Skip to content
SmartifyBPSmartifyBP logo

SmartifyBP Privacy Policy

Last updated:

SmartifyBP is designed with privacy at its core. We collect only the minimum data required to operate the app securely and effectively, and we intentionally separate account information from health data at all times.

This policy explains what we collect, why we collect it, how it is stored, and your rights under GDPR, UK-GDPR, and (where applicable) HIPAA.

1. Information We Collect

SmartifyBP processes three clearly separated categories of data:

  1. Account information (email)
  2. Personal identifiers stored only on your device
  3. Anonymized health and profile data stored on our servers

1.1 Email Address (Account Authentication)

We collect your email address to create and manage your SmartifyBP account. Authentication is handled securely using Supabase.

Your email address is:

  • Used only for login, account security, and support
  • Stored separately from health data
  • Never included in reports
  • Never used for advertising
  • Never shared with third parties

Your email is not linked to blood pressure readings or health analytics.

1.2 Personal Details Stored Only on Your Device

The following personal identifiers are stored locally on your device only, encrypted by iOS:

  • First name
  • Surname
  • Date of birth

SmartifyBP never receives or stores this information on its servers. These details are requested only because some healthcare providers require them when matching reports to patient records. They leave your device only if you choose to include them in an exported report.

1.3 Anonymized Health & Profile Data (Server-Stored)

The following data may be stored on our servers only under a random anonymized user ID:

  • Blood pressure readings
  • Heart rate (if captured with a reading)
  • Gender
  • Height
  • Weight
  • Date/time of measurement
  • Blood pressure classification labels

No personal identifiers (name, email, date of birth) are stored with this data. Even with full database access, an individual cannot be identified.

1.4 Blood Pressure Classification

Readings are classified using recognised clinical guidelines from:

  • British Heart Foundation (UK)
  • American Heart Association (US)

These classifications are informational only and not medical advice.

1.5 Optional Integrations (Apple Health)

If you enable Apple Health integration:

  • SmartifyBP writes readings to HealthKit only with your explicit permission
  • SmartifyBP does not read or collect Apple Health data unless permitted
  • No Apple Health data is transmitted to SmartifyBP servers

You may revoke permissions at any time in iOS settings.

2. How Data Is Used

We use anonymized data only to:

  • Display trends and summaries
  • Classify readings
  • Improve reliability and performance
  • Fix bugs and crashes

We do not:

  • Sell data
  • Use advertising SDKs
  • Build behavioural profiles
  • Track users across apps or websites

3. Reports & Sharing

  • Reports are generated locally on your device
  • You control what information is included
  • SmartifyBP does not receive, store, or view exported reports
  • All sharing actions occur on your device

4. Security Measures

We use industry-standard safeguards, including:

  • iOS Secure Enclave encryption for local data
  • Anonymization of server-stored data
  • Encrypted network connections (TLS/HTTPS)
  • Data minimisation practices
  • No third-party advertising or tracking SDKs

5. GDPR & UK-GDPR

Lawful Bases for Processing

  • Consent – optional profile data and integrations
  • Contractual necessity – providing app services
  • Legitimate interests – anonymized analytics and stability

Your Rights

You may request to:

  • Access anonymized data
  • Delete anonymized server data
  • Correct profile data
  • Withdraw consent
  • Export locally stored data
  • Lodge a complaint with your data authority

Contact: privacy@smartifybp.com

6. Children's Privacy

SmartifyBP is suitable for general audiences and is rated 4+ on the Apple App Store.

The app may be used by children with the involvement and supervision of a parent or legal guardian, for example when tracking blood pressure readings for family health purposes.

Date of birth, if entered, is:

  • Stored locally on the device only
  • Never transmitted to SmartifyBP servers
  • Used solely for inclusion in reports when required by healthcare providers

SmartifyBP does not:

  • Independently verify parental consent
  • Use age data for profiling or tracking
  • Store personal identifiers for children on its servers

All server-stored health data remains fully anonymized, regardless of the user's age.

Parents or guardians are responsible for:

  • Entering personal details
  • Managing reports and sharing
  • Supervising use of the app

If you have questions or concerns regarding a child's data, please contact: privacy@smartifybp.com

7. HIPAA (U.S.)

SmartifyBP is not a HIPAA Covered Entity or Business Associate.

We do not process identifiable PHI. All server-stored health data is anonymized, and personal identifiers never leave your device.

8. International Data Transfers

Server data may be stored outside your country.

Because all server-stored data is fully anonymized, these transfers do not constitute transfers of personal data under GDPR or UK-GDPR.

9. Changes to This Policy

We may update this policy from time to time. Updates will be reflected by revising the "Last updated" date.

10. Contact

You can contact the SmartifyBP Privacy Team directly on privacy@smartifybp.com