HeartSnap Privacy Policy

How HeartSnap stores, encrypts, and processes your heart-rate data.

Last updated: 26 April 2026

What HeartSnap uses

Storage and access

All HeartSnap-owned data — heart-rate readings, the optional state label, and your date of birth (if you choose to enter it) — is stored in your iCloud account's private database. HeartSnap does not have access to this data.

A copy of each heart-rate reading is also written to Apple Health on your device so that it appears alongside your other health data. HeartSnap never reads from Apple Health; the write is one-way.

Encryption

Your data is encrypted in transit and at rest. The state label associated with each reading and your date of birth are end-to-end encrypted using CloudKit's encrypted-values feature, which means they remain encrypted under your iCloud key even when Advanced Data Protection is off. Other fields (heart-rate value, timestamp, internal record IDs) are encrypted at rest under Apple-held keys; full end-to-end encryption for those requires Advanced Data Protection in your iCloud settings.

Lawful basis (EU/UK)

HeartSnap processes special-category data (heart-rate measurements, optional date of birth) under GDPR Art. 9(2)(a) — explicit consent. By tapping Save reading, you consent to processing the reading on your device and storing it in your iCloud account.

Uninstall behaviour

When you delete HeartSnap, iOS may ask whether you also want to delete your Health data. If you tap Delete, the heart-rate samples HeartSnap wrote to Apple Health are removed. Your HeartSnap-owned readings stored in your iCloud private database are unaffected and will return on reinstall.

You can also delete all HeartSnap-owned data from inside the app via Profile → Delete all my data. That action wipes the iCloud copy on every device signed into your Apple ID.

Contact

Questions about this policy: contact@robispan.eu.

← Back to robispan.eu