Privacy Policy

1. Introduction

Welcome to Beatrace ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information, especially your sensitive health data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services (collectively, the "Service").

By using Beatrace, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information

We collect information that identifies you as an individual:

• Name and email address
• Account credentials (encrypted)
• Profile information (age, gender, location)
• Device information and identifiers
• IP address and usage data

2.2 Health Data

With your explicit consent, we collect and process sensitive health information:

• Heart rate data (resting, average, maximum)
• Heart Rate Variability (HRV)
• Activity and exercise data
• Sleep patterns and quality metrics
• Health device integration data (Apple Health, Google Fit, etc.)

2.3 Automatically Collected Information

• Device type, operating system, and version
• App usage statistics and analytics
• Crash reports and diagnostic data
• Geographic location (with permission)

3. How We Use Your Information

We use the collected information for the following purposes:

• To provide and maintain our Service
• To calculate your cardiac fitness scores and rankings
• To display your position in global, country, and city leaderboards
• To provide personalized health insights and recommendations
• To improve and optimize our Service
• To communicate with you about your account and updates
• To detect, prevent, and address technical issues
• To comply with legal obligations

4. Data Sharing and Disclosure

4.1 We DO NOT Sell Your Data

We will never sell your personal information or health data to third parties for marketing or advertising purposes.

4.2 Limited Sharing

We may share your information only in the following circumstances:

• Service Providers: With trusted third-party service providers who assist in operating our Service (e.g., cloud hosting, analytics). These providers are contractually obligated to protect your data.
• Anonymized Rankings: Your ranking position and anonymized performance metrics may be visible to other users on leaderboards. Your name and identifiable information are never shared publicly without your explicit consent.
• Legal Requirements: When required by law, court order, or government regulation.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with advance notice to you.
• Your Consent: With your explicit permission for any other purpose.

5. Data Security

We implement industry-standard security measures to protect your information:

• End-to-end encryption for health data transmission
• Encrypted data storage using AES-256 encryption
• Secure authentication with JWT tokens
• Regular security audits and penetration testing
• Access controls and monitoring systems
• HTTPS/TLS for all data transmission

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Privacy Rights

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Deletion: Request deletion of your account and data
• Portability: Receive your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to certain data processing activities
• Withdraw Consent: Revoke permissions at any time

To exercise these rights, please contact us at privacy@beatrace.app

7. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. Specifically:

• Active account data is retained while your account is active
• Upon account deletion, personal data is removed within 30 days
• Anonymized aggregate data may be retained for analytical purposes
• Some data may be retained longer if required by law

8. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable law, including Standard Contractual Clauses approved by the European Commission.

10. Third-Party Services

Our Service may integrate with third-party services:

• Apple Health (HealthKit)
• Google Fit
• Fitbit, Garmin, Whoop, Oura, Polar, Samsung Health
• Payment processors (Stripe, Apple Pay, Google Pay)

These services have their own privacy policies. We recommend reviewing their policies before connecting your accounts.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Significant changes will be communicated via email or in-app notification. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

13. GDPR Compliance

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, please see our GDPR Compliance Page for additional information about your rights under the General Data Protection Regulation.