BeatCells Privacy Policy
Effective date: 2026-05-05 Last revised: 2026-06-27 (T-05 — refund sharing + feedback disclosure)
This is the canonical text source for the BeatCells privacy policy. The production policy URL (https://beatcells.com/privacy) is rendered from this document.
Summary (TL;DR)
- We collect the minimum data needed to run the game (account, purchases, scores, crash logs).
- We do not track you across other apps or websites — no ATT prompt, no third-party ad SDKs that join your data with other identifiers.
- You can delete your account from inside the app (Settings → Legal & Privacy → Delete Account). After a 14-day grace period your data is permanently removed.
What we collect
| Data | When | Linked to your account | Purpose |
|---|---|---|---|
| User ID (opaque UUID) | First launch | yes | Session + score sync |
| Display name | When set or imported from Apple/Google | yes | Leaderboards, social UI |
| Email address | If you sign in with Apple or Google | yes | Account recovery + provider login |
| Purchase history | When you make an in-app purchase | yes | Server-side receipt validation, refunds |
| Gameplay content | Each completed song | yes | Scores, leaderboards, anti-cheat |
| Crash diagnostics | On crash | no | App stability (self-hosted GlitchTip) |
| Other diagnostic data | Performance traces | no | Quality of service |
We never sell, rent, or trade personal data. We do not use third-party advertising SDKs.
Lawful bases for processing. We process your account, purchase, and gameplay data to perform our contract with you (providing the game and syncing your progress). We process aggregate analytics, crash diagnostics, and player feedback on the basis of our legitimate interest in maintaining, securing, and improving BeatCells.
Aggregate gameplay analytics. We collect aggregate gameplay events (such as game starts/completions, in-app purchases, and song unlocks) on our self-hosted infrastructure to understand how players use the game and improve the experience. These events are linked to your account identifier (a UUID), include the gameplay context (song, difficulty, score), and are stored for up to 365 days. We do not share this data with third parties, and we do not use it for cross-app advertising tracking. You may request deletion of this data along with your account.
Purchases & Refunds
In-app purchases are processed by Apple and are subject to the Apple Media Services Terms and Conditions. When you request a refund through Apple, we may share limited purchase-usage information — such as whether and how much of a purchase you used — with Apple to help process your refund request. We share this only to handle the refund and only with Apple.
Player Feedback
If you send feedback from inside the app, we collect the text you write along with your account identifier, app language, and app version. We use this to understand problems and improve the game (our legitimate interest in improving BeatCells). We may quote feedback publicly (for example in update notes) only after removing your identifier and any details that could identify you. Please avoid including personal details in feedback text. Feedback is kept until you delete your account (or up to 2 years, whichever is sooner).
Account Deletion & Data Retention
Initiating deletion
You can request deletion of your BeatCells account at any time from inside the app: Settings → Legal & Privacy → Delete Account.
Grace period (14 days)
After you confirm deletion, your account enters a 14-day grace period. During this window:
- Your refresh tokens are revoked (you are signed out from all other devices on next refresh).
- Game progress, scores, and purchases are retained but a "deletion pending" banner appears whenever you open Settings.
- You may cancel the deletion at any time by tapping "Cancel deletion" on the banner — your account immediately returns to normal.
After grace expires
Once 14 days have elapsed since your deletion request, BeatCells permanently removes:
- Your user profile (display name, providers, settings)
- All game session history and score records
- All in-app purchase records (your proof of purchase remains in your Apple ID / Google Play account — we cannot remove that)
- All anti-cheat audit data tied to your account
- All admin notes and tags
This deletion is irreversible.
What we retain after deletion
We retain de-identified aggregate metrics (e.g. total daily active users, operational reports) that contain no information identifying you personally. Anonymized financial records required for tax reporting are also retained per legal requirement.
Manual deletion request (no app access)
If you cannot access the app, email [email protected] with the email address associated with your account. We will process your request within 30 days.
Children
BeatCells is rated 4+ on the App Store. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected personal information from a child under 13, please contact us at [email protected] so we can delete it.
Where data is stored
- Game data + accounts: BeatCells-operated Postgres database hosted in the EU.
- Crash diagnostics: self-hosted GlitchTip instance, EU region.
- Backups: Cloudflare R2 (encrypted at rest), with daily / monthly retention.
We do not transfer your data to ad networks, analytics resellers, or third-party marketing platforms.
Your rights
Depending on your location (such as the EU/EEA), you may have the right to:
- Request a copy of your data (email [email protected])
- Request correction of inaccurate data
- Request deletion (in-app flow above is the fastest path)
- Object to processing for any non-essential purpose
- Withdraw consent at any time where we rely on your consent
- Lodge a complaint with your local data protection supervisory authority
We respond to requests within 30 days.
Changes to this policy
When we make material changes we will update the "Effective date" above and, where the change affects how we use your data, surface a one-time notice in the app on next launch. Continued use of the app after the effective date indicates acceptance of the revised policy.
Contact
BeatCells is operated by Zafer Genckaya, an independent developer, reachable at [email protected] — the data controller for the purposes of GDPR. For any privacy request (access, correction, deletion, or to lodge a complaint), email [email protected].