My Heart Diary | Simple health tracking that can be use for Heart Failure, caregiver and Clinician Sharing.

1. Introduction

Welcome to MyHeartDiary. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, and securely store your data in compliance with the UK General Data Protection Regulation (UK GDPR).

2. Who We Are

MyHeartDiary is a privately owned application acting as the Data Controller. Please note: We are an independent initiative and are not affiliated with the NHS or any specific NHS Trust.

Contact Email: Support@myheartdiary.co.uk

3. The Data We Collect

We collect information that you voluntarily provide when you register for the app. This includes:

Standard Personal Data: Name, email address, and account password.
Special Category Data (Health Data): Daily fluid intake, weight, blood pressure, heart rate, SpO2 levels, and self-reported symptoms (like fatigue or shortness of breath).

4. Our Lawful Basis for Processing

Under the UK GDPR, we must have a lawful basis to process your data:

Explicit Consent (Article 9): Because we collect health data, we rely on your explicit consent. You provide this consent when you tick the "I agree to the Privacy Policy" box during registration. You have the right to withdraw this consent at any time by deleting your account.
Contractual Necessity: We process your standard personal data (email/password) to provide the app's core services to you.

5. How We Store and Secure Your Data

Your data is stored securely using Google Firebase, a trusted cloud infrastructure provider. All data is encrypted both in transit (when sending it from your phone to our servers) and at rest (when it sits on the servers). Your data is primarily stored on servers located in the UK/European Economic Area.

6. Sharing Your Data

We do not sell your personal data to third parties. We only share data with service providers essential to running the app (such as Google Firebase for hosting and database storage). If you choose to use the "Share with my Doctor" feature, you take responsibility for securely transmitting your data to your chosen professional.

7. Your Data Rights

Under the UK GDPR, you have the right to:

Access: Request a copy of the data we hold about you.
Rectification: Correct any inaccurate data.
Erasure ("Right to be Forgotten"): Request that we delete all your data. You can do this at any time within the app's settings.
Withdraw Consent: Stop using the app and have your data removed.

8. Complaints

If you have concerns about how we handle your data, please contact us first at Support@myheartdiary.co.uk. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk.