support may be provided through email communications and/or through our self-hosted Zammad-based support website. If you are signed in, we may associate support communications with your account so we can respond, manage your ticket, and troubleshoot the issue.
B. Information Collected Automatically When You Use the Services
Optional usage analytics and diagnostics. If optional usage analytics and diagnostics are enabled, either because you allowed them or because they are enabled by default in your region unless you turn them off, we may collect information about how the App is used and how it performs. This may include feature usage, screen views, engagement events, general audio/video usage, selected language or language identifier, content categories or identifiers, approximate region or country, device model, operating system version, app version, installation or app-instance identifiers, crash logs, app state at the time of a crash, performance traces, network performance, and related diagnostic information.
Optional usage analytics and diagnostics help us understand general App usage, language-level usage, audio/video feature usage, crashes, performance, device compatibility, and reliability. We do not use optional analytics or diagnostics to build advertising profiles, target ads, or engage in cross-context behavioral advertising.
Your usage analytics choice is currently device-specific. This allows people who are not logged into an account to use the setting. If you use the App on multiple devices, you may need to set your choice separately on each device. We may add account-level syncing of this preference in the future.
Server, media delivery, and security logs. When your device communicates with our servers or content-delivery systems, our systems may automatically log information such as IP address, timestamps, requested endpoints, requested media resources, device or user-agent information, network information, and related technical details. These logs are used to provide requested content, operate the Services, maintain security, troubleshoot issues, prevent abuse, and monitor reliability. Media delivery logs may reflect the content or media resource requested, but we do not use this information for targeted advertising or cross-context behavioral advertising.
Content identifiers and playback information. The App may process identifiers relating to Bible text, audio, video, film content, filesets, languages, thumbnails, downloads, offline access where available, and deep links to provide functionality such as opening a shared link, retrieving content, playing requested media, resuming playback locally, troubleshooting, or debugging an error. We do not store an account-level watch history showing the specific films or video clips you watched. We do not use content identifiers or playback information for targeted advertising.
What we do not collect or use as designed. At launch, we do not collect in-app payment card data; biometric identifiers; or precise geolocation. Donations occur outside the App. We also do not use App data for targeted advertising, cross-context behavioral advertising, or sale of personal information.
C. Information from Third Parties (When You Choose to Use Them)
If you choose to sign in with a third party, we receive certain profile and identifier information from that provider, subject to your settings with them and their policies:
Apple Sign-In. Apple provides an identifier for sign-in and may provide your email address (and name on first sign-in, depending on your choices). Apple may provide a relay email address if you hide your email.
Google Sign-In. Google sign-in can share basic profile information such as your name and email address, depending on what you authorize.
Facebook Login. If you use Facebook Login, Facebook may provide basic profile information and an identifier in accordance with your permissions and their policies.
We may also receive information from service providers that help us operate deep links (Branch), optional analytics and diagnostics (Firebase), and newsletter delivery (HubSpot), as described below.
How We Use Information
We use information for the following purposes:
Provide and operate the Services. This includes authenticating you, maintaining sessions, delivering Bible text, audio, video, film, and related content, enabling offline and download features where available, opening shared links, and enabling requested features.
Provide media streaming and content delivery. We use technical information, content identifiers, media endpoints, server logs, and content-delivery logs to deliver requested audio and video content, maintain streaming quality, troubleshoot playback issues, and protect the Services.
Improve and protect the Services. If you choose to share usage analytics, we use optional analytics, crash, and performance information to understand how the App is used, fix bugs, improve stability, and make product decisions. We also use operational logs and security information as needed to protect the App, our users, our organization, and our systems.
Customer support. We use information to respond to questions, manage support tickets, and troubleshoot issues.
Communications (opt-in). If you opt in, we send newsletters or ministry communications, including donor-cultivation communications where applicable.
Security and legal compliance. We use information to protect our users, our organization, and our Services, comply with legal obligations, and respond to lawful requests (e.g., court orders).
We do not use personal information for cross-context behavioral advertising, and we do not sell personal information.
Our Legal Bases for Processing (EEA/UK)
If you are in the European Economic Area (EEA) or the United Kingdom, we rely on the following legal bases under GDPR/UK GDPR, depending on the context: consent, contract necessity, legal obligation, vital interests, public task (rare for us), and legitimate interests.
In particular:
Contract necessity. We rely on contract necessity when you create and use an account and when we provide core App functions you request, such as authentication, content delivery, playback, downloads or offline access where available, and account-related features.
Legitimate interests. We rely on legitimate interests for certain operational, security, abuse-prevention, troubleshooting, and service-improvement activities, where those interests are not overridden by your rights and interests. This may include limited server logs, security logs, media delivery logs, and operational diagnostics needed to provide and protect the Services.
Consent. We rely on consent for marketing/newsletter communications and for optional usage analytics, crash diagnostics, performance monitoring, or similar measurement technologies where consent is required by applicable law or where we request your consent in the App.
Sensitive or special-category information. Use of a Bible, Scripture, ministry, audio, or video app may reveal or allow someone to infer religious interests, religious beliefs, or religious predispositions. Where applicable law treats this information as sensitive, special-category, or otherwise specially protected, we process it only as described in this Privacy Policy and subject to the legal bases, consents, permissions, or restrictions that apply.
Consent and withdrawal. Where we rely on consent, you can withdraw consent at any time. For example, you can unsubscribe from marketing emails using the unsubscribe link. You can also change your usage analytics choice in the App’s Account settings. You may also stop using the Services and uninstall the App.
Optional Analytics and Diagnostics Controls
Optional usage analytics, crash diagnostics, and performance monitoring are controlled through in-app choices. We may use the country or region set for your App Store or Google Play account to determine whether these optional features are enabled by default or require your prior consent.
Where opt-in consent is required based on that country or region, the App may ask on first launch after installation whether you want to allow limited analytics and diagnostics from your device. In other countries or regions, optional analytics and diagnostics may be enabled by default unless you turn them off. You can change your choice at any time in the App’s Account settings.
If enabled, optional analytics and diagnostics may help us understand general App usage, language-level usage, audio and video feature usage, crashes, performance, device compatibility, and reliability. Optional analytics and diagnostics may be processed through services such as Firebase Analytics, Firebase Crashlytics, and Firebase Performance Monitoring.
If disabled, we will not intentionally collect optional analytics and diagnostics from the App as implemented. Disabling optional analytics and diagnostics does not disable information that is necessary to provide requested Services, such as authentication, content delivery, media streaming, security, fraud or abuse prevention, legal compliance, support communications you initiate, or server and content-delivery logs.
Your usage analytics choice is currently device-specific. If you use multiple devices, you may need to set your choice separately on each device. We may add account-level syncing of this preference in the future.
In some countries, states, provinces, or regions, applicable law may require opt-in consent, special handling of religious or sensitive information, a permit, authorization, or another legal condition before optional analytics or diagnostics can be collected. We may make this determination using the country or region set for your App Store or Google Play account. In those places, we do not collect optional analytics or diagnostics unless the applicable requirement has been satisfied or an exception applies. If a permit, authorization, or similar requirement is needed and has not been satisfied, we may disable optional analytics and diagnostics entirely and/or not make the Services available in that country or region.
How We Share Information
We share information only as described below.
Service Providers and Processors
We use vetted third-party providers to help deliver the Services, such as hosting, content delivery, authentication, diagnostics, email delivery, and communications. Some of these providers process information on our behalf under agreements; others, such as third-party sign-in providers, may process information under their own terms and privacy policies. We use these services for the purposes described in this Privacy Policy.
Our provider categories include:
Hosting and infrastructure. Our primary hosting is on AWS, with data stored in the United States (AWS region US-West-2).
Video hosting and content delivery. We use hosting and content-delivery infrastructure, including AWS and CloudFront, to deliver audio and video content. Some partner video content, if included in the Services in the future, may be streamed from a partner or partner-designated content-delivery endpoint. These systems may process ordinary technical information needed to deliver requested media, such as IP address, timestamps, requested media endpoints, device or user-agent information, network information, and playback-delivery logs.
Authentication. We use authentication providers and SDKs such as Apple, Google, Facebook, and Firebase Authentication.
Optional analytics and diagnostics. If you choose to share usage analytics, we use Firebase services such as Firebase Analytics, Firebase Crashlytics, and Firebase Performance Monitoring for usage measurement, crash reporting, and performance monitoring. We do not use these services for targeted advertising, cross-app remarketing, audience building for ads, or cross-context behavioral advertising.
Support website and ticketing system. We operate a self-hosted Zammad-based support website to manage user support tickets and related support communications. When you submit a support request, we may process information such as your email address, ticket content, support history, browser or network information, and related troubleshooting details. We use this information to respond to your request, manage support tickets, and troubleshoot issues.
Deep linking and sharing links. We use Branch for app deep links and share links. We use Branch for link creation and routing, not for ad attribution, identity resolution, cross-context behavioral advertising, or cross-app remarketing as implemented by us.
Marketing communications. We use HubSpot for opt-in newsletter management.
Service providers may process device identifiers, app-instance or installation identifiers, logs, and network information such as IP address as part of providing services. Optional analytics and diagnostics providers receive optional analytics and diagnostics data only when enabled as described above. Third-party services may have their own privacy notices that explain their processing.
Legal and Safety Disclosures
We may disclose information if we believe in good faith it is necessary to comply with law, protect rights and safety, prevent fraud or abuse, or respond to lawful requests.
Organizational Changes
If we are involved in a reorganization, merger, acquisition, or asset transfer, information may be transferred as part of that transaction, subject to applicable law and appropriate safeguards.
Donations and Payments
The App may include a “Donate” feature that opens an external website in your browser. We do not process payment card information inside the App. Payment processing occurs outside the App under the payment processor/website’s terms and privacy practices.
International Data Transfers
We are based in the United States and, as described above, we store user data in the United States.
If you are in the EEA/UK or another region with cross-border transfer rules, your information may be transferred to and processed in the U.S. We use appropriate safeguards where required, which may include the European Commission’s Standard Contractual Clauses (SCCs) and similar mechanisms.
Data Retention
We retain personal information only for as long as reasonably necessary to provide the Services and for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
Retention depends on factors such as:
• whether you have an active account;
• the type of data and what it is used for (e.g., account operations vs. security logs);
• whether you have requested deletion;
• whether retention is required for legal obligations, dispute resolution, or enforcement of agreements.
If you delete your account (including via in-app account deletion where available), we will delete or deidentify personal information associated with your account, subject to legal requirements and permitted retention, such as certain security logs, legal records, and records needed to protect the Services.
Support tickets and support communications may be retained after account deletion where reasonably necessary for support history, security, legal compliance, dispute resolution, or service protection. You may separately request deletion of support information by contacting us, subject to legal requirements, security needs, and permitted retention.
Security
We use reasonable administrative, technical, and physical safeguards designed to protect information. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
Children’s Privacy
The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13.
If you believe a child under 13 has provided personal information to us, please contact us and we will take steps to delete it.
Important note for India DPDP Act and Rules contexts: India’s Digital Personal Data Protection Act, 2023 and related rules include child-related obligations and restrictions, including around tracking, behavioral monitoring, and targeted advertising to children. We do not operate targeted advertising in Hosanna, and the Services are not directed to children.
In some jurisdictions, higher age thresholds or additional parental-consent requirements may apply. The Services are intended for a general audience and are not directed to children.
Your Privacy Rights and Choices
You can make privacy requests by contacting us at the email or postal address listed above. We may need to verify your identity before fulfilling certain requests.
Global Choices
Newsletter opt-out. You can unsubscribe using the “unsubscribe” link in emails.
Optional analytics and diagnostics controls. Optional usage analytics, crash diagnostics, and performance monitoring are controlled through in-app choices. We may use the country or region set for your App Store or Google Play account to determine whether these optional features are enabled by default or require your prior consent.
Where opt-in consent is required based on that country or region, the App may ask on first launch after installation whether you want to allow limited analytics and diagnostics from your device. In other countries or regions, optional analytics and diagnostics may be enabled by default unless you turn them off. You can change your choice at any time in the App’s Account settings.
Turning this setting off does not disable processing that is necessary to provide the Services, such as authentication, content delivery, media streaming, security, legal compliance, support communications you initiate, or server and content-delivery logs.
Your usage analytics choice is currently device-specific. If you use multiple devices, you may need to set your choice separately on each device. We may add account-level syncing of this preference in the future.
Account access, correction, and deletion. You can access and update certain account information in the App. You can request deletion of your account and related personal information, including via in-app account deletion where available, and you can also contact us for assistance.
Device-level controls. Your device operating system may allow you to limit certain data collection and permissions. Where we use third-party SDKs, you may also have choices via those providers’ controls.
Privacy Complaints
You may submit a privacy complaint or concern by contacting us at info@faithcomesbyhearing.com or by using the contact information listed above. Please include enough information for us to understand and respond to your concern, such as your name or preferred form of address, contact email, account email if different and relevant, country or region if you are making a request under a specific privacy law, and a brief description of the privacy concern or request. Please do not include passwords, payment card details, or unnecessary sensitive information.
We will review and respond to privacy complaints within applicable legal timeframes. If you are in the United Kingdom and are not satisfied with our response, you may have the right to contact the UK Information Commissioner’s Office. If you are in the EEA, you may have the right to contact your local data protection supervisory authority.
EEA/UK Rights (GDPR / UK GDPR)
Subject to conditions and exceptions, you may have rights to: access, rectification, erasure, restriction, portability, and to object to processing; and where processing is based on consent, you may withdraw consent.
You also have the right to lodge a complaint with your local supervisory authority (EEA) or the UK Information Commissioner’s Office. We encourage you to contact us first so we can try to resolve your concern.
U.S. State Privacy Rights
Depending on where you live and whether a particular law applies to us, you may have privacy rights under U.S. state privacy laws. These rights may include the right to know or access personal information, delete personal information, correct inaccurate personal information, receive a portable copy of personal information, opt out of certain processing, limit certain uses of sensitive personal information, withdraw consent, and appeal a decision we make about a privacy request.
No sale/share for cross-context behavioral advertising. We do not sell personal information and do not share personal information for cross-context behavioral advertising as those terms are used in applicable U.S. state privacy laws.
Sensitive information. Because Hosanna is a Bible, Scripture, ministry, audio, and video app, some information about your use of the App may be considered sensitive under certain laws when linked or reasonably linkable to a person, device, household, or account. We do not use this information for targeted advertising.
Notice at collection and retention criteria. We describe the categories collected, purposes, provider categories, and retention criteria in this Privacy Policy.
To submit a request, contact us at the email or mailing address listed above. If we deny your request and applicable law gives you a right to appeal, you may appeal by replying to our decision or contacting us with “Privacy Appeal” in the subject line.
Canada (PIPEDA)
PIPEDA generally provides individuals rights to understand how organizations collect/use/disclose personal information, and to request access and corrections, subject to exceptions.
Australia (Privacy Act 1988 / APPs)
Australia’s Privacy Act and Australian Privacy Principles (APPs) emphasize open and transparent management of personal information, and require entities covered by the Act to maintain an up-to-date privacy policy and handle personal information in accordance with APP requirements.
Brazil (LGPD)
Brazil’s LGPD defines “personal data” and also defines sensitive personal data, which includes data about religious belief, among other categories. Because this is a Bible, Scripture, ministry, audio, and video app, some information about your use of the App may be considered sensitive under LGPD when linked to an identified or identifiable person. We do not use such information for targeted advertising.
LGPD provides rights to data subjects and requires lawful bases and transparency. You may contact us to exercise rights.
India (DPDP Act 2023 and DPDP Rules)
India’s Digital Personal Data Protection Act, 2023 and related rules provide rights and obligations related to digital personal data, including rights that may include access to information about processing, correction, erasure, grievance redressal, and nomination, subject to applicable rules and exceptions.
We provide a grievance mechanism via the contact details listed above. You may also submit privacy complaints as described in the “Privacy Complaints” section.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make changes, we will update the “Last Updated” date above and, where required by law, provide additional notice or obtain consent.