← Back to home

Privacy Policy

Last updated: May 22, 2026 · Version 1.0

1. Who we are (the data controller)

Sparrow is operated as part of the Bible Project initiative. For privacy matters contact hello@bibleproject.shop.

2. Data we collect

  • Account: parent email, password hash (or OAuth identifier from Google/Apple).
  • Child profile: first name, age/birthdate, preferred language and Bible version.
  • Progress: verses practised, scores, streaks, time on lessons.
  • Voice: short audio samples for pronunciation feedback (processed and discarded; not stored).
  • Contributions: amount, currency, Razorpay transaction IDs.
  • Support: messages you send us.
  • Technical: device type, IP-derived region, error logs.

3. Children's data

Sparrow is designed for children with parental supervision. Only a parent or legal guardian may create a child profile. We collect the minimum data needed for the lessons to work, never show ads, and never sell or share child data with third parties for marketing.

4. Lawful basis (GDPR)

  • Contract: to provide the service you signed up for.
  • Consent: for marketing emails and non-essential cookies/analytics.
  • Legitimate interest: to keep the service secure and improve it.
  • Legal obligation: tax/accounting records for contributions.

5. Processors we use

  • Lovable Cloud / Supabase — database, auth, file storage.
  • Lovable AI Gateway — verse explanations and translations.
  • ElevenLabs — text-to-speech voice readings.
  • Razorpay — payment processing for contributions.
  • Cloudflare — hosting and email delivery.

6. Retention

Account data is kept while your account is active. If you delete your account, all child profiles, sessions, and personal data are deleted within 30 days. Contribution amounts are retained for accounting purposes (typically 7 years) but stripped of identifying info.

7. Your rights (GDPR)

You can: access your data (Profile → Download my data), correct it (Profile → Edit), delete it (Profile → Delete my account), object to processing, withdraw consent at any time, and lodge a complaint with your local supervisory authority.

8. Cookies

We use essential cookies to keep you signed in. Analytics cookies are off by default and only enabled with your consent.

9. International transfers

Some processors are located outside the EU/UK. We rely on standard contractual clauses and adequacy decisions where required.

10. Changes

Material changes will be emailed and shown in the app.
TermsSupport