Legal Information

Privacy Policy

Hearth Connected Care Inc.

Effective Date: April 6, 2026

1. INTRODUCTION

Hearth Connected Care Inc. ("Hearth," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our connected home health monitoring platform, devices, mobile applications, and website (collectively, the "Services").

2. INFORMATION WE COLLECT

We collect information in several ways depending on how you interact with our Services:

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, mailing address, date of birth, and account credentials.
  • Health Information: Health conditions, medications, vital signs, activity levels, sleep patterns, and other health-related data you choose to share with us.

2.2 Information Collected from Devices

  • Biometric and Health Data: Heart rate, blood pressure, blood oxygen levels, temperature, weight, glucose levels, movement patterns, fall detection events, and other vital signs.
  • Environmental Data: Room temperature, humidity, air quality, noise levels, and lighting conditions in monitored areas.
  • Activity Data: Motion detection, sleep patterns, daily routines, medication adherence, and activity levels.
  • Device Information: Device identifiers, firmware versions, battery status, connectivity status, and diagnostic data.

2.3 Information Collected Automatically

  • Usage Data: Pages viewed, features used, time spent, click patterns, and interaction data.
  • Technical Data: IP address, browser type and version, operating system, device type, and mobile device identifiers.
  • Location Data: General location based on IP address; precise location only with your explicit consent.

2.4 Information from Third Parties

  • Healthcare providers who refer you to our Services or integrate with our platform.
  • Insurance companies or third-party payers.
  • Family members or caregivers authorized to manage your account.

3. HOW WE USE YOUR INFORMATION

3.1 Providing and Improving Services

  • Deliver and maintain our connected health monitoring Services.
  • Monitor health metrics and generate alerts for you and your designated caregivers.
  • Provide personalized health insights and recommendations.
  • Process transactions and send related information.

3.2 Safety and Emergency Response

  • Detect potential health emergencies such as falls or irregular vital signs.
  • Alert designated emergency contacts and caregivers.
  • Contact emergency services when necessary and authorized.

3.3 Research and Analytics

  • Conduct research to improve our Services and develop new features.
  • Analyze usage patterns to enhance user experience.
  • Generate anonymized, aggregate insights for healthcare research.

3.4 Communications

  • Send service-related notifications and alerts.
  • Provide updates about our Services, policies, and terms.
  • Send marketing communications (with your consent, where required).

3.5 Legal and Compliance

  • Comply with applicable laws, regulations, and legal processes.
  • Protect the rights, safety, and property of Hearth, our users, and the public.
  • Detect, prevent, and address fraud, security issues, or technical problems.

4. HOW WE SHARE YOUR INFORMATION

4.1 With Your Consent

  • Caregivers and Family Members: We share health data and alerts with individuals you designate.
  • Healthcare Providers: We share health data with your healthcare providers when you authorize such sharing.

4.2 Service Providers & Analytics

We share information with third-party vendors who perform services on our behalf, including cloud hosting, payment processing, customer support, and analytics. For example, with your consent, we use Google Analytics and Meta Pixel to understand site usage and advertising effectiveness. You can learn more about this in our Cookie Policy.

4.3 Legal Requirements

We may disclose your information when required by law or in response to court orders, subpoenas, or requests from government agencies.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4.5 De-identified and Aggregated Data

We may share de-identified or aggregated information for research, analytics, or other purposes.

5. HEALTH INFORMATION AND HIPAA

5.1 When HIPAA Applies

In certain circumstances, we may be considered a Business Associate under HIPAA. When HIPAA applies, we will enter into Business Associate Agreements and implement appropriate safeguards.

5.2 Consumer Health Information

When you use our Services directly (not through a healthcare provider), the same high standards of privacy and security apply.

5.3 Washington My Health My Data Act

For Washington state residents, we comply with the Washington My Health My Data Act, including obtaining consent before collecting or sharing consumer health data.

6. YOUR RIGHTS AND CHOICES

  • 6.1 Access and Portability: You have the right to access and request a copy of your personal data.
  • 6.2 Correction: You may request that we correct inaccurate or incomplete personal information.
  • 6.3 Deletion: You may request deletion of your personal information, subject to certain legal exceptions.
  • 6.4 Opt-Out Rights: You may opt out of marketing communications and manage cookie preferences via our Cookie Policy page. We also honor the Global Privacy Control (GPC) signal transmitted by your browser; if we detect this signal, we will automatically opt you out of non-essential tracking (Analytics and Advertising).
  • 6.5 California Privacy Rights (CCPA/CPRA): California residents have additional rights including the Right to Know, Right to Delete, and Right to Opt-Out of the sale or sharing of personal information.
  • 6.6 Other State Privacy Rights: Residents of CO, CT, UT, VA, and other states may have similar rights.

7. DATA SECURITY

We implement robust security measures including:

  • Encryption of data in transit (TLS/SSL) and at rest (AES-256).
  • Multi-factor authentication.
  • Regular security assessments and penetration testing.

8. DATA RETENTION

We retain your personal information for as long as necessary to provide Services, comply with legal obligations, and resolve disputes.

9. CHILDREN'S PRIVACY

For pediatric health monitoring, we require parental or guardian consent and provide enhanced protections in compliance with COPPA.

10. INTERNATIONAL DATA TRANSFERS

Hearth is based in the United States. By using our Services, you consent to the transfer of your information to the U.S.

12. CONTACT US

Email: privacy@hearthconnectedcare.com
Hearth Connected Care Inc., Attn: Privacy Officer

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the revised policy.