💗 App My Heart
Feel the heartbeat of loved ones, anywhere
Privacy Policy
Effective Date: January 25, 2026
Last Updated: January 25, 2026
App My Heart ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
Our Core Principle: Your health data belongs to you. We only collect what's necessary to connect you with your loved ones, and we never sell your data.
1. Information We Collect
a) Information You Provide
- Account Information: Email address and password when you create an account
- Profile Information: Name, profile photo (optional), and connection preferences
- Connection Data: Information about family members or friends you connect with
b) Health Data
With your explicit permission, we access health data from:
- Apple HealthKit (iOS): Heart rate, heart rate variability (HRV), sleep data, workout data
- Google Health Connect (Android): Heart rate, sleep sessions, exercise data, steps
- Third-Party Wearables (with your authorization): Garmin, Fitbit, Samsung Health, Oura, Withings, Whoop, Polar
Important: We only access health data that you explicitly authorize. You can revoke access at any time through your device settings or the app.
c) Automatically Collected Information
- Device information (model, operating system version)
- App usage analytics (features used, session duration)
- Push notification tokens (for sending notifications)
2. How We Use Your Information
- Core Functionality: Share your heart rate and wellness status with your approved connections
- Notifications: Send alerts about your loved ones' health patterns (with consent)
- AI Insights: Generate personalized health summaries and pattern analysis
- App Improvement: Analyze usage patterns to improve features
- Support: Respond to your questions and provide customer service
3. Data Sharing
We Share Data With:
- Your Connections: People you explicitly approve can see your heart rate and mood status
- Service Providers: Firebase (Google) for authentication and data storage; OpenAI for AI-powered insights
- Wearable Partners: Only the authentication tokens needed to sync your data from Garmin, Fitbit, etc.
We Never:
- Sell your personal or health data to third parties
- Share your data with advertisers
- Use your health data for purposes other than app functionality
- Share your data without your explicit consent
4. Data Security
We implement industry-standard security measures:
- All data transmitted using TLS/SSL encryption
- Data stored in secure Firebase cloud infrastructure
- Authentication tokens encrypted at rest
- Regular security audits and updates
5. Data Retention
- Account Data: Retained while your account is active
- Health History: Stored for up to 1 year to enable trend analysis
- AI Insights: Retained for 90 days
You can request deletion of your data at any time (see Section 7).
6. Third-Party Services
Our app integrates with the following services, each with their own privacy policies:
7. Your Rights
You have the right to:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate data
- Deletion: Request deletion of your account and associated data
- Portability: Receive your data in a machine-readable format
- Withdraw Consent: Revoke health data access at any time
- Opt-Out: Disable notifications or specific features
To exercise these rights, contact us at the email below.
8. Children's Privacy
App My Heart is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.
9. International Data Transfers
Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers in compliance with applicable laws.
10. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. Your continued use of the app after changes constitutes acceptance of the updated policy.
11. California Privacy Rights (CCPA)
California residents have additional rights under the CCPA, including the right to know what personal information is collected, request deletion, and opt-out of data sales. We do not sell personal information.
12. European Privacy Rights (GDPR)
If you are in the European Economic Area, you have rights under GDPR including access, rectification, erasure, restriction of processing, data portability, and objection to processing. Our legal basis for processing is your consent and contractual necessity.