CPCarePulse

Privacy Policy

Last updated: February 23, 2026

1. Introduction

CarePulse ("we," "our," or "us") provides a care coordination app that helps families track check-ins for loved ones. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

Account Information

When you create an account, we collect your email address and display name. You may optionally provide a profile photo.

Care Team Data

When you create or join a care team, we store team membership information, the display names of loved ones you add, and check-in records (including timestamps, method of check-in, and optional notes).

Device Information

To deliver push notifications, we collect your device's push notification token and platform type (iOS or Android). We also collect basic device information for crash reporting and analytics.

Usage Data

We may collect anonymous usage statistics to improve the Service, such as which features are used most frequently. This data is aggregated and cannot identify individual users.

Purchase Information

If you subscribe to CarePulse Embrace, your payment is processed entirely by Apple (App Store) or Google (Google Play). We do not collect or store your credit card information. We receive only a transaction identifier to verify your subscription status.

Health & Activity Data

CarePulse Embrace subscribers may optionally enable health monitoring for a loved one. When enabled, the CarePulse app reads health data from Apple HealthKit (iOS) or Google Health Connect (Android) to give caregivers helpful context about their loved one's daily well-being.

What we access (read-only):

  • Step count
  • Sleep duration
  • Resting heart rate
  • Fall events (iOS only — via Apple HealthKit)

What we store: Individual health samples (data type, value, and timestamp) are stored on our servers so caregivers can view them in the app. Health samples are automatically deleted after 90 days. We also store a "last active at" timestamp for the activity indicator displayed alongside the check-in heart.

How it's used: Health data is displayed to caregivers on the heart screen (e.g., "4,230 steps," "Slept 7h 23m," "62 bpm") to help them understand how their loved one is doing day-to-day. Activity data also adds context to push notifications (e.g., "no activity in 8 hours"). If fall detection is enabled and a fall event is detected on iOS, an immediate push notification is sent to all care team members. Health data does not replace manual check-ins and does not reset the check-in timer.

What we never do: Health data is never used for advertising, marketing, or data mining. It is never sold to or shared with third parties. It is never transferred to any entity outside of your care team. It is never used for diagnostic, treatment, or medical monitoring purposes.

The patient must grant explicit permission before any data is accessed. On iOS, this is via the HealthKit authorization prompt (revocable in Settings > Privacy & Security > Health > CarePulse). On Android, this is via the Health Connect permissions dialog (revocable in Settings > Health Connect > CarePulse). Revoking access immediately stops all health data collection.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Send push notifications about check-in alerts and team activity
  • Process and manage your subscription
  • Respond to your requests and support inquiries
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

We do not sell your personal information. We do not use your data for advertising. We do not share your data with third-party data brokers.

4. Data Sharing

We share information only in the following circumstances:

  • Within your care team: Team members can see check-in records, loved one names, and team membership for the teams they belong to.
  • Service providers: We use the following third-party services to operate the Service. Each provider is contractually obligated to protect your data and may only use it to provide services to us:
    • Supabase — hosting, database, and authentication
    • Expo (Expo Application Services) — push notification delivery
    • Sentry — crash reporting and error tracking (no personal data is sent; only anonymous device and error information)
  • Legal requirements: We may disclose your information if required by law, court order, or governmental authority.

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (TLS/HTTPS) and at rest
  • Row-level security policies on all database tables
  • Authenticated API access with JSON Web Tokens
  • Secure password hashing

While we strive to protect your information, no method of electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active, with the following automatic cleanup schedules:

  • Health samples (steps, sleep, heart rate, falls): automatically deleted after 90 days
  • Notification logs: automatically deleted after 30 days
  • Check-in records and care team data: retained as long as your account is active

If you delete your account, we permanently delete your profile, team memberships, and associated data within 30 days. Some data may be retained in encrypted backups for up to 90 days before being purged.

7. Your Rights

You have the right to:

  • Access your personal data stored in the Service
  • Correct inaccurate information via your profile settings
  • Delete your account and all associated data at any time from the app's Settings screen
  • Export your check-in history from the app's Timeline screen, or request a full data export by contacting us at the email below
  • Withdraw consent for push notifications via your device settings

If you are a resident of the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability and the right to lodge a complaint with a supervisory authority.

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to deletion, and the right to opt out of the sale of personal information. We do not sell personal information.

8. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

9. Not a Medical Service

CarePulse is a care coordination tool for families. It is not a medical device, healthcare provider, or HIPAA-covered entity. While the optional health monitoring features read data from Apple HealthKit and Google Health Connect (including steps, sleep, heart rate, and fall events), CarePulse does not diagnose, treat, or monitor medical conditions. Health data is provided to help caregivers understand their loved one's daily routine and make informed decisions about when to check in.

Fall detection alerts are a convenience feature that forwards fall events detected by the patient's device to their care team. They are not a substitute for dedicated medical alert systems, personal emergency response systems (PERS), or emergency services. Fall detection depends on the device's hardware and software capabilities and may not detect all falls.

The Service should not be used as a substitute for professional medical care, medical monitoring, or emergency services. If you believe someone is experiencing a medical emergency, call 911.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the app and updating the "Last updated" date above. Your continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

privacy@carepulseapp.com