Privacy Policy

Last updated: August 4, 2025

1. Introduction

Life+ ("we," "our," "us") lets users measure heart-rate with the iPhone camera and, if they wish, read or write data through Apple HealthKit. By installing or using the App you confirm you have read and agree to this Privacy Policy.

2. Information We Collect

  • Functional data – heart-rate waveforms, calculated BPM and time-stamps generated during each measurement. These stay on your device unless you turn on iCloud sync.
  • HealthKit data (optional) – resting heart-rate, HRV, workouts and similar items. HealthKit data is never used for advertising and is never shared with third parties.
  • Device & analytics identifiers – IDFA, crash logs and coarse location sent to Firebase Crashlytics or Amplitude for product analytics under data-processing agreements; you may opt-out via iOS Settings › Privacy & Security › Tracking.
  • Contact information – e-mails you send to our support channel; retained only as long as needed to resolve your request.

No camera images or video ever leave your device; the raw signal is analysed locally and discarded after processing.

3. How & Why We Use Information

  • Provide core functionality and maintain our contract with you.
  • Improve stability, security and performance – our legitimate interest.
  • Send essential service messages or non-personalised marketing where you have given consent.
  • Comply with legal obligations and protect user safety.

4. Sharing & International Transfers

We never sell personal data. Limited, device-level identifiers are shared only with analytics vendors that apply ISO 27001-aligned safeguards and TLS 1.2 + encryption in transit. All servers are located in the United States.

5. Your Privacy Rights

  • EEA/UK users – right of access, rectification, erasure, restriction, portability, objection and automated-decision exemptions.
  • California residents – right to know, delete and opt-out of "sale or share" under the CCPA.
  • Everyone – withdraw consent at any time and lodge complaints with a supervisory authority.

6. Security Measures

We apply TLS 1.2 + for data in transit, AES-256 encryption for e-mail backups, least-privilege access controls and periodic penetration testing in line with ISO 27001 Annex A controls.

7. Children's Privacy

Life+ is not directed to anyone under 16, and we do not knowingly collect data from children under 13. If we learn that we have done so, we will delete the data promptly and, where required, notify parents and regulators.

8. Health-Breach Notification

If a breach compromises individually identifiable health data, we will notify affected users and the FTC within 10 business days, in line with the updated Health Breach Notification Rule.

9. Data Retention

Measurements remain on-device until you delete them or uninstall the App. Support e-mails and billing records are retained for up to six years for tax and audit purposes, then securely erased.

10. Changes & Contact

We may change this Policy; material updates will appear in-app and on lifeplus.app. For questions write to support@lifeplus.app.