Privacy Policy

Date: March 25, 2025

1. Service Provider Statement

This Privacy Policy is formulated by PrivToolKit Limited (hereinafter referred to as "we") and applies to the "Heart Pulse" application (hereinafter referred to as "the App"). We implement stringent measures to protect the security of your personal information.

2. Personal Information Processing Rules

Processing Principles

We adhere to the principles of "Minimum Necessity" and "Informed Consent" and only process personal health data essential for the App’s core functionalities.

Data Categories

We collect the following health data voluntarily provided by you, including but not limited to:

• Basic physiological indicators (e.g., blood pressure, blood glucose levels)
• Health logs (e.g., symptoms, medication records)
• Device identification information (for local data encryption)

3. Data Processing

Your explicit consent is required for data storage and analysis. All data is stored locally on your device and not uploaded to any servers. You may delete or modify this data at any time. Data will be permanently erased upon uninstalling the App.

4. Purpose of Data Use

Health indicator dataTo realize the visualization function of health trends, we use on-device algorithms to perform local analysis on indicators such as blood pressure and blood sugar input by users, generate chart data and store it permanently on the user terminal, and the entire analysis process does not require network transmission.

Medication record management mechanism:Based on the iOS system-level clock service (ClockKit Framework), the medication record created by the user will trigger the local notification management module. The reminder function is executed offline through the device-side time trigger (Local Time-Based Triggers), and the relevant data life cycle is strictly bound to the application installation status.

Security-enhanced data storage:Device identification information uses a layered encryption strategy: first, an irreversible hash value is generated using the SHA-256 algorithm, and then a second encryption is performed using the secure key wrapping technology based on the Secure Enclave, ensuring that the original information cannot be restored even if the device is physically touched.

5. Data Storage and Transmission

• Storage Method
  Data is stored locally using iOS CoreData/SQLite technology, ensuring all information remains on your device.
• Encryption Standards
  We employ AES-256+GCM encryption, with keys protected by the Secure Enclave chip.

6. Data Sharing and Disclosure

We solemnly commit that:

• We will not share, transfer, or publicly disclose user health data with any third parties.
• We do not use data for commercial purposes such as advertising.
• We do not create user profiles or engage in automated decision-making.

7. User Rights

You are entitled to the following rights:

• Right to Access: View your data within the App at any time.
• Right to Rectification: Modify data directly via the editing interface.
• Right to Deletion: Delete data through system-provided operations.
• Data Erasure Upon Uninstallation: All data is permanently deleted when the App is uninstalled.

8. Special Provisions for Minors

• The App does not serve users under the age of 14.
• Guardians discovering minor usage should contact us immediately via customer support to initiate data deletion.

9. Policy Update Mechanism

Significant updates will be communicated through:

• In-app pop-up notifications
• App store version update descriptions

10. Dispute Resolution

For data security concerns, contact us via: [email protected]