Privacy Policy
Heartworks Pty Ltd ("Heartworks", "we", "our", or "us") respects your privacy. This Privacy Policy explains how ECG+ ("the App") handles information when you use the App.
Privacy at a glance
- No account, ever. ECG+ has no sign-up and no login. You open the app and use it.
- No personal details. We never ask for your name, your sex, or your age.
- Only what an ECG needs. With your permission, ECG+ reads your ECG recordings from Apple Health, plus symptom context that helps make sense of each one.
- Stays on your device. Your health data stays on your iPhone unless you choose a feature that needs the cloud (an AI explanation), and then only for that.
- Never sold, never for ads. We don't sell your data or use it for advertising.
1. No account, and only the access an ECG needs
You do not need an account to use ECG+. There is no sign-up, no login, and no user profile, nothing that identifies you personally.
With your permission, ECG+ only reads your ECG recordings from Apple Health to do its work, nothing else. From each recording, it takes:
- the ECG data itself, the voltage samples that form the waveform
- the recording's date and time
- the average heart rate saved with it
- the device's own rhythm classification (sinus rhythm, AFib, inconclusive, and so on)
Everything else the App shows you, premature beats (PAC/PVC), HRV, QT/QTc, and trends over time, it works out on your device from those samples. Symptoms, notes, and tags are things you choose to add yourself.
What ECG+ does not access: we do not ask for or read your name, your sex, or your date of birth, and we do not read any other category of data in Apple Health. ECG+ only reads the information above to analyze it.
2. How your information is used
We may use information handled by the App to:
- display your ECG, HRV, and related heart rhythm information inside the App
- generate charts, summaries, trends, and educational explanations
- support optional features you choose to use
- maintain, troubleshoot, and improve the App
- respond to support requests, bug reports, or feedback you send us
- comply with legal obligations where required
We do not use HealthKit data or information derived from it for advertising purposes.
3. On-device processing and data sharing
ECG+ is designed so that health information is handled as locally as possible on your device. Unless you actively choose to use a feature that sends information outside your device, your Apple Health and ECG-related data remain on your device.
Some optional features may require limited data transmission, for example:
- if you choose to contact support
- if you choose to sync, back up, restore, or transfer certain App content
- if you choose to use cloud-based explanation or assistance features
- if crash or error reports are sent to help us investigate technical problems
When a feature requires data to leave your device, that will only occur as needed for that feature and subject to the permissions, actions, and settings you choose.
4. What we do not do
- We do not sell your health information.
- We do not use HealthKit data for advertising or marketing profiling.
- We do not claim ownership of your Apple Health data.
- We do not provide medical diagnosis, treatment, or emergency monitoring through ECG+.
5. Third-party services
ECG+ uses third-party services for two purposes only:
- Google Crashlytics, for crash and error reporting, so we can find and fix technical problems in the App. It receives technical information about crashes and errors.
- AI services (for example, OpenAI GPT), behind the optional AI explanation feature. When you choose to use that feature, only the recording information needed to generate the explanation is sent to the AI service, and only for that purpose.
We use no other third-party services. Each provider handles only the limited information needed for its function and operates under its own terms and privacy policy, which we do not control.
6. Data retention
Information stored locally in the App generally remains on your device until you delete it, remove the App, or clear it through available App or device controls.
If you choose to send us information, use support channels, or use optional cloud-based features, related records may be retained for as long as reasonably necessary for support, security, legal, compliance, backup, or operational purposes.
7. Security
We use reasonable administrative, technical, and organizational measures intended to protect information handled by ECG+. No method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.
8. Your choices and controls
You can control ECG+'s access to Apple Health data through Apple's Health and privacy settings. Depending on how you use the App, you may also be able to:
- revoke Health access permissions
- delete App content stored on your device
- delete the App from your device
- choose whether or not to use optional cloud-based or support features
9. International use
If information is transmitted through optional online features, it may be processed in countries other than the one where you are located. By choosing to use those features, you understand that information may be transferred and processed in other jurisdictions, subject to applicable safeguards where required.
10. Children
ECG+ is not directed to children under the age at which personal data processing would require parental authorisation under applicable law. If you believe a child has provided personal information to us inappropriately, please contact us and we will review the matter.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. If we make changes, we will update the effective date above and may also provide additional notice within the App or on our website where appropriate.
12. Contact
If you have questions about this Privacy Policy or ECG+, please contact:
Heartworks Pty Ltd
Email: hello@heartworks.com.au
Website: www.heartworks.com.au