Privacy Policy

Introduction

Bible Run — Joseph’s Escape (“the App”) is developed by Betabox Labs LLC, a Florida limited liability company (“Betabox,” “we,” “us,” “our”). The App is intended for general audiences, including players age 9 and older, and is appropriate for family play. This Privacy Policy explains how we collect, use, and protect information when you use the App.

If you have questions about this policy, contact us at privacy@betaboxlabs.dev. We reply within 48 hours.

Information We Collect

Firebase Analytics. We use Firebase Analytics to measure gameplay sessions, level progress, and performance. By default we collect non-personalized event data only. In regions where the ePrivacy Directive or comparable law requires consent for SDK access to device identifiers, we request that consent via the Google User Messaging Platform (UMP) before Analytics operates with any device identifier.

Firebase Crashlytics. We use Crashlytics to diagnose crashes. It collects device model, operating system version, app version, and stack traces. No name, email, or account identifier is attached.

Firebase Remote Config. We use Remote Config to deliver configuration values (difficulty tuning, feature flags). Remote Config does not collect per-user data.

Firebase Cloud Messaging (FCM). If you accept push notifications, we use FCM to send occasional gameplay reminders (for example, daily challenge availability). FCM processes a device token that identifies your installation. You can disable push notifications in your device settings at any time.

Sentry. We use Sentry as a secondary crash and error reporting service. Sentry receives device model, OS version, app version, stack traces, and event breadcrumbs. Sentry may also receive the IP address of the device at the time of the error report. Sentry is contractually bound as our data processor.

Game Center / Google Play Games. If you opt in to Apple Game Center (iOS) or Google Play Games (Android), your username and score submissions are processed by Apple and Google respectively. Sign-in is optional and can be skipped.

We do not collect name, email address, phone number, precise location, contacts, photos, or microphone data.

Advertising

Non-personalized by default. We serve non-personalized ads through Google AdMob. Non-personalized ads use contextual signals (country, language, content category) and do not rely on a profile of you.

Personalized ads only after consent.In regions where consent is required (EEA, UK, Switzerland, California, and other opt-in jurisdictions), we present the Google UMP consent form. Personalized ads are served only if you grant explicit consent. You can change your choice at any time from the app’s settings.

Apple App Tracking Transparency.On iOS, we present Apple’s ATT prompt before any SDK is allowed to track you across apps and websites. If you decline, ads remain non-personalized regardless of UMP consent.

Content controls. We block 13 sensitive ad categories at the AdMob account level and cap all ad content ratings at G (General). See our Family-Safe Commitment for the full list.

In-App Purchases

The App offers optional in-app purchases (for example, “Remove Ads,” which also unlocks premium continuation credits). Transactions are processed by Apple App Store (iOS) or Google Play Billing (Android) and are subject to each platform’s terms. Betabox does not receive, store, or have access to your payment card, bank account, or billing address information.

Data Retention

We retain Firebase Analytics event data for 14 months (Google’s default) before it is aggregated or deleted. Crashlytics data is retained for 90 days. Sentry event data is retained for 90 days. Push notification tokens are retained until you uninstall the App or disable notifications. We do not maintain our own backend user database for the App.

International Data Transfers

The App processes data through Google (United States) and Sentry (United States or European Union, depending on routing). Where personal data of EEA, UK, or Swiss users is transferred outside those regions, transfers are made pursuant to the European Commission’s Standard Contractual Clauses and, where applicable, the EU–U.S. Data Privacy Framework.

Security

We do not operate our own servers for the App, so personal data stays on your device or with the processors named above. Those processors (Google, Apple, Sentry) encrypt data in transit using industry-standard TLS and at rest per their published security commitments.

Legal Bases (GDPR, UK GDPR, Swiss FADP)

Where the GDPR or UK GDPR applies, our lawful bases are:

• Consent for Firebase Analytics, Crashlytics, Cloud Messaging, Sentry, and personalized advertising where required by ePrivacy. You can withdraw consent at any time.
• Legitimate interest for fraud prevention and basic service operation.
• Performance of a contract for in-app purchases and core game functionality.

Your Rights

EEA / UK / Switzerland (GDPR / UK GDPR / FADP): access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

California (CCPA / CPRA): right to know, right to delete, right to correct, right to opt out of the sale and sharingof personal information, right to limit the use of sensitive personal information, and right to non-discrimination. We do not sell personal information. “Sharing” for cross-context behavioral advertising occurs only if you grant UMP consent for personalized ads.

Brazil (LGPD): access, correction, anonymization, portability, deletion, information about sharing, and revocation of consent.

Other U.S. states (Virginia, Colorado, Connecticut, Utah, Texas, and others with comprehensive privacy laws): rights substantially similar to the California list above.

To exercise any right, email privacy@betaboxlabs.dev. We respond within 48 hours and resolve verified requests within the statutory deadline (generally 30 days).

Children’s Privacy

The App is rated 9+ and marketed as family-appropriate. Although it is not directed at children under 13 as a primary audience, we treat it as a mixed-audience product:

• We do not knowingly collect personal information from children under 13.
• We enable Google AdMob’s “tag for under age of consent” (TFUA) and “tag for child-directed treatment” (TFCD) signals where applicable, which restricts Google’s data collection for users identified as minors.
• All users receive non-personalized advertising by default regardless of region, until a consent step is completed.

Parents who believe their child has provided personal information may email privacy@betaboxlabs.dev and we will delete it.

Third-Party Services

• Google Firebase — Analytics, Crashlytics, Remote Config, Cloud Messaging
• Google AdMob — Advertising
• Google Play Billing — Android in-app purchases
• Google Play Games Services — Leaderboards and achievements (Android)
• Apple App Store — iOS in-app purchases
• Apple Game Center — Leaderboards and achievements (iOS)
• Sentry — Crash and error reporting

Changes to This Policy

We will post updates on this page and revise the “Last updated” date. For material changes to data collection, we will notify you in-app before the change takes effect and, where required, obtain fresh consent.

Contact and Controller Information

Data controller: Betabox Labs LLC
Mailing address: 2875 S Orange Ave STE 500 #6705, ORLANDO, FL 32806
Privacy inquiries: privacy@betaboxlabs.dev