Thank you for using BP Active! This Privacy Policy explains how we collect, use, store, and share your personal information when you access or use our applications and services ("Services"). We respect your privacy and are committed to protecting your data. By using the Services, you confirm that you have read and agreed to this Privacy Policy and that you are at least 16 years old or have obtained consent from your parent or legal guardian.
1. Information We Collect We may collect the following categories of personal data:
Contact Information – such as your email address, and other contact details you provide when registering or contacting us.
Device and Usage Information – such as IP address, device type, operating system, app activity, and diagnostics.
Quiz or Onboarding Data – responses to onboarding questions.
Cookies and Tracking Technologies – including analytics tools and advertising identifiers.
We may also request your permission to connect with Apple HealthKit and/or Google Fit to import specific health-related data, including but not limited to:
Activity levels and step count
These integrations are strictly optional and used solely to provide personalized insights, wellness trends, and features within the app. We do not access or process any health-related data without your explicit consent. The use of these integrations is subject to the respective privacy policies of Apple HealthKit and Google Fit. You can learn more about their policies here: http://www.apple.com/ios/health/, https://www.google.com/fit. We do not use any health-related data for advertising, marketing, or profiling purposes. Such data is never shared with advertisers or third-party marketing platforms. We do not collect precise location data or biometric data, unless explicitly provided by you. We also do not knowingly collect personal data from users under the age of 16.
2. How We Use Your Information We use your personal data for the following purposes:
To provide and operate the Services;
To personalize your experience and generate custom exercise plan;
To analyze your health and improve the Services;
To add new features and content based on aggregate usage data;
To communicate with you and send support or marketing messages (based on your preferences);
To provide essential data to third-party service providers integral to our Services;
To comply with legal obligations;
To ensure security and prevent fraud.
The legal bases for processing include your consent, performance of a contract, our legitimate interests, and compliance with legal obligations.
3. Sharing Your Information We may share your personal data with trusted third-party service providers who perform functions on our behalf and help us deliver, maintain, and improve the Services. These may include:
Hosting and infrastructure providers;
Analytics and performance monitoring tools;
Attribution services;
Payment processors.
All such providers are contractually bound to process your personal data in compliance with applicable data protection laws. We require them to implement appropriate technical and organizational measures to ensure the security and confidentiality of your data.
4. Data Security We use industry-standard security measures to protect your personal data, including encryption, secure transmission, and access controls. However, no method of transmission over the internet is entirely secure, and we cannot guarantee absolute security.
5. Your Rights Depending on your jurisdiction, you may have the right to:
Access the personal data we hold about you;
Request correction or deletion of your personal data;
Object to or restrict certain processing activities;
Withdraw consent where applicable.
To exercise your rights, please contact us at it@heartery.ai
6. Data Retention We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.
7. International Data Transfers Your personal data may be stored on servers in your country, in other local regions, or in the United States, where data protection laws may differ from those in your country of residence. By using the Services, you consent to such transfers.
8. California Privacy Rights (CCPA) Heartery does not serve ads or sell personal data for monetary compensation. However, we may provide Advertising IDs from your device to advertising partners. Under certain laws, including California law, the sharing of such identifiers may be considered a "sale" of Personal Information. You can opt out of such sharing by adjusting your device settings:
For Apple devices: Go to Settings > Privacy > Advertising and enable "Limit Ad Tracking."
For Android devices: Go to Settings > Google > Ads and enable "Opt out of Ads Personalization."
If you are a California resident, you have the right to request information about how we have collected and shared your personal information in the preceding 12 months. Specifically, you may request that we:
Disclose the categories of personal information collected;
Disclose the categories of sources from which we collected it;
Disclose the business or commercial purpose for collecting it;
Disclose the categories of third parties with whom we shared it;
Disclose specific pieces of your personal information that we collected;
Delete or correct your personal information.
You are also entitled to receive this information in a standardized, machine-readable format. We will not discriminate against you for exercising any of your rights under California law. To submit such requests, please contact us at it@heartery.ai
9. Rights under the GDPR (EEA Users) If you are located in the European Economic Area (EEA), we process your personal data in accordance with the General Data Protection Regulation (GDPR). Heartery does not serve ads, track users for marketing purposes, or share your personal data with advertisers. We collect only the data necessary to provide and improve the Services (such as quiz responses, device information, and usage data), and we do not use this data for profiling or targeted advertising. The legal bases for processing your data are:
Performance of a contract – when you use the Service and agree to our Terms.
Legitimate interests – such as maintaining and improving our application.
Consent – when you explicitly agree to share sensitive data (e.g. health information via Apple HealthKit or Google Fit). You may withdraw your consent at any time with future effect.
You have the following rights under GDPR:
To access, correct, or delete your personal data;
To restrict or object to certain types of processing;
To withdraw consent at any time.
To exercise your rights or raise a concern, please contact us at it@heartery.ai with the subject line: “GDPR Request”.
10. Changes to This Policy We may update this Privacy Policy from time to time. Significant changes will be posted on our website. Continued use of the Services after changes are made constitutes your acceptance of the revised policy.
11. Contact Us If you have any questions about this Privacy Policy, please contact us at: it@heartery.ai
