

Content Moderation & Trust & Safety.
App Store Review Notes - rockreader.com - support@rockreader.com - v1.0 (June 7, 2026)
Overview
RockReader is a Bible journaling and small-group community for adults (13+). Users write private SOAP-method journal entries, optionally share short reflections (“posts” and “nuggets”), comment, react, follow other users, and join groups. Default visibility for every entry is private; users explicitly opt in to share.
Content types and default visibility
| Type | Default | Who can see | Moderation |
|---|---|---|---|
| Journal entries | Private | Author only (AES-256 encrypted at rest) | N/A - never public |
| Posts | Private | Author chooses: friends, group, or public | Pre + post |
| Nuggets | Public | Followers + public feed | Pre + post |
| Comments | - | Visible where the parent post is visible | Post + filter |
| Direct messages | Private | Sender + recipient only | On report |
Pre-publication filtering (automatic)
Images. Every uploaded image (avatars, post photos, verse cards, bug-report screenshots) is screened by Sightengine for nudity, sexual content, violence, gore, weapons, and offensive symbols before storage. Failed uploads are rejected with a clear user message.
Text. Posts, comments, nuggets, bios, and group names pass through a profanity word filter. Content that exceeds the threshold is blocked at submission with feedback to the user. The blocked-words list is maintained server-side and updated as needed.
Account creation. Email OTP verification is required before any content can be posted. Optional TOTP-based 2FA with recovery codes.
User reporting
Every post, comment, and nugget has a Report action available from the (...) menu. Reports capture: target type, target ID, reporter ID, reason (spam, harassment, hate, sexual, violence, self-harm, other), free-text detail (optional), and timestamp. Submitted reports immediately trigger an email to the moderation team via Resend.
Users can also report a user directly from their profile. All reports are persisted in the reports table with RLS limiting visibility to the reporter and moderators.
User-level safety tools
Block. Available on every profile and post menu. Blocks are reciprocal: blocked users cannot see or interact with the blocker anywhere on the platform - feed, profile, search, follows, comments, reactions, or direct messages. Blocks survive sign-out and apply across sessions.
Mute. A softer option: hides a user's content from the muter's feed without notifying the muted user. Comments-off. Authors can disable comments on individual posts.
Moderation team and response SLA
The RockReader founder (Kiel Harvey) personally reviews every report. Target response time: within 24 hours. Reports are triaged in the admin dashboard at /admin/reports, which shows queue length, age, reporter, target, reason, and detail. Available actions: dismiss, hide content, hide content and warn user, suspend user, or permanently ban user. Every action writes to the moderation_actions audit log.
Underage user protection
Terms of Service require a minimum age of 13. Users 13-17 must have parent/guardian consent. Accounts found to belong to anyone under 13 are removed immediately. The default-private journal design plus 1:1 reply-depth cap on comments are explicitly chosen to reduce risks common to open social networks.
Published contact information
- Email (moderation): support@rockreader.com
- In-app: Bug report button on every screen reaches the same team
- Legal entity: RockReader, Heber City, UT
- Privacy policy: rockreader.com/privacy
- Terms of service: rockreader.com/terms

