Privacy PolicyEffective Date:April 12, 2026EKGSmart ( “EKGSmart,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, and protect information when you use the EKGSmart website, mobile application, and related services (collectively, the “Services”).
1. Information We Collect
We may collect the following categories of information:Information you provide directly* Name, email address, login credentials, and account details
* Profile information and preferences
* Support requests, messages, and other communications you send to us
* Notes, uploaded content, learning progress, quiz responses, and other information you choose to enter into the Services.
Health-related and clinical information*ECG/EKG tracings, rhythm interpretations, annotations, case information, educational responses, and related data related data you submit or review through the Services
* Information that may relate to a patient, provider, facility, or clinical workflow, to the extent you choose to upload, enter, or connect that information
Payment and Subscription information* Subscription status, transaction metadata, billing-related records, and purchase history* Payment card information may be collected and processed by third-party payment processors such as Apple, Google, Stripe, or other authorized users; we do not store full payment card numbers on our own servers unless expressly stated otherwiseAutomatically collected information
* Device type, browser type, operating system. IP address, app version, crash logs, usage logs, pages viewed, feature interactions, referral URLs, and diagnostic data*Website and app interaction data, including pages viewed, features used, and referral information* Cookies, local storage, analytic tools, SDK, and similar technologies used to operate and improve the ServicesCalifornia treats health information as sensitive personal information, and California law gives consumer rights including rights to know, delete, correct, and limit certain uses of sensitive personal information in applicable situations
2. How We Use InformationWe use information to:* Provide, operate, maintain, and improve the Services* Create and manage user accounts* Save user settings, study progress, interpretations, and app preferences* Support ECG/ EKG education, rhythm recognition tools, and clinical workflow features* Process subscriptions, billing renewals, refunds, and account access* Respond to customer service and technical support requests* Monitor performance, troubleshoot issues, detect fraud or misuse, and improve security* Comply with legal obligations and enforce our Terms, rights, and policies
3. Clinical and Health-Related UseEKGSmart may allow users to input, view, store, or transmit health-related or clinically relevant information. You are responsible for ensuring that you have all necessary rights, authorizations, and legal bases before submitting patient or third-party information into the Services.Unless expressly stated otherwise in writing, EKGSmart is intended to support education, workflow, and informational features. EKGSmart does not guarantee accuracy, does not replace independent clinical judgment, and is not a substitute for professional medical advice, diagnosis, or treatment
4. HIPAA NoticeEKGSmart is not represented as a HIPAA-covered entity or business associate unless expressly stated in a separate written statement. Users should not upload protected health information regulated by HIPAA unless and until an appropriate Business Associate Agreement is in place and EKGSmart has confirmed that the applicable HIPAA-enabled configuration is active.
5. How We Share InformationWe do not sell your personal information.We may share information:* With service providers that help us host, secure, maintain, analyze , support, or operate the Services* With payment processors to complete transactions*With analytics, infrastructure, authentication, communication, storage, and support providers acting on our behalf* To comply with law, regulation, subpoena, court order, or other legal process* To investigate, prevent, or address fraud, security incidents, or technical problems* To protect the rights, safety, property, users, or the public* In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to applicable law
6. Data RetentionWe retain personal information for as long as necessary to provide the Services, maintain accounts, complete transactions, comply with legal obligations, resolve disputes, enforce agreements, and protect our business and users.Retention periods may vary depending on the nature of the information, legal requirements, account status, and legitimate business needs.
7. Data SecurityWe use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, or alteration. However, no system is completely secure, and we cannot guarantee absolute security.
8. Security Incidents and NotificationsIf we determine that a security incident affecting your information requires notice under applicable law, we will provide notice as required by law.
9. Your Rights and ChoicesDepending on your location and applicable law, you may have the right to:* Access certain personal information* Request correction of inaccurate personal information* Request deletion of personal information* Request information about how your personal information is collected, used, or disclosed* Exercise other privacy rights available under applicable lawTo submit a privacy request, contact us at: [email protected]We may need to verify your identity before processing certain requests.
10. Cookies and Similar TechnologiesWe may use cookies, local storage, pixels, SDKs, and similar technologies to remember preferences, authenticate users, analyze usage, maintain security, and improve the Services. You may be able to manage certain settings through your browser or device.
11. Children’s PrivacyEKGSmart is not directed to children under 13, and we do not knowingly collect personal information from children under 13 without legally required consent. If you believe a child has provided personal information in violation of this Privacy policy, contact us and we will take appropriate steps.
12. International UsersIf you access the Services from outside the United States, your information may be transferred to and processed in the United States or other countries where we or our service providers operate.
13. Changes to This Privacy PolicyWe may update this Privacy Policy from time to time. When we do, we will update the Effective Date above. Your continued use of the Services after changes become effective means the updated Privacy Policy will apply to the extent permitted by law.
14. Data Sent to Third-Party AI ServiceEKGSmart uses OpenAI's API to interpret EKG/ECG rhythm strips. When you upload or photograph an EKG strip:- The image is transmitted to OpenAI for AI analysis.
- Only the EKG image is sent. We do not transmit your name, email. location, contact information, or any other personally identifying data.
- OpenAI processes the image to generate the rhythm interpretation.
- per OpenAI's API data usage policy, OpenAI does not use API data to train its models.
- Images are not stored on our servers after the analysis is complete.
- OpenAI provides data protection that is comparable to or stronger than our own. Their privacy policy is available at https:://openai.com/policies/privacy-policy
- You must affirmatively consent to this image processing on first launch. Without consent, the EKG analysis feature cannot function.You may stop using the analysis feature at any time by uninstalling the app. To withdraw consent, delete and reinstll the app, then decline the consent prompt.Last updated: April
15. Contact Us Email: [email protected]