Google Play Data Safety: Verse Gardens
Last updated: January 1, 2026 App: Verse Gardens (Android) · Provider: Verse Gardens · Contact: versegardens@gmail.com
This document maps Verse Gardens' real data practices to the Google Play Console → App content → Data safety form so the developer can fill it in directly. It reflects the App's privacy-first design: no account/login, no Verse Gardens backend, most data on-device, and only non-identifying usage/diagnostic data shared with processors. Keep this in sync with Privacy Policy.
In Play's terminology: Collected = transmitted off the device. Shared = transferred to a third party. Data that stays on the device is NOT "collected" for the form. Verse Gardens' prayer content, transcript, bookmarks, and streak/garden data stay on-device → declare them NOT collected (note them as on-device in your store/privacy copy, not in the collection section).
1. Top-level answers
| Console question | Answer |
|---|---|
| Does your app collect or share any of the required user data types? | Yes |
| Is all of the user data collected by your app encrypted in transit? | Yes (all processor traffic over HTTPS/TLS) |
| Do you provide a way for users to request that their data is deleted? | Yes, in-app "Delete my data" + uninstall; email versegardens@gmail.com for processor-held data |
| Privacy policy URL | (host Privacy Policy at a public URL and enter it here) |
Account creation: the app has no accounts/login → in "Does your app allow users to create an account?" answer No (or, if asked about sign-in methods, none apply).
2. Data types: collected / shared matrix
For each row: Collected (sent off device), Shared (sent to a third party), Processing (ephemeral vs stored), Purposes, Optional/Required, and the user-facing data type to tick in the Console. Collected data is encrypted in transit for every row, and a deletion path exists for all (Section 4).
2.1 Personal info
| Console data type | Collected? | Shared? | Purposes | Optional? | Notes |
|---|---|---|---|---|---|
| Name | No | No | n/a | n/a | App never asks for a name. |
| Email address | No* | No | n/a | n/a | Not collected in-app. *Only if a user chooses to email support do we receive their email outside the app; this is not collection by the app and is generally not declared, but disclose support contact in your policy. |
| User IDs | Yes | Yes | App functionality (subscriptions); Analytics | Required (subscriptions) / part of analytics | Anonymous IDs only: RevenueCat anonymous app-user ID, a locally generated analytics/crash instance UUID. No login/account ID. |
| Address, Phone number, Race/ethnicity, Political/religious beliefs, Sexual orientation, Other personal info | No | No | n/a | n/a | Not collected. (The app's theme is faith, but we do not collect "religious beliefs" data about the user.) |
2.2 Financial info
| Console data type | Collected? | Shared? | Purposes | Optional? | Notes |
|---|---|---|---|---|---|
| Purchase history | Yes | Yes | App functionality (unlock/restore Plus, billing recovery) | Required if user subscribes | Subscription/entitlement state + Google Play purchase token via RevenueCat + Google Play Billing. |
| Payment info (card numbers) | No | No | n/a | n/a | Handled entirely by Google Play; Verse Gardens never sees card data. |
| Credit score, Other financial info | No | No | n/a | n/a | Not collected. |
2.3 Location
| Console data type | Collected? | Shared? | Notes |
|---|---|---|---|
| Approximate location | No | No | Not collected. |
| Precise location | No | No | Not collected. No location permissions. |
2.4 Messages, Photos/Videos, Audio, Files
| Console data type | Collected? | Shared? | Notes |
|---|---|---|---|
| Emails, SMS/MMS, Other in-app messages | No | No | Not collected. |
| Photos, Videos | No | No | Not collected. |
| Voice or sound recordings | No | No | Voice prayer is transcribed fully on-device (Vosk); audio is deleted immediately after transcription and never leaves the device. → NOT collected. |
| Music files, Other audio files | No | No | Not collected. |
| Files & docs | No | No | Prayer text/transcript stay on-device; export (e.g. PDF) is saved by the user locally → NOT collected. |
2.5 Health & fitness
| Console data type | Collected? | Shared? | Notes |
|---|---|---|---|
| Health info, Fitness info | No | No | Not collected. (Prayer streaks/garden are on-device habit data, not health data, and stay on-device.) |
2.6 App activity
| Console data type | Collected? | Shared? | Purposes | Optional? | Notes |
|---|---|---|---|---|---|
| App interactions | Yes | Yes | Analytics; App functionality | Optional (consent-gated in EEA/UK; can run without if declined) | Screen views, taps, feature/funnel usage, sent to Firebase/Google Analytics and Amplitude as counts, enums, booleans, and bucketed ranges only. No prayer content, names, or email. |
| In-app search history | No | No | n/a | n/a | Bible search stays on-device. |
| Installed apps, Other user-generated content, Other actions | No | No | n/a | n/a | Not collected. (Prayer text/answers are user content but stay on-device → not collected.) |
2.7 Web browsing
| Console data type | Collected? | Shared? | Notes |
|---|---|---|---|
| Web browsing history | No | No | Not collected. |
2.8 App info and performance
| Console data type | Collected? | Shared? | Purposes | Optional? | Notes |
|---|---|---|---|---|---|
| Crash logs | Yes | Yes | Analytics (crash diagnostics / app stability) | Optional, OFF until the user consents | Firebase Crashlytics; collection disabled by default, enabled only on opt-in. No prayer content/PII; anonymous instance ID + coarse breadcrumbs only. |
| Diagnostics | Yes | Yes | Analytics; App functionality | Optional | Performance/diagnostic signals tied to crash/analytics. |
| Other app performance data | No | No | n/a | n/a | n/a |
2.9 Device or other identifiers
| Console data type | Collected? | Shared? | Purposes | Optional? | Notes |
|---|---|---|---|---|---|
| Device or other IDs | Yes | Yes | Advertising or marketing; Analytics; App functionality | Required for ads to free users (consent-gated via UMP where required); subscribers see no ads | Android Advertising ID used by Google AdMob for non-subscribers; plus anonymous analytics/crash instance IDs. Subject to the UMP consent choice. |
3. Purpose mapping (tick these per data type)
Use only the purposes that genuinely apply:
- App functionality → User IDs, Purchase history, Device or other IDs (entitlement/ads plumbing).
- Analytics → App interactions, Crash logs, Diagnostics, User IDs, Device or other IDs.
- Advertising or marketing → Device or other IDs (AdMob advertising ID), and App interactions only to the extent used for ad measurement.
- Do NOT select: Account management (no accounts), Fraud prevention/security beyond the above, Personalization (we do not build cross-app user profiles), Developer communications, or any purpose the app does not actually serve.
Data sold: No. Verse Gardens does not sell user data.
"Shared" clarification: "Shared" here means transfer to the processors that run the app (Google / Firebase / AdMob / Play, Amplitude, RevenueCat) strictly to provide, analyze, monetize, and support the app. These are service providers acting on our behalf (or, for their platform functions, independent controllers under their own policies). Declare Shared = Yes for the rows above because data leaves to third parties.
4. Data handling practices (declare for the whole app)
| Practice | Answer |
|---|---|
| Encrypted in transit | Yes, all data sent to processors uses HTTPS/TLS. |
| Users can request deletion | Yes, in-app "Delete my data" erases on-device data; uninstall removes local data; device-backup deletion via the user's Google account; email versegardens@gmail.com to address processor-held analytics/crash/ad/subscription data. |
| Data deletion path provided | In-app + uninstall + email request. |
| Committed to Play Families Policy / target audience | App is general audience, not directed to children under 13. (Set Target Audience accordingly; do not opt into the Designed-for-Families program.) |
| Independent security review | Not claimed. |
5. Quick reference: what the app does NOT collect
To avoid over-declaring, confirm these are No / not collected: name, email (in-app), phone, address, precise or approximate location, contacts, photos/videos, voice/audio recordings (on-device only, deleted), health/fitness, SMS/messages, web browsing history, installed-apps list, and any prayer content / transcript / reflection text / bookmarks / streak data (all on-device, never transmitted).
6. Notes for the reviewer / developer
- Prayer content, voice transcript, bookmarks, streak/garden, and settings are on-device and are not declared as collected. If you later add cloud sync or a backend, you must update this form and the Privacy Policy.
- Android Auto Backup sends on-device data to the user's own Google account (encrypted, not to Verse Gardens). Play treats Auto Backup as a platform feature; it is not Verse Gardens "collecting" the data. Mention it in the Privacy Policy (done) rather than as app collection.
- Crashlytics is consent-gated (off by default), keep it declared as Optional.
- Ads are gated by UMP consent and entitlement (subscribers = no ads), keep advertising IDs declared but note the consent/optionality.
- Re-verify this matrix whenever an SDK (Amplitude, Firebase, AdMob, RevenueCat) is added, removed, or upgraded, since SDKs can change what they collect.