Hallow

Hallow

Hallow, Inc
Wi-Fi

Review date: May 9, 2022

|
|

Mozilla says

|
People voted: A little creepy

Hallow is a Catholic prayer and meditation app launched at the end of 2018. A $60 per year subscription (or $8.99 per month) gives users access to over 500 prayers, 3,500+ meditations, sleep Bible stories, music, sermons, and more. At the end of 2021, Hallow announced investor funding of over $50 million dollars from some big names in Silicon Valley venture capital, including Peter Thiel, who recently left Facebook/Meta's board to become more involved in politics, supporting candidates who align with Donald Trump's agenda. All in all, Hallow's privacy practices seem to be the best of the five pray apps we reviewed, although they do use users' data for marketing purposes. Hallow seems to particularly be fond of advertising on Facebook.

With prayer apps such a growing phenomenon, when Hallow founder Alex Jones was asked about their biggest competition in this space he responded, "in all honesty, if folks are ending up in heaven, we don't really care how they get there." Here's hoping an app can help get you to heaven.

What could happen if something goes wrong?

Credit where credit is due -- of the 32 app makers we emailed with our privacy questions when we began our research into mental health and prayer apps, Hallow is the only one who replied to us and quickly answered all our questions. Good work Hallow, we appreciate you!

So, how does Hallow's privacy practices look? They say they collect personal information, including name, email, phone number, gender (inferred based on your name), and IP address, as well as things like app usage data, prayer minutes, and the text of personal journal entries. Some of this personal data (not private sensitive personal data like your journal entries) they say they can use for targeted interest-based and behavioral advertising, which we don't love. And they do say they can share data with a number of third parties, including advertising and marketing partners which, again, we don't love.

When we first published our review of Hallow, we found they allowed the use of a relatively weak password. We were able to login with the password "111111". Since publishing our review, Hallow has updated their password requirement to require users to login with a strong password. This removed our *Privacy Not Included warning label. We appreciate Hallow taking this step to better secure their app. Hallow also says they will be adding text-message verification code sign up soon too, which is great, as we like two-factor authentication here at *Privacy Not Included.

What's the worst that could happen. Well, you could download and use Hallow and before you know it, you and all your friends and family now see targeted Hallow ads everywhere you go. Soon the guilt sets in that you're not using your Hallow prayer app enough because life got busy. Now you feel like you need to go ask your priest for forgiveness. Three Hail Mary's later and you're all good. Here's hoping that doesn't happen...or that really is the worst thing that happens.

Tips to protect yourself

Do not provide consent for sharing personal data with third parties, whenever possible.

Ensure you have a strong password! The app will not prompt you to do so.

  • mobile

Can it snoop on me? information

Camera

Device: N/A

App: No

Microphone

Device: N/A

App: No

Tracks location

Device: N/A

App: No

What can be used to sign up?

Apple or Google

What data does the company collect?

How does the company use this data?

Hallow says they do not sell personal data.

Hallow does use personal information to show you advertisements, including interest-based or online behavioral advertising. Hallow does share your data with third parties such as marketing and advertising partners

Hallow encrypts Private Sensitive Personal Data like journal entries or reflections, so that only you have access to that content.

Hallow does not sell, rent, or otherwise provide users’ Personal Data to any data brokers. Hallow does not share any Private Sensitive Personal Data with any Advertising Partners.

How can you control your data?

You may delete your full account and all data associated with it at any point. You can do so by going to the Delete My Account section in the app or on the website. At any time you may opt out of cookies and other tracking or exercise your other rights under the California Consumer Privacy Act and the General Data Protection Regulation.

They delete user data upon request or upon inactivity for 7 years.

What is the company’s known track record of protecting users’ data?

Average

No known privacy or security incidents discovered in the last 3 years.

Child Privacy Information

In no instance does Hallow sell any Personal Data of users that are a Child under the Age of Consent.

Can this product be used offline?

Yes

A user is able to download audio files to listen offline.

User-friendly privacy information?

No

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

All data is encrypted both in transit and at rest utilizing industry standard (e.g. AES-256). Additionally any private sensitive personal data such as journal entries are further encrypted in such a way that not even anyone at Hallow is able to access, only the user.

Strong password

No

Since we first published our review of Hallow where we found we could use the weak password '11111111', Hallow has updated their password requirements and now should require a strong password to login to the app.

Security updates

Yes

Manages vulnerabilities

Yes

Privacy policy

Yes

Does the product use AI? information

No

*Privacy Not Included

Dive Deeper

  • Hallow, a religious app for Catholics, talks the talk as religious platforms draw investor attention
    TechCrunch Link opens in a new tab
  • Hallow Earns iKeepSafe COPPA Safe Harbor
    iKeepSafe Link opens in a new tab
  • Nothing Sacred: These Apps Reserve The Right To Sell Your Prayers
    BuzzFeed News Link opens in a new tab
  • A Catholic app raised $52 million. But praying with your smartphone has its limits.
    America: The Jesuit Review Link opens in a new tab

Comments

Got a comment? Let us hear it.