Privacy Policy — ElinPulse

Overview

This Privacy Policy describes how ElinPulse Solutions LLC ("ElinPulse," "we," "us," or "our") collects, uses, stores, and discloses information when you use the ElinPulse mobile application and related services (collectively, the "Platform").

By using the Platform, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the Platform.

ElinPulse is a software platform operated by ElinPulse Solutions LLC. ElinPulse Solutions LLC and ElinMed (Nyange Medical PLLC) are separate and independent legal entities. This Privacy Policy applies solely to ElinPulse Solutions LLC and the ElinPulse Platform. It does not govern any services, data practices, or privacy obligations of ElinMed or any other third party.

Information We Collect

Information You Provide Directly

Account registration details (name, email address, date of birth)
Health and cardiovascular data you manually enter, including blood pressure readings, heart rate, lipid panel values (including ApoB), symptoms, medication lists, sleep data, exercise logs, and body weight
Responses to in-app questionnaires and health intake forms
Communications you send to us, including support requests

Information Collected Automatically

Device identifiers, operating system version, app version, and crash diagnostics
Usage data, including features accessed, session duration, and navigation patterns
IP address and general geographic region (derived from IP, not GPS)

Health Data from Apple HealthKit

With your explicit permission, the ElinPulse app may access health and fitness data stored in Apple HealthKit, including heart rate, resting heart rate, blood pressure, HRV, sleep analysis, workout data, and step count.

HealthKit Data Commitment: ElinPulse does not use or disclose data gathered through the HealthKit framework to third parties for advertising, marketing, or other use-based data mining purposes.

HealthKit data is used exclusively to populate your cardiovascular dashboard, generate trend analytics, and produce clinical reports for your own use. You may revoke HealthKit access at any time through your device's Health app settings.

Data from Third-Party Wearable Integrations

If you choose to connect a wearable device or fitness platform (such as Garmin Connect, Fitbit, or Oura), we receive data from that service in accordance with their respective APIs and your authorization. We treat this data with the same protections as directly entered health data.

How We Use Your Information

We use the information we collect for the following purposes:

To operate, maintain, and improve the ElinPulse Platform
To generate your cardiovascular dashboard, risk scores (including ASCVD calculations), trend analytics, and doctor-ready PDF reports
To send you in-app notifications, reminders, and platform updates
To respond to your support requests and communications
To conduct internal analytics on aggregate, de-identified usage patterns to improve Platform features
To comply with applicable law and enforce our Terms of Service

We do not use your personal health data to train general-purpose machine learning models, sell advertising, or build behavioral profiles for marketing purposes.

Sharing and Disclosure

ElinPulse Solutions LLC does not sell your personal data or health information to any third party.

We may share your information in the following limited circumstances:

Service Providers

We engage third-party vendors who assist us in operating the Platform, including cloud infrastructure providers, authentication services, and analytics platforms. These providers are contractually prohibited from using your data for any purpose beyond providing services to ElinPulse and are required to maintain appropriate security standards.

With Your Explicit Consent

You may choose to generate and share a clinical PDF report from the Platform. When you do so, you control who receives that report. ElinPulse does not transmit your data to any healthcare provider on your behalf without your explicit action.

Legal Obligations

We may disclose information if required by law, subpoena, court order, or other government authority, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of ElinPulse, our users, or the public.

Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of ElinPulse Solutions LLC's assets, your information may be transferred as part of that transaction. You will be notified of any such change and your continued use of the Platform will constitute consent to the transfer.

Note on ElinMed: ElinMed (Nyange Medical PLLC) is a separate and independent legal entity from ElinPulse Solutions LLC. ElinPulse does not share your data with ElinMed automatically or as a result of using the Platform. Any engagement with ElinMed's clinical services — including physician consultations or echocardiography — is governed by ElinMed's own independent privacy practices, patient intake process, and HIPAA Notice of Privacy Practices. ElinPulse Solutions LLC is not responsible for, and makes no representations about, ElinMed's data practices.

Apple HealthKit — Specific Commitments

The ElinPulse app integrates with Apple's HealthKit framework. In compliance with Apple's developer guidelines and our own data commitments, the following specific restrictions apply to all data obtained through HealthKit:

No advertising use: ElinPulse does not use or disclose data gathered through the HealthKit framework to third parties for advertising, marketing, or other use-based data mining purposes.
No sale: HealthKit data will never be sold to data brokers, advertisers, or any third party.
No general analytics: HealthKit data is not shared with third-party analytics platforms for use in aggregate behavioral modeling.
User control: You may revoke HealthKit permissions at any time through iOS Settings → Privacy & Security → Health → ElinPulse.
Purpose limitation: HealthKit data is used solely to provide the cardiovascular tracking and reporting features of the Platform you have requested.

These commitments are in addition to, and not in lieu of, Apple's own HealthKit developer policies.

Data Security

ElinPulse implements industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These include:

Encryption of data in transit using TLS 1.2 or higher
Encryption of sensitive data at rest
Access controls limiting employee access to personal data on a need-to-know basis
Regular security assessments of our infrastructure and third-party service providers

No method of transmission over the internet or method of electronic storage is 100% secure. While we use commercially reasonable means to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your rights or freedoms, we will notify you in accordance with applicable law.

Data Retention

We retain your account data and health information for as long as your account is active or as needed to provide the Platform. If you delete your account, we will delete or de-identify your personal data within 30 days, except where retention is required by applicable law or legitimate business necessity (such as fraud prevention or legal defense).

You may request deletion of your data at any time by contacting us at the address below. Note that deleting your data will result in permanent loss of your cardiovascular history, reports, and any data not separately stored by you.

Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal data:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data, subject to legal retention requirements
Portability: Request your data in a portable, machine-readable format
Restriction: Request that we restrict processing of your data in certain circumstances
Objection: Object to certain types of processing, including profiling

To exercise any of these rights, contact us at privacy@elinpulse.com. We will respond within 30 days. We may require identity verification before fulfilling certain requests.

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to opt out of the sale of personal information. ElinPulse does not sell personal information.

Children's Privacy

The ElinPulse Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to delete that information promptly.

If you believe we may have inadvertently collected information from a minor, please contact us at privacy@elinpulse.com.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page and, where appropriate, by sending an in-app or email notification. Your continued use of the Platform after any changes constitutes acceptance of the revised policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact:

ElinPulse Solutions LLC
Email: privacy@elinpulse.com

This Privacy Policy governs only the ElinPulse Platform operated by ElinPulse Solutions LLC. For questions about ElinMed's clinical services, privacy practices, or HIPAA Notice of Privacy Practices, contact ElinMed directly through their own channels.