Privacy Policy & Medical Disclaimer

1. Information We Collect

1.1 Personal Information

Account Information: When you create an account using Google Sign-In, we collect your name, email address, and Google profile picture
Profile Data: Username, display preferences, notification settings
Educational Progress: Lesson completion status, quiz scores, achievement unlocks, learning streaks
Communication Data: Support requests, feedback submissions, and correspondence

1.2 Usage and Technical Data

Device Information: Device type, operating system version, app version, device identifiers
Advertising Identifier: Anonymous advertising ID used for showing relevant ads (can be reset in device settings)
Usage Analytics: Session duration, feature usage, navigation patterns, performance metrics
Error and Crash Data: Technical logs for app stability and improvement
Firebase Analytics: Aggregated usage patterns and performance data

1.3 Educational Content Interaction

Learning Metrics: Time spent on lessons, quiz attempt patterns, difficulty preferences
Progress Tracking: Module completion, skill assessments, learning path navigation
Achievement Data: Badges earned, milestones reached, leaderboard positions

2. How We Use Your Information

2.1 Core App Functions

Provide personalized ECG learning experiences
Track and display your educational progress
Synchronize data across your devices
Enable achievement systems and gamification features
Customize content difficulty based on performance

2.2 Communication and Support

Send educational notifications and reminders (with consent)
Provide customer support and respond to inquiries
Share important app updates and policy changes
Send achievement celebrations and milestone notifications

2.3 App Improvement and Analytics

Analyze usage patterns to improve educational content
Identify and fix technical issues and bugs
Develop new features based on user behavior
Conduct A/B testing for user experience optimization
Generate anonymized research insights for educational effectiveness

3. Data Storage and Security

3.1 Security Measures

Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256
Firebase Security: Google Firebase provides enterprise-grade security infrastructure
Access Controls: Strict access controls limit who can view or modify your data
Regular Audits: We conduct regular security assessments and updates
Data Minimization: We only collect and store data necessary for app functionality

3.2 Data Storage Locations

Your data is stored on Google Firebase servers, which may be located in various countries including the United States and European Union. Google Firebase complies with international data protection standards.

4. Data Sharing and Third Parties

4.1 We DO NOT sell your personal information

E-pulsepoints does not sell, rent, or trade your personal information to third parties for monetary compensation.

4.2 Limited Sharing Scenarios

We may share your information only in the following circumstances:

With Your Consent: When you explicitly agree to share information
Service Providers: Trusted partners who help us operate the app (Google Firebase, Google Analytics)
Legal Compliance: When required by law, court order, or government request
Safety Protection: To protect our rights, property, or safety of users
Business Transfers: In case of merger, acquisition, or asset sale (with notice to users)

4.3 Third-Party Services

Google Firebase: Database, authentication, and hosting services
Google Analytics: App usage analytics (anonymized data)
Google Sign-In: Authentication service
Google AdMob: Mobile advertising platform (see Section 7 for details)

5. Your Rights and Choices

5.1 Account Control

Access: View all personal data we have about you
Correction: Update or correct inaccurate information
Deletion: Request complete account and data deletion
Export: Download your data in a portable format
Restriction: Limit how we process your data

5.2 Communication Preferences

Opt-out of push notifications in app settings
Unsubscribe from email communications
Adjust notification frequency and types

5.3 How to Exercise Your Rights

Contact us at epulsepoints@gmail.com with your request. We will respond within 30 days and verify your identity before processing requests.

6. Children's Privacy (COPPA Compliance)

6.1 Age Requirements

E-pulsepoints is designed for educational use and may be used by students under 13 in educational settings with proper supervision.

6.2 Parental Controls

We do not knowingly collect personal information from children under 13 without verifiable parental consent
Parents can request access, modification, or deletion of their child's information
Educational institutions may provide consent for classroom use
We collect only the minimum information necessary for educational functionality

6.3 Educational Use

When used in educational settings, schools and teachers are responsible for obtaining appropriate permissions and ensuring compliance with FERPA and other educational privacy laws.

7. Advertising

7.1 Mobile App Advertising

E-pulsepoints displays advertisements to support free educational content. We use Google AdMob, a third-party advertising service, to show relevant ads within the app.

7.2 Types of Ads Displayed

Banner Ads: Small ads displayed at the bottom of certain screens
Interstitial Ads: Full-screen ads shown at natural transition points
Rewarded Video Ads: Optional video ads that provide in-app rewards (extra hearts, bonus reels)

7.3 Ad Placements in the App

Ads may appear in the following locations:

ECG Simulator: After every 10 questions (timed mode) or 15 questions (practice mode)
Reels: After viewing 5 reels, and optional rewarded video for bonus reels
Community: Banner ad at bottom of screen, interstitial before creating 5th post
Algorithms Dashboard: After completing 3 quizzes
Lessons: After lesson completion (maximum 2 ads per lesson)
Heart Shop: Optional rewarded video to earn 1 free heart

7.4 Information Collected by AdMob

Google AdMob may collect and use the following information for advertising purposes:

Advertising ID: A unique identifier for advertising (can be reset in device settings)
Device Information: Device type, operating system, screen size
IP Address: For approximate location and fraud prevention
App Interactions: Ad views, clicks, and app usage patterns
Location Data: Approximate location (city/region) for relevant ads (if location permissions granted)

7.5 Ad Personalization

Google AdMob may use your data to show personalized ads based on your interests. You can control ad personalization through:

Android: Settings → Google → Ads → Opt out of Ads Personalization
Google Ad Settings: Visit https://adssettings.google.com to manage ad preferences
Reset Advertising ID: Settings → Google → Ads → Reset advertising ID

7.6 Third-Party Ad Partners

Google AdMob works with additional ad networks and partners who may also collect data. For more information:

Google Privacy Policy: https://policies.google.com/privacy
AdMob Data Usage: https://support.google.com/admob/answer/6128543
EU User Consent: https://support.google.com/admob/answer/10113207

7.7 Opting Out of Targeted Advertising

You can opt out of interest-based advertising through:

Device settings (as described above)
Network Advertising Initiative opt-out: http://www.networkadvertising.org/choices/
Digital Advertising Alliance opt-out: http://www.aboutads.info/choices/

Note: Opting out does not remove ads, but makes them less relevant to your interests.

7.8 Children and Advertising (COPPA Compliance)

For users under 13 years old, we use AdMob's Tag for Child-Directed Treatment (TFCD) to ensure ads are appropriate and comply with COPPA. This means:

No personalized ads for children
No collection of Advertising ID for children
Ads are family-friendly and age-appropriate
No remarketing or interest-based targeting for children

7.9 Ad Frequency and User Experience

We implement the following ad frequency controls to maintain educational quality:

Minimum Interval: 60 seconds between interstitial ads
Per-Lesson Limit: Maximum 2 ads per lesson
Natural Breaks: Ads shown only at natural transition points, never during active learning
Optional Rewards: Rewarded video ads are always optional (users can decline)

7.10 Ad Revenue and App Support

Advertising revenue helps us:

Provide free access to high-quality educational content
Maintain and improve app features
Create new lessons and interactive content
Keep the app free for students worldwide

8. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States. We ensure appropriate safeguards are in place:

Google Firebase complies with international data transfer requirements
We use Standard Contractual Clauses (SCCs) for EU data transfers
Data Protection Impact Assessments (DPIAs) are conducted when required

9. GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under GDPR:

8.1 Legal Basis for Processing

Consent: For optional features like notifications
Legitimate Interest: For app improvement and security
Contract Performance: For providing core app services

8.2 Additional GDPR Rights

Right to Object: Object to processing based on legitimate interests
Right to Data Portability: Receive your data in a structured format
Right to Withdraw Consent: Withdraw consent at any time
Right to Lodge a Complaint: File complaints with your local data protection authority

8.3 Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at: dpo@epulsepoints.com

10. CCPA Rights (California Users)

California residents have specific rights under the California Consumer Privacy Act (CCPA):

9.1 California Consumer Rights

Right to Know: What personal information we collect and how it's used
Right to Delete: Request deletion of personal information
Right to Opt-Out: Opt-out of sale of personal information (we don't sell data)
Right to Non-Discrimination: Equal service regardless of privacy choices

To exercise these rights, email us at epulsepoints@gmail.com with "California Privacy Request" in the subject line.

11. Cookies and Tracking Technologies

10.1 Types of Data Collected

Essential Data: Required for app functionality (login sessions, preferences)
Analytics Data: Firebase Analytics for app improvement (can be opted out)
Performance Data: Error tracking and performance monitoring

10.2 Managing Tracking

You can control tracking through:

App privacy settings
Device privacy controls
Google Analytics opt-out tools

12. Data Retention

11.1 Retention Periods

Account Data: Retained while your account is active
Learning Progress: Retained for 5 years after last activity or until deletion request
Analytics Data: Aggregated data retained for 26 months (Google Analytics standard)
Support Communications: Retained for 3 years for service improvement
Legal Requirements: Some data may be retained longer to comply with legal obligations

11.2 Data Deletion

When you delete your account, we will remove your personal information within 30 days, except where retention is required by law.

13. Legal Basis for Processing

We process your personal information based on:

Consent: For optional features like marketing communications
Contract: To provide the educational services you requested
Legitimate Interest: For security, fraud prevention, and app improvement
Legal Obligation: To comply with applicable laws and regulations

14. Limitations of Liability

EDUCATIONAL TOOL LIMITATIONS

13.1 No Medical Liability

E-pulsepoints is NOT responsible for any medical decisions made based on app content
The app does not replace professional medical training or certification programs
Users are responsible for seeking proper medical education and certification
We disclaim all liability for medical outcomes related to app usage

13.2 Educational Content Disclaimer

Content is provided "as is" without warranties of any kind
We do not guarantee the accuracy, completeness, or currency of educational materials
Users should verify information with authoritative medical sources
The app is not a substitute for formal medical education programs

13.3 Technical Limitations

We are not liable for technical issues, data loss, or app unavailability
Users should maintain their own backups of important data
Service interruptions may occur during maintenance or updates

15. Intellectual Property

14.1 Our Content

All educational content, including ECG tracings, quizzes, lessons, and app design, are protected by copyright and intellectual property laws. Users may not:

Reproduce, distribute, or sell app content
Create derivative works based on our educational materials
Use content for commercial purposes without permission
Reverse engineer or extract source code

14.2 User Data Rights

You retain ownership of your personal progress data and learning achievements. We do not claim ownership of your educational accomplishments or personal information.

16. Contact Information

15.1 General Inquiries

Email: epulsepoints@gmail.com
Website: https://app.ecgkid.com
Response Time: We aim to respond within 48 hours

15.2 Privacy-Specific Contacts

Privacy Officer: privacy@epulsepoints.com
Data Protection Officer (EU): dpo@epulsepoints.com
Security Issues: security@epulsepoints.com

15.3 Legal and Compliance

Legal Department: legal@epulsepoints.com
DMCA Agent: dmca@epulsepoints.com

15.4 Mailing Address

E-pulsepoints
Privacy Department
[Physical Address to be Updated]
Email: epulsepoints@gmail.com

17. Changes to This Policy

16.1 Policy Updates

We may update this Privacy Policy periodically to reflect:

Changes in our data practices
New features or services
Legal or regulatory requirements
Security enhancements

16.2 Notification of Changes

For material changes, we will provide notice through:

In-app notifications
Email notifications to registered users
Prominent notice on our website
Updated "Last Modified" date at the top of this policy

16.3 Continued Use

Your continued use of E-pulsepoints after policy changes constitutes acceptance of the updated terms. If you disagree with changes, please discontinue use and delete your account.