Privacy Policy

Privacy Policy

Last Updated: February 19, 2025

This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your information when you use our Service. It also explains your privacy rights and how the law protects you.

By using our Service, you agree to the collection and use of your information as described in this policy. We use your Personal Data to provide and enhance the Service.

Interpretation and Definitions

Interpretation

Terms with capitalized initial letters have specific meanings defined under the following conditions. These definitions apply whether the terms appear in singular or plural form.

Definitions

For the purposes of this Privacy Policy:

• You: The individual, company, or legal entity accessing or using the Service. Under the GDPR, you may be referred to as the Data Subject or User.
• Health Research Study: A study involving human participants aimed at advancing medical knowledge.
• Health Data: Includes blood pressure data (systolic, diastolic, pulse rate, weight) with timestamps and tags (e.g., "Before Breakfast"), as well as optional ECG data.
• Application: The software program named SmartBP, provided by the Company and downloaded on electronic devices.
• Affiliate: An entity that controls, is controlled by, or is under common control with the Company, where "control" means ownership of 50% or more of shares or voting rights.
• Account: A unique account created for you to access the Service.
• Service: Refers to the Application.
• Service Provider: A third-party entity or individual processing data on behalf of the Company. Under the GDPR, Service Providers are Data Processors.
• Personal Data: Information relating to an identified or identifiable individual. Under the GDPR, this includes names, identification numbers, location data, and other identifiers. Under the CCPA, it includes any information that can be linked to you.
• Device: Any device (e.g., computer, phone, tablet) used to access the Service.
• Usage Data: Data collected automatically, such as IP addresses, browser types, and page visit durations.
• Data Controller: Under the GDPR, the Company determines the purposes and means of processing Personal Data.
• Do Not Track (DNT): A mechanism promoted by US regulatory authorities to allow users to control online tracking.
• Business: Under the CCPA, the Company collects and processes Consumers' personal information.
• Consumer: Under the CCPA, a natural person who is a California resident.
• Sale: Under the CCPA, the transfer of personal information to another business or third party for monetary or other valuable consideration.

Collecting and Using Your Personal Data

Types of Data Collected

1. Personal Data:
2. While using the Service, we may ask for personally identifiable information, such as:
3. Email address
4. First and last name
5. Usage Data
6. Usage Data:
7. Collected automatically, including:
8. IP address
9. Browser type and version
10. Pages visited, time and date of visits, and time spent on pages
11. Device identifiers and diagnostic data
12. Health Research Studies:
13. We may partner with academic institutions or research centers to recruit participants for Health Research Studies. Your Usage Data may be used to determine eligibility, but participation is voluntary. Enrollment requires signing an Informed Consent form.
14. Health Data:
15. Optional SmartBP Cloud Sync service allows you to back up Health Data (e.g., blood pressure, ECG data) and access it across multiple devices.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

• To provide and maintain the Service
• To manage your Account
• To perform contractual obligations
• To contact you with updates, surveys, or promotional offers
• To enroll you in Health Research Studies
• To develop health-related products and services

Sharing Your Personal Data

We may share your information in the following situations:

• With Service Providers for monitoring, analysis, and payment processing
• During business transfers (e.g., mergers or acquisitions)
• With Affiliates and Business Partners
• With other users in public areas of the Service

Retention of Your Personal Data

We retain Personal Data only as long as necessary for the purposes outlined in this policy or to comply with legal obligations. Usage Data is retained for shorter periods unless required for security or functionality improvements.

Transfer of Your Personal Data

Your information may be processed and stored outside your jurisdiction. By using the Service, you consent to such transfers, provided adequate data protection measures are in place.

Disclosure of Your Personal Data

We may disclose your data:

• During business transactions (e.g., mergers)
• To comply with legal obligations or protect the Company’s rights
• To ensure the safety of users or the public

Security of Your Personal Data

While we implement reasonable security measures, no method of data transmission or storage is 100% secure. You are responsible for protecting your account credentials.

Third-Party Services

We use third-party services, such as AWS, Google Analytics, and Firebase, to enhance the Service. Their privacy policies govern their use of your data.

Compliance

We use services like Vanta, GDPR Local, and Termly to ensure compliance with HIPAA and GDPR.

Refund-Related Data Sharing

We may share limited anonymized information with Apple when a user requests a refund for an in-app purchase. This includes (but is not limited to) time since installation, usage duration, an anonymous account identifier, purchase consumption details, and transaction amounts, solely for the purpose of processing and verifying refund requests. No personally identifiable information is shared.

Contact Us

For questions about this Privacy Policy, contact us at:

esmeblume12@gmail.com

https://form.jotform.com/250492095203856

By using the Service, you acknowledge and agree to the terms of this Privacy Policy.