Privacy Policy

1. Overview

This Privacy Policy explains what data may be processed by Puls: Heart Rate Check & Tracker, how such data may be used, and what control options may be available to users.

The data controller for the purposes of applicable data protection law is PURR ENTERPRISES LIMITED. For privacy-related inquiries, contact us at contact@purrenterpriseslimited.com.

The app is designed to help users view and track heart rate-related and general wellness-related information for informational, wellness, and educational purposes. The app is not intended to diagnose, treat, cure, or prevent any disease, and it is not a substitute for professional medical advice.

We aim to be transparent about how the app works. Based on the current implementation known to us, the core processing of user data takes place locally on the user’s device.

2. Data We May Process

2.1. Health and wellness data

The app may process health- or wellness-related information, including:

heart rate, estimated using the device camera and photoplethysmography (PPG);
heart rate variability (HRV) metrics, including, where available, SDNN, RMSSD, pNN50, and similar derived HRV-related values;
calculated and derived wellness indicators, including stress, energy, health index, heart age, and similar app-generated estimates where available;
manually entered values, including blood pressure, SpO2, glucose, and other values the user may choose to log in the app.

For clarity, blood pressure, SpO2, glucose, and similar values are user-entered records unless the app expressly states otherwise.

To perform heart rate and HRV measurements, the App requires access to your device's camera, which functions as a light sensor to estimate heart rate using photoplethysmography (PPG). All images and signal data captured during the measurement process are processed locally on your device and are immediately deleted afterward. The App does not collect, store, or access any data from your camera roll.

2.2. Profile data entered by the user

Users may voluntarily enter and store profile-related information in the app, such as:

name,
age,
sex,
height,
weight.

This information may be used to personalize the user experience, display results, and support local calculations within the app.

2.3. Technical and usage data

Based on the current implementation known to us, the app does not send users’ health/wellness data or profile data to our own servers for core app functionality.

The app may use analytics- and attribution-related tools, including Amplitude, Firebase, Adjust, or similar services, to help us understand app performance, feature engagement, attribution, and general product usage. If such tools process personal data, device-related data, or identifiers, this Privacy Policy will be updated accordingly.

3. How Data Is Used

At this time, data may be used for the following purposes:

to provide the app’s core functionality;
to calculate and display wellness-related results;
to store measurement history on the user’s device;
to personalize calculations and the in-app experience locally;
to improve continuity and ease of use for returning users;
to understand app usage, performance, and feature engagement through analytics, where implemented.

We do not present the app’s results as a medical diagnosis, medical opinion, or clinical conclusion.

4. Where Data Is Processed and Stored

Based on the current version of the app:

user data is stored locally on the user’s device;
user health/wellness data is not sent to our own servers for core use of the app;
user profile data entered into the app is not sent to our own servers, based on the currently confirmed implementation;
we do not currently maintain a user cloud database for core health records unless the app expressly states otherwise in a later version or updated documentation.

This means that measurement history, manually entered values, and profile information generally remain in the device’s local storage unless:

the user deletes them manually,
the user deletes the app,
the operating system removes the data,
or the data is removed through device reset, cleanup, restore, or similar actions.

5. Sharing with Third Parties

We do not sell your personal information to anyone.

Based on the current version of the app:

we do not send users’ health/wellness data to our own servers as part of core app functionality;
we do not knowingly sell or share users’ locally stored health/wellness data or profile data with third parties for advertising purposes;

The App may use the following categories of third-party services for operational purposes:

Provider	Purpose	Privacy Policy
Amplitude	Product analytics	amplitude.com/privacy
Firebase	Analytics, crash reporting, performance monitoring	firebase.google.com/support/privacy
Adjust	Attribution analytics	adjust.com/terms/privacy-policy
Apple	Payment and subscription	apple.com/legal/privacy

These services may receive anonymous or device-level identifiers, usage data, attribution data, or similar technical information. They do not receive your health measurement data or profile data for their own purposes.

This table will be updated as specific services are implemented.

We may disclose information available to us where disclosure is reasonably necessary to comply with applicable law, a lawful request, a court order, a government request, a platform requirement, or to protect rights, safety, security, users, or the integrity of the service.

6. Analytics, Tracking, and Advertising

At this time:

the app is not currently described as ad-supported;
monetization is expected to be based on subscriptions rather than in-app advertising;
analytics and attribution tools may be implemented, including Amplitude, Firebase, Adjust, or similar tools.

Such tools may be used to help us understand:

app usage,
feature engagement,
product performance,
retention,
app stability and technical issues.

If specific analytics, attribution, crash reporting, or tracking tools are added or materially changed, we may update this Privacy Policy and any related app store disclosures as required.

7. Data Retention

Because the app currently stores core health and profile data locally on the user’s device, the retention period generally depends on the user’s own actions.

Data may remain stored:

while the user continues using the app;
until the user deletes individual measurements or records, where such functionality is available;
until the user deletes the app;
or until the data is removed through device-level or operating system-level actions.

If a future version of the app introduces server-side storage or synchronization, this Privacy Policy may be updated to explain the applicable retention periods.

8. User Control, Deletion, and Access

At this time, because user data is primarily stored locally on the device:

users may delete saved measurements or records within the app, where such functionality is available;
users may delete the app, after which locally stored data will generally no longer be available through the app;
deletion outcomes may also depend on device-level and platform-managed storage behavior.

If a user submits a lawful request and we actually possess limited information about that user through support, subscription, analytics, or similar operational systems, we may review and handle such information in accordance with applicable law.

9. User Account

Based on the current implementation known to us:

the app does not require a dedicated server-side user account for core functionality;
name, age, sex, height, and weight may be entered by the user within the app and stored locally on the device;
this information is used for local calculations, personalization, and usability.

If future versions of the app introduce account registration, cloud sync, or another form of user account infrastructure, this Privacy Policy may be updated accordingly.

10. Sensitive and Health-Related Data

We understand that heart rate data, HRV-related data, app-generated wellness scores, and manually entered records such as blood pressure, SpO2, and glucose may be considered sensitive by users.

For that reason, we aim to minimize unnecessary processing of such information and, based on the current design of the app, keep it stored locally on the user’s device rather than transmitting it to our own servers for core app functionality.

Users decide for themselves whether to:

use the app,
enter additional values manually,
store measurement history,
or delete such information later.

We are not a HIPAA-covered entity or business associate under the U.S. Health Insurance Portability and Accountability Act (HIPAA). The App is not subject to HIPAA requirements.

11. Children’s Privacy

Our application does not knowingly collect personal information from children under the age of 13. If you are under 13, please do not use our application or website. If we inadvertently collect personal information from a child under 13, we will delete the data from our systems. If you are a parent or guardian of a child under 13, please do not allow them to use our application or website. We also encourage minors who are 13 years of age or older to obtain permission from their parents before transmitting any information about themselves to anyone online.

12. Data Security

We seek to use reasonable technical and organizational measures to protect the app and user-related information.

However, no mobile app, device, operating system, storage system, or transmission method can be guaranteed to be completely secure.

Because the current version of the app primarily stores relevant user data locally on the device, security also depends in part on:

the security of the device itself,
device access controls,
passcode, Face ID, Touch ID, or similar safeguards,
and the security settings chosen by the user or provided by the platform.

13. International Data Transfers

Based on the currently confirmed architecture, users’ core health/wellness data and profile data are not transmitted to our own servers, so we do not currently describe operator-controlled international transfers of such data for core app functionality.

If future versions of the app introduce analytics platforms, subscription services, infrastructure providers, or other external services involving cross-border processing, we may update this document accordingly.

14. Rights of Users in the European Economic Area (EEA)

If you are located in the European Economic Area, the processing of your personal data is governed by the General Data Protection Regulation (GDPR).

Legal basis for processing:

Where the App processes personal data, the legal basis may include:

your consent (Article 6(1)(a) and Article 9(2)(a) GDPR), particularly for the processing of health-related data;
performance of a contract or steps taken at your request (Article 6(1)(b) GDPR);
our legitimate interests (Article 6(1)(f) GDPR), such as improving the App and ensuring its security, provided these interests are not overridden by your rights.

Your rights under the GDPR:

You may have the right to:

access your personal data;
rectify inaccurate personal data;
request erasure of your personal data;
restrict the processing of your personal data;
data portability;
object to the processing of your personal data;
withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Because your health and profile data is currently stored locally on your device and not transmitted to our servers, you can exercise control over that data directly within the App by viewing, modifying, or deleting it.

If you wish to lodge a complaint, you may contact the supervisory authority in your country of residence. The supervisory authority in Cyprus is the Commissioner for Personal Data Protection (dataprotection.gov.cy).

If you are located in the United Kingdom, you have similar rights under the UK General Data Protection Regulation (UK GDPR). You may lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

For privacy-related requests, contact us at contact@purrenterpriseslimited.com.

15. Rights of California Residents

If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

the right to know what personal information is collected about you;
the right to request deletion of your personal information;
the right to opt-out of the sale or sharing of your personal information;
the right to non-discrimination for exercising your privacy rights.

We do not sell or share your personal information for cross-context behavioral advertising purposes.

Because your health and profile data is stored locally on your device, you can delete it directly within the App or by uninstalling the App.

For requests or questions, contact us at contact@purrenterpriseslimited.com.

16. Rights of Users in Brazil

If you are located in Brazil, you may have rights under the Lei Geral de Proteção de Dados (LGPD), including the right to access, correct, anonymize, delete, and port your personal data, and the right to information about third parties with whom your data is shared.

Because your health and profile data is stored locally on your device, you can exercise control over it directly within the App by viewing, modifying, or deleting it.

For requests, contact us at contact@purrenterpriseslimited.com.

17. Rights of Users in Japan

If you are located in Japan, your health-related data may be considered "special care-required personal information" under the Act on the Protection of Personal Information (APPI). The App processes such data locally on your device with your consent. You may request disclosure, correction, or deletion of your personal information.

For requests, contact us at contact@purrenterpriseslimited.com.

18. Rights of Users in China

If you are located in mainland China, your personal information is processed in accordance with the Personal Information Protection Law (PIPL). Heart rate measurement data is processed locally on your device and is not transferred to external servers. The App requires your consent before processing biometric-related data through your device's camera. You may request access, correction, or deletion of your personal information.

For requests, contact us at contact@purrenterpriseslimited.com.

19. Rights of Users in Russia

If you are located in Russia, your personal data is processed in accordance with Federal Law No. 152-FZ on Personal Data. Your health measurement data is stored locally on your device and is not transferred to external servers. You may request access, correction, or deletion of your personal data.

For requests, contact us at contact@purrenterpriseslimited.com.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time, including when:

the app’s functionality changes;
subscriptions, analytics, or third-party SDKs are introduced, updated, or changed;
data handling practices change;
legal or app store requirements change.

The latest version of this Privacy Policy will be made available on the relevant page. Continued use of the app after an updated version becomes effective may constitute acceptance of the revised Policy to the extent permitted by applicable law.

21. Contact Information

For questions regarding this Privacy Policy, users may contact us at:

Service Operator: PURR ENTERPRISES LIMITED
Support Email: contact@purrenterpriseslimited.com