Back to CardioCapture

Privacy Policy

Last Updated: January 22, 2026

1. Introduction

CardioCapture ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use the CardioCapture mobile application (the "App") and related services.

By using CardioCapture, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our App.

2. Information We Collect

2.1 Account Information

When you create an account, we may collect:

  • Name and email address
  • Profile information you choose to provide
  • Login credentials (stored securely using encryption)

2.2 Health and Fitness Data

With your explicit consent, CardioCapture collects and processes the following health and fitness data from connected wearable devices and platforms:

  • Heart Rate Data: Resting heart rate, active heart rate, heart rate zones, and heart rate variability (HRV)
  • Activity Data: Workout sessions, activity duration, calories burned, and exercise intensity
  • Performance Metrics: Training load, recovery metrics, and fitness trends

Important: We only collect the specific data types you authorize. You can review and modify these permissions at any time in your device settings or within the App.

2.3 Device and Usage Information

We automatically collect certain information when you use the App:

  • Device type, operating system, and app version
  • App usage patterns and feature interactions
  • Crash reports and performance data

3. Third-Party Integrations

CardioCapture integrates with third-party fitness platforms and wearable devices to sync your health data. When you connect these services, please note:

3.1 Garmin Connect

When you connect your Garmin account, your activity and health data is transferred from Garmin to CardioCapture. This data transfer is subject to Garmin's Privacy Policy for Garmin Connect. You must provide explicit consent before any data is transferred, and you can revoke this access at any time through the Garmin Connect app or website.

3.2 Apple HealthKit

If you choose to connect Apple HealthKit, data is accessed according to Apple's privacy guidelines. Health data obtained from HealthKit is:

  • Not used for advertising or marketing purposes
  • Not sold or shared with third parties for advertising
  • Only used to provide the core functionality of CardioCapture

Your HealthKit data is governed by Apple's Privacy Policy.

3.3 Google Health Connect

When you connect Google Health Connect, we access only the data types you explicitly authorize. This data is handled in accordance with Google's Privacy Policy and Health Connect's data access requirements.

3.4 Other Fitness Platforms

We may support additional fitness platforms and wearables. Each integration requires your explicit consent, and the respective platform's privacy policies will apply to data stored on those services.

4. How We Use Your Information

We use your information to:

  • Provide Core Services: Display your heart rate data, track fitness trends, and deliver personalized insights
  • Sync Data: Import and synchronize data from connected wearable devices and platforms
  • Improve the App: Analyze usage patterns to enhance features and fix issues
  • Communicate: Send service-related notifications and respond to your inquiries
  • Ensure Security: Protect against fraud, unauthorized access, and maintain service integrity

We do not:

  • Sell your personal or health data to third parties
  • Use your health data for advertising purposes
  • Share your data with third parties for their marketing purposes

5. Data Storage and Security

5.1 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication mechanisms
  • Regular security assessments and updates
  • Access controls limiting data access to authorized personnel

5.2 Data Storage Location

Your data may be stored and processed in secure data centers located in the United States or other jurisdictions. We ensure appropriate safeguards are in place for any international data transfers in compliance with applicable data protection laws.

6. Data Retention

We retain your personal information only for as long as necessary to:

  • Provide you with the services you requested
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

You may request deletion of your data at any time (see Section 8: Your Rights). Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

7. Data Sharing

We may share your information in the following limited circumstances:

Recipient Purpose
Service Providers Cloud hosting, analytics, and technical support (under strict data protection agreements)
Connected Platforms Only when you authorize data sync with platforms like Garmin, Apple Health, or Google Health Connect
Legal Requirements When required by law, court order, or to protect our legal rights

We do not sell, rent, or trade your personal information to third parties.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

8.1 All Users

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Withdraw Consent: Revoke previously granted permissions at any time
  • Data Portability: Request your data in a portable format

8.2 European Economic Area (EEA) Residents - GDPR

If you are in the EEA, you have additional rights under the General Data Protection Regulation (GDPR), including the right to object to processing and the right to lodge a complaint with a supervisory authority.

Legal Basis for Processing: We process your data based on your consent (for health data), contract performance (to provide our services), and legitimate interests (for service improvement and security).

8.3 California Residents - CCPA/CPRA

California residents have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know what personal information is collected
  • Right to request deletion of personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

To exercise any of these rights, please contact us using the information in Section 12.

9. Children's Privacy

CardioCapture is not intended for use by children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete the information.

10. Cookies and Tracking

Our App may use local storage and similar technologies to improve your experience. We do not use third-party advertising cookies or trackers. Any analytics we use are for improving our services and do not track you across other apps or websites.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Notify you via email or in-app notification
  • Request renewed consent where required by law

We encourage you to review this policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

CardioCapture

Email: roryduffydev@gmail.com

For data protection inquiries or to exercise your rights, please include "Privacy Request" in the subject line.

We will respond to your request within 30 days (or sooner as required by applicable law).

13. Third-Party Privacy Policies

For your reference, here are links to the privacy policies of our integrated platforms: