HeartSafeAlerts

Privacy Policy

HeartSafeAlerts Effective Date: January 16, 2025 Last Updated: January 16, 2025

Our Commitment to Your Privacy

HeartSafeAlerts is built on a simple principle: your health data belongs to you, and only you.

We don’t collect it. We don’t store it. We don’t share it. We don’t sell it. Your heart rate data stays on your device, period.

---

What Data We Access

HealthKit Data (Apple Watch Users)

When you grant permission, HeartSafeAlerts can read:

• Heart rate data only from Apple HealthKit

What we do with it:

• Process it in real-time on your iPhone
• Display it to you in the app
• Calculate session statistics (min/max/avg)
• Trigger alerts based on your thresholds

What we DON’T do with it:

• We don’t store it in a database
• We don’t send it to our servers (we don’t have servers)
• We don’t share it with third parties
• We don’t use it for analytics or tracking

How to revoke access: Settings → Privacy & Security → Health → HeartSafeAlerts → Turn off “Heart Rate”

Bluetooth Data (Bluetooth Monitor Users)

When connected to a Bluetooth heart rate monitor:

• Heart rate readings from your connected device

What we do with it:

• Process it in real-time on your iPhone
• Display it to you in the app
• Calculate session statistics
• Trigger alerts based on your thresholds

What we DON’T do with it:

• We don’t store it beyond the current session
• We don’t transmit it anywhere
• We don’t associate it with any personal identifiers

Device Permissions

Bluetooth:

• Used to scan for and connect to heart rate monitors
• Required for Bluetooth monitoring mode
• Can be revoked in iOS Settings → Bluetooth

Notifications:

• Used to send heart rate alerts when app is in background
• Optional—you can disable in app Settings
• Can be revoked in iOS Settings → Notifications → HeartSafeAlerts

---

What Data We Collect

Analytics and Usage Data

None. We don’t use analytics services. We don’t track how you use the app.

Crash Reports

None. We don’t automatically collect crash reports. If the app crashes, no data is sent to us.

Personal Information

None. We don’t require account creation for free features. We don’t ask for your name, email, or any personal information.

Location Data

None. We don’t access your location.

---

Data Storage

On Your Device

• Session statistics are calculated in real-time and displayed during your session
• User preferences (thresholds, alert settings, data source choice) are stored locally in iOS UserDefaults
• No health data is permanently stored on your device by HeartSafeAlerts

On Our Servers

We don’t have servers. All processing happens locally on your iPhone. Zero data leaves your device.

---

Future Feature: Care Circle (Premium)

When Care Circle launches (Q2 2025), users who opt into the premium subscription will be able to:

• Create an account
• Invite trusted contacts to their Care Circle
• Share heart rate alerts with circle members
• Send weekly health summaries

For Care Circle users, we will collect:

• Email address (for account creation)
• Circle member contact information (names, phone numbers, or email addresses you provide)
• Alert event data (when alerts are triggered and sent to your circle)
• Notification preferences

Care Circle data will:

• Be stored securely using Firebase with encryption
• Only be accessible by you and your designated circle members
• Be deletable at any time (delete your account = delete all data)
• Never be sold or shared with third parties
• Never be used for advertising or marketing

Care Circle is completely optional. Free features remain free and require no account or data collection.

---

Third-Party Services

Apple HealthKit

• Used only when you grant permission
• Governed by Apple’s privacy policies
• Data never leaves the HealthKit sandbox without your explicit consent

Apple Push Notification Service (APNs)

• Used to deliver background heart rate alerts
• Apple may log device tokens for delivery purposes
• Governed by Apple’s privacy policy

GitHub

• Used for open source repository, issue tracking, and documentation
• If you file an issue or contribute code, your GitHub username will be visible
• Governed by GitHub’s privacy policy

Future: Firebase (Care Circle Only)

• Will be used only for Care Circle premium features
• Authentication, database, and push notifications
• SOC 2 certified, GDPR compliant
• Governed by Google Firebase privacy policy

---

Your Rights

Right to Access

All your data is on your device. You have full access at all times.

Right to Delete

Uninstall the app. All local data is deleted.

For future Care Circle users: Delete your account in app settings. All cloud data is permanently deleted within 30 days.

Right to Revoke Permissions

iOS Settings → HeartSafeAlerts → Turn off any permission

Right to Data Portability

Currently not applicable (no stored data). For future Care Circle users: Export feature will be available in app settings.

---

Children’s Privacy

HeartSafeAlerts is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

If you believe a child under 13 has used the app and provided personal information (future Care Circle features), please contact us at bits@brownster.com and we will delete the information.

---

Changes to This Policy

We may update this Privacy Policy when launching new features (like Care Circle).

We will notify you by:

• Posting the new policy on this page
• Updating the “Last Updated” date
• For Care Circle users: In-app notification or email

Your continued use of the app after changes constitutes acceptance of the updated policy.

Major changes will require explicit consent before being applied to your account.

---

International Users

HeartSafeAlerts is available worldwide. Your data stays on your device regardless of your location.

For future Care Circle users:

• Data will be processed and stored in accordance with GDPR (Europe)
• Data will be processed and stored in accordance with CCPA (California)
• Data will be processed and stored in accordance with applicable privacy laws in your jurisdiction

---

Security

Current (Free Tier):

• All data processing happens locally on your device
• iOS security protections apply (device encryption, app sandboxing)
• No network transmission of health data

Future (Care Circle Premium):

• End-to-end encryption for sensitive data
• Firebase security rules for access control
• SOC 2 Type II compliant infrastructure
• Regular security audits

---

Open Source Transparency

HeartSafeAlerts is open source. You can inspect the code to verify our privacy claims:

GitHub Repository: https://github.com/brownsterbits/HeartSafeAlerts

What you can verify:

• No analytics libraries
• No tracking code
• Local-only health data processing
• No network requests for health data

We believe in transparency. If you find anything in the code that contradicts this privacy policy, please report it immediately.

---

Contact Us

Questions about privacy?

Email: bits@brownster.com GitHub Issues: https://github.com/brownsterbits/HeartSafeAlerts/issues

We typically respond within 48 hours.

---

Disclaimer

HeartSafeAlerts is not a medical device.

This app is not intended for medical diagnosis, treatment, or prevention of disease. The privacy protections described here apply to app functionality only. HeartSafeAlerts does not replace professional medical advice, monitoring, or care.

Always consult healthcare professionals for medical concerns.

---

Summary (TL;DR)

✅ Your health data stays on YOUR device ✅ We don’t collect, store, or share your heart rate data ✅ No analytics, no tracking, no data mining ✅ No account required for free features ✅ Open source for transparency ✅ Future Care Circle is optional and requires explicit consent ✅ You can delete everything by uninstalling the app

Your privacy is not negotiable.

---

HeartSafeAlerts Developed by Chad Brown Open Source: https://github.com/brownsterbits/HeartSafeAlerts Contact: bits@brownster.com

Last Updated: January 16, 2025