CollieTrust Center

What Collie will never do

These are platform-level guardrails. They cannot be turned off by a church admin or unlocked by a paid tier. They are enforced in code, not in policy.

Never write a sermon.

Sermon Repurposing is transformation only — your existing audio becomes social posts, devotional emails, or small-group questions. Collie will not generate new sermon content, new exegesis, or new theological claims attributed to you.

Never process counseling or confessional content.

If you mention counseling sessions, confessions, confidential disclosures, or crisis content (suicide, self-harm, abuse), Collie refuses at the input layer. Nothing about that message reaches the AI model. The audit log records the refusal but never the content that triggered it. For crisis situations, please connect the person to professional help directly.

Never derive information about specific children.

Adults enter rosters; Collie does not summarize, classify, or generate from children's personal information. You can ask logistical questions (room assignments, sign-up counts) but not interpretive ones about individual minors.

Never auto-send to the outside world.

Every external action — email, calendar invite, social post, message — queues in your /pending inbox for explicit approval. There is no "let Collie handle it from here" mode in v1. You see the draft, you press Approve, and only then does the action go out.

Never treat financial data as writable.

Collie can read giving summaries and attendance trends to inform planning. It cannot create giving entries, generate tax receipts as new content, or modify any financial record. Tax documents are deterministic templates filled from your data, not AI- generated text.

How your data flows

  1. Your messages are stored in a Postgres database scoped to your church via Row-Level Security. Even with a bug in our code, another church cannot see your rows.
  2. AI calls run through Anthropic's Commercial API on a Zero-Data-Retention pathway. Your content is not used to train models.
  3. Voice memos are transcribed; both audio and transcript are kept in your church's storage until you delete them.
  4. Every approval, every external action, every refusal is logged in an append-only audit trail. We cannot edit it; you can export it.

Roles and access

Senior Pastor, XP, staff, and volunteers each have their own role with scoped permissions. You decide who sees what; we enforce it via JWT-claim row-level security at the database layer, not just the UI.

Questions?

We're a small team. If something here is unclear or you want to dig deeper before you trust us with your church's data, email michael@tribett.dev. Real human, fast reply.