Privacy Policy

1. Introduction

CardiaX ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not download, register with, or use this Service.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Name and contact information (email address, phone number)
• Account credentials (username, password)
• Health and fitness data (heart rate, activity levels, medical information)
• Demographic information (age, gender)
• Communication preferences

2.2 Device and Usage Information

• Device identifiers (UDID, advertising ID)
• Device type, operating system, and version
• App usage statistics and performance data
• IP address and general location information
• Crash reports and error logs

2.3 Health Data

With your explicit consent, we may collect health and fitness data through device sensors, wearable devices, or manual input. This may include heart rate data, activity levels, sleep patterns, and other health metrics.

3. How We Use Your Information

We use your information for the following purposes:

• Provide, maintain, and improve our Service
• Process transactions and send related information
• Send administrative information and updates
• Respond to comments, questions, and customer service requests
• Monitor and analyze usage patterns and trends
• Personalize user experience and content
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations

4. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in:

• Cloud storage and data processing
• Analytics and performance monitoring
• Customer support services
• Payment processing

4.2 Legal Requirements

We may disclose your information if required by law or in good faith belief that such action is necessary to:

• Comply with legal process or government requests
• Protect our rights, property, or safety
• Protect the rights, property, or safety of our users or others
• Investigate potential violations of our terms of service

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Secure data storage and transmission protocols

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymize it.

Health data is typically retained for up to 7 years unless you request earlier deletion. Account information is retained until you delete your account or request data deletion.

7. Your Rights and Choices

7.1 Access and Control

You have the right to:

• Access your personal information
• Update or correct your information
• Delete your account and associated data
• Export your data in a portable format
• Opt-out of certain communications

7.2 GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under GDPR:

• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

7.3 CCPA Rights (California Users)

California residents have the right to:

• Know what personal information is collected
• Know whether personal information is sold or disclosed
• Say no to the sale of personal information
• Access personal information
• Delete personal information
• Equal service and price, even if you exercise your privacy rights

8. Tracking and Analytics

We use various technologies to collect information about your use of our Service, including cookies, web beacons, and mobile analytics software. We comply with Apple's App Tracking Transparency framework and will request your permission before tracking your data across other companies' apps and websites.

You can opt-out of tracking by adjusting your device settings or declining tracking permission when prompted.

9. Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will delete such information immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses and adequacy decisions.

11. Third-Party Services

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of this Privacy Policy.

For material changes, we will provide additional notice, such as sending an email notification or displaying a prominent notice within the Service.

13. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

For GDPR-related inquiries, please email: gdpr@cardiax.com

For CCPA-related inquiries, please email: ccpa@cardiax.com

14. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of [Your Jurisdiction], without regard to its conflict of law provisions.