Heart Squad Privacy Policy and HIPAA Notice of Privacy Practices

Effective Date: 7/1/2025

Heart Squad, Inc. (“Heart Squad,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal and health information. This Privacy Policy, together with our Notice of Privacy Practices under the Health Insurance Portability and Accountability Act (“HIPAA”), describes how we collect, use, store, and share your personal and protected health information (“PHI”) when you use the Heart Squad mobile application, website, and related services (“Services”).

By using the Services, you agree to this Privacy Policy and our HIPAA Notice of Privacy Practices. If you do not agree, please do not use the Services.

1. Information We Collect

We may collect:

Personal Information: name, email address, phone number, birthdate, gender, or other identifiers
Health Information (PHI): blood pressure readings, ECG data, heart rate, medical history, medications, and other data you choose to share
Device Information: IP address, operating system, hardware model, and device identifiers
Usage Data: interactions with the app, pages visited, and features used
Location Data: if you grant permission

2. HIPAA Notice of Privacy Practices

Heart Squad is committed to maintaining the privacy and security of your protected health information (PHI) in accordance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations.

How We Use and Disclose Your PHI

Provide you with our heart health monitoring services
Communicate with your designated healthcare providers if you authorize us
Support your treatment and coordinate care
Conduct healthcare operations, such as quality assessment, app performance improvement, or customer support
Comply with legal obligations and public health requirements
Prevent or lessen a serious and imminent threat to health or safety
Respond to law enforcement, regulatory, or legal process, as required by law

We will not use or disclose your PHI for marketing or sales purposes without your explicit written authorization.

Your HIPAA Rights

Access and receive a copy of your PHI
Request amendments to your PHI if you believe it is incorrect
Request restrictions on certain uses and disclosures of your PHI
Receive an accounting of disclosures
Request confidential communications
File a complaint with Heart Squad or with the U.S. Department of Health and Human Services Office for Civil Rights if you believe your privacy rights have been violated

To exercise any of these rights, please contact us at contactus@heartsquad.com.

3. How We Protect Your Data

We use administrative, physical, and technical safeguards, including encryption, secure servers, and role-based access controls, to protect your personal and health data. However, no system can guarantee absolute security. Please safeguard your account credentials.

4. Children’s Privacy

Our Services are not intended for children under 18. We do not knowingly collect information from minors. If you believe a child has provided us with personal information, please contact us so we can remove it.

5. Data Retention

We retain personal and health data as long as necessary to provide the Services or as required by law. You may request deletion of your data by contacting us at contactus@heartsquad.com.

6. Changes to This Policy

We may update this Privacy Policy and HIPAA Notice of Privacy Practices from time to time. We will notify you of material changes through the app or by email.

7. Contact Us

Heart Squad, Inc.

1601 North Sepulveda Blvd, #216

Manhattan Beach, CA 90266

contactus@heartsquad.com · (310) 939-7654

This page is provided for general information and does not constitute legal advice.