Privacy Policy
Last updated: October 2025
Your privacy is important to us. Heart is designed with privacy at its core. All heart rate and blood pressure measurements are processed on your device, and your data stays private by default.
1. Introduction
This Privacy Policy describes how Eda & Neva Apps (Kamil Kulekci) ("we," "us," or "our") collects, uses, and protects your information when you use the Heart mobile application (the "App").
We are committed to protecting your privacy and being transparent about our data practices. This policy explains what information we collect, how we use it, and your rights regarding your data.
2. Scope
This Privacy Policy applies to:
- The Heart mobile application for iOS
- All features and services provided within the App
- Data synced via iCloud (if enabled by you)
3. Information We Collect
3.1 Health and Wellness Data
When you use the App, we collect and store the following information locally on your device:
- Heart Rate Measurements: Heart rate (BPM), pulse rate variability (PRV), and related metrics measured using your device's camera
- Blood Pressure Data: Systolic and diastolic blood pressure values, measurement context (arm position, body position), and timestamps that you manually enter
- User Profile Information: Age, sex, height, weight, and activity level (used for calculating personalized health metrics)
- Session Data: Timestamps and duration of measurements
3.2 Camera Access
The App requires access to your device's camera to measure your heart rate using photoplethysmography (PPG) technology. The camera captures light variations from your fingertip to detect your pulse.
Important:
- Camera footage is processed in real-time on your device and is never saved, stored, or transmitted
- No photos or videos are captured or retained
- The camera is only active during active measurements
3.3 Technical and Analytics Data
We use Firebase Analytics and Firebase Crashlytics to improve the App's performance and user experience:
- Device Information: Device model, operating system version, app version
- Usage Analytics: App feature usage, session duration, screen views (anonymized)
- Crash Reports: Technical diagnostic information when the App crashes
Important: This data is collected anonymously and cannot be linked to you personally or to your health measurements.
3.4 Information We Do NOT Collect
- Personal identification information (name, email, phone number)
- Location data
- Contacts or photos from your device
- Information from other apps
- Advertising identifiers (we show no ads)
4. How We Use Your Information
4.1 On-Device Processing
All your health measurements and personal data are:
- Stored locally on your device using SwiftData
- Processed entirely on your device
- Never transmitted to our servers or any third-party servers (except iCloud if you enable sync)
4.2 Legal Bases for Processing
We process your information based on:
- Your Consent: You provide consent when you grant camera permissions and enter health data
- Legitimate Interest: To improve app performance, fix bugs, and enhance user experience through anonymous analytics
- Contract: To provide the services you expect from the App
5. Data Storage and Sync
5.1 Local Storage
All your health data is stored locally on your device using Apple's SwiftData framework. This data remains on your device and under your control.
5.2 iCloud Sync (Optional)
If you enable iCloud Sync in Settings:
- Your health data is synced to your private iCloud account
- Data is encrypted in transit and at rest using Apple's iCloud security
- We do not have access to your iCloud data
- You can disable sync at any time in Settings
- Synced data is subject to Apple's Privacy Policy
6. Sharing of Information
6.1 We Do Not Sell Your Data
We will never rent, sell, or share your personal health data with third parties for marketing or advertising purposes.
6.2 Service Providers
We use the following third-party service providers:
- Firebase (Google LLC): For anonymous analytics and crash reporting. Learn more at Firebase Privacy
- Apple iCloud: For optional data sync (only if you enable it). Learn more at Apple Privacy Policy
- RevenueCat: For future in-app purchase management (when subscription features are added). RevenueCat does not have access to your health data.
6.3 Legal Obligations
We may disclose information if required by law, court order, or governmental regulation, or if we believe in good faith that such disclosure is necessary to:
- Comply with legal obligations
- Protect our rights or property
- Prevent fraud or security issues
7. Data Security
We take data security seriously:
- All health data is stored locally on your device using iOS's secure storage mechanisms
- Your device is protected by your passcode, Face ID, or Touch ID
- If you enable iCloud sync, data is encrypted using Apple's encryption standards
- We use industry-standard security practices for our analytics services
However, no method of electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
8. Your Privacy Rights
8.1 Access and Control
You have complete control over your data:
- Access: All your data is visible within the App
- Delete: You can delete individual measurements or all data within the App
- Export: You can view all your historical data in the History section
- Disable Sync: You can turn off iCloud sync at any time in Settings
8.2 GDPR Rights (European Users)
If you are in the European Economic Area, you have the following rights:
- Right to Access: Request access to your personal data
- Right to Rectification: Correct inaccurate data
- Right to Erasure: Request deletion of your data
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time
8.3 California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information is collected
- Know whether your personal information is sold or disclosed
- Opt-out of the sale of personal information (we do not sell data)
- Request deletion of your personal information
- Non-discrimination for exercising your privacy rights
9. Children's Privacy
The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy in the App
- Updating the "Last updated" date at the top of this policy
- Providing in-app notification for material changes
Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.
11. International Data Transfers
Your data is primarily stored on your device. If you enable iCloud sync, your data may be transferred to and stored in Apple's data centers worldwide. Firebase analytics data may be processed in the United States.