Update Date: January 30, 2026

Effective Date: January 30, 2026

Welcome to "PulseTender" (hereinafter referred to as "this App"). We take the privacy and protection of your personal information very seriously. This Privacy Policy aims to explain how we collect, use, store, and protect your personal information, as well as the rights you can exercise. Please read this Privacy Policy carefully before using this App, especially the bolded terms.

Scope of Application

This Privacy Policy applies to all personal information processing activities related to providing this App's services (including but not limited to mobile applications, web pages related to this App, or other online services) conducted through this App. If you do not agree with any content of this Privacy Policy, please stop downloading or using this App.

Terminology Definitions

  1. Personal Information/Personal Data: Refers to any information recorded electronically or by other means that can, alone or in combination with other information, identify a natural person.
  2. Sensitive Personal Information: Includes but is not limited to biometric information.
  3. Third Party: Refers to any organization or individual other than the developer or operator of this App.
  4. Tracking: Refers to the collection of user data across apps or websites for purposes such as targeted advertising, user profiling, etc.

Information We Collect and Collection Methods

Categories of Personal Information We May Collect or Use

  1. Device and Log Information: Device model, operating system version, device identifier (e.g., IDFV), error logs, operation logs, IP address, etc.
  2. Information Required for Functionality: Device sensor data, measurement timestamps.
  3. Health Data: Health-related data such as heart rate is collected via HealthKit or device sensors only after your explicit authorization.
  4. Photographed Images (Camera Photos): To provide the "AI Food Glycemic Index" function, you may take pictures of food using your device's camera.

Such images are used for local AI analysis and result generation. The analysis results are saved only locally on your device and will not be uploaded or shared without your explicit consent.

  1. Other: De-identified/aggregated data actively collected to improve the product or provide personalized services (which cannot identify an individual and will not be used to reconstruct user identity).

Collection Methods

  1. In accordance with relevant laws, regulations, and national standards, we may process your personal information under the following circumstances:

(1) With your consent;

(2) Necessary for concluding or performing a contract at your request;

(3) Necessary for fulfilling legal obligations, such as information required by laws and regulations related to anti-money laundering, counter-terrorist financing, anti-telecom network fraud, real-name management, etc.;

(4) Directly related to national security and national defense security;

(5) Necessary for responding to public health emergencies, or necessary for protecting the life, health, and property safety of natural persons in emergencies;

(6) Directly related to criminal investigation, prosecution, trial, and execution of judgments;

(7) The personal information is disclosed by yourself;

(8) Personal information collected from legally publicly disclosed information, e.g., through lawful news reports, government information disclosure, etc.;

(9) Necessary for maintaining the safe and stable operation of the services provided, e.g., discovering and handling product or service failures;

(10) Other circumstances stipulated by laws and regulations.

It is important to note that when the processing of your personal information falls under the aforementioned circumstances (2) to (10), we may not need to obtain your consent again as required by applicable laws and regulations.

  1. When you actively take photos, or input pictures, videos, or voice, we will request your authorization for camera, photo library, or microphone permissions based on the type of information you input. If you refuse authorization, you will not be able to take photos or input picture, video, or voice information, but this will not affect your use of other functions and services of this App. If the pictures you actively take or upload contain facial image materials, we will upload such materials containing facial images to the cloud for necessary processing according to your instructions. Please be assured that the aforementioned material content will only be stored for the purpose of providing this service, will not be shared with third parties, nor will it be used for other purposes such as identifying specific individuals or verifying personal identity.
  2. We are always committed to service innovation and upgrades to better meet your needs. As our service scope continues to expand, you may encounter some new services not specifically described in this policy. These services may be provided by us or selected third-party partners. In this process, if you explore and use the aforementioned new services, you understand and agree that we may need to collect some of your information to optimize your experience. For new services operated by us, if the service requires the collection of your personal information, we will clearly inform you of the specific scope, purpose, and use of the information collection through clear page prompts, intuitive interactive processes, and detailed terms. We promise that all information collection is based on the principles of legality, legitimacy, and necessity. We fully respect your right to choose. If you choose not to provide the information required for a certain new service, you may temporarily be unable to enjoy that service or part of its functions, but this will not affect your continued use of our other services. We encourage you to make choices based on your personal needs and preferences. For services provided to you by third-party partners, when you access these services, if a third party collects personal information from you, we recommend that you carefully read and understand the third party's privacy policy or agreement to ensure your rights and interests are fully protected. We are not responsible for the privacy policies or actions of third-party services, but we will continue to strive to select and recommend trustworthy partners.

Purposes of Data Use

We process your personal information only for the following purposes within a lawful, legitimate, and necessary scope, and when applicable, with your explicit consent:

  1. Providing and maintaining this App's functions (e.g., heart rate detection, historical records, trend analysis, and reminders);
  2. Improving product quality and user experience (function optimization, performance statistics);
  3. Complying with laws, regulations, or requirements from competent authorities;
  4. [Used for research or advertising only under the premise of your separate explicit authorization (only after your consent and completion of ATT authorization).]
  5. [After you use the "AI Food Glycemic Index" function and authorize camera access, our AI model will analyze the pictures you take on your device and generate estimated results (e.g., glycemic index estimates, etc.). The analysis results are saved only locally on your device and will not be sent to our servers or third-party servers unless you explicitly authorize otherwise.]

Regarding "Tracking" and App Tracking Transparency (ATT)

  1. If this App needs to perform cross-app/cross-website user identification or share data with data brokers for purposes such as advertising (i.e., "tracking"), we will use the App Tracking Transparency (ATT) framework to display a system authorization request on the device and will only conduct such behavior after you explicitly allow it. If you refuse authorization, this App will not perform such tracking behavior.
  2. This App will not compel you to use core functions or access basic services by requiring the enabling of push notifications, location access, tracking, or other system permissions.
  3. We will not use your data for cross-app advertising, user profiling, or similar tracking behaviors, nor share data with third parties, without obtaining ATT authorization.

Special Processing of Health Data

  1. Purpose Limitation: We use health data only to provide or improve this App's health management functions for you, or in specific research/service scenarios with your explicit consent. Unless we obtain your additional explicit consent in advance, we will not use health data for advertising or commercial marketing.
  2. The pictures you take and the AI-generated index estimates generally do not constitute "health data" as referred to in this section, but we still apply stricter protective measures to them, treating them according to the processing standards for health data, and will use them for additional purposes only with your explicit authorization.
  3. No Writing of False Data: We commit to not writing false or erroneous health data to HealthKit or other health platforms.
  4. Access Control: We only access the HealthKit data types necessary to implement this App's functions and obtain your explicit authorization via the system permission pop-up before access.
  5. We strictly comply with Apple's App Store Review Guidelines. Unless explicitly required by law, or to share with a service provider explicitly designated by you (e.g., your doctor) to provide you with core health functions with your additional separate authorization, we will never disclose, sell, or share your health data (including data such as heart rate collected via HealthKit APIs or device sensors) with any third party, especially advertisers, data brokers, or analytics platforms.
  6. We explicitly state: Unless you explicitly consent otherwise, this App will not use camera-captured images or AI-generated analysis results for advertising or user profiling.

Information Sharing and Third Parties

Sharing Circumstances

You agree that we may share your personal information with third parties under the following circumstances:

  1. Third Parties Necessary to Provide Services: e.g., analytics service providers, technical maintenance service providers.
  2. Legal, Regulatory, or Judicial Requirements: Disclosure when required by law or necessary to protect our or others' legitimate rights and interests.

Third-Party Service Explanation

If we use third-party services to process your data, we will clearly state the recipient or service type, processing purpose, shared data categories, and security measures in this Privacy Policy, and obtain your explicit consent before sharing. Any data sharing with third parties will not exceed the scope of your consent.

Our Selection of and Responsibility for Third Parties

For third-party service providers we select, we will make reasonable efforts to enter into contracts requiring them to protect users' personal information in accordance with the law and the terms of this Privacy Policy. For personal information breaches caused by the third party's own fault, we will pursue accountability according to applicable law and contractual obligations and assist you in safeguarding your rights.

Unless otherwise expressly agreed in this Privacy Policy or required by law, your photographed images and AI-generated analysis results will not be sent to any third party or used for advertising; we will also not synchronize such information to other public clouds unless you explicitly authorize it for a specific function, and we obtain your explicit consent and explain the purpose and encryption measures before uploading.

For the specific list of third-party SDKs / service suppliers, please refer to Appendix I.

Data Storage and Retention

  1. 1. We will retain your personal information for the period necessary to achieve the business purposes for which it was collected, or for the retention period stipulated by law.

2. Once it is no longer needed for the purposes stated at the time of collection, we will take steps to delete or anonymize it; if laws and regulations stipulate otherwise or if retention is necessary for legal obligations, dispute resolution, or fraud prevention, we will retain it until the statutory period is satisfied.

3. Localized Storage: To protect your sensitive information, all original health data is stored only locally on your device. We commit to not synchronizing or storing any personal health information to iCloud or other similar public cloud synchronization services. To enable cross-device data viewing (where applicable), we will synchronize and process end-to-end encrypted health data via our own servers only after obtaining your explicit, separate consent.

4. The pictures you take via the camera and the results generated by the on-device AI are saved only locally on your device by default; you can delete these pictures and analysis records within the App at any time. After deletion, we will clear the relevant files and caches from local storage.

Data Security

  1. We adopt security measures in line with industry standards (including transmission encryption, data-at-rest encryption, access control and auditing, principle of least privilege, etc.) to protect your personal information from unauthorized access, disclosure, alteration, or destruction.

Although we take appropriate measures, we cannot guarantee absolute security during information transmission and storage. In the event of a data security incident, we will take remedial measures as required by laws and regulations and report to regulatory authorities and affected users in a timely manner.

User Rights and Exercise Methods

You have the right to exercise the following rights within the limits permitted by law:

  1. Access and Correction: Inquire about the personal information we hold about you and request correction of inaccurate information.
  2. Withdrawal of Consent: For processing based on your consent, you may withdraw your consent at any time (withdrawal does not affect the legality of processing carried out before the withdrawal).
  3. Restriction or Objection to Processing: Under specific circumstances, you may request restriction of or object to the processing of your personal information.
  4. Data Portability: To the extent technically feasible and legally permitted, you may request a copy of your personal information in a commonly used format.
  5. Withdraw Camera Authorization: You can withdraw this App's camera permission in your device's system settings; withdrawal will not affect the lawful processing conducted before the withdrawal based on authorization but will prevent future functions of taking photos or analyzing pictures.

Protection of Minors

This App does not independently provide any [health services] to minors under the age of 18. We will collect and use the personal information of minors only after obtaining the consent of their guardians and in compliance with applicable laws and regulations. If we discover that we have collected a minor's personal information without guardian consent, we will take necessary measures such as deletion or cessation of use.

Cookies and Similar Technologies

This App or services used in conjunction with it may use technologies such as Cookies, LocalStorage, and mobile device identifiers to enhance service experience and conduct performance analysis. You can manage or reject these technologies in your device or browser settings (but rejection may affect the use of some functions).

Changes and Notifications

We may update this Privacy Policy from time to time to reflect legal, technical, or service changes. Material changes will be notified to you via in-app pop-ups or other appropriate means, and your consent will be obtained when necessary. You can determine the latest version by the "Update Date" at the top of this policy.

Dispute Resolution and Governing Law

This Privacy Policy and matters related to this App shall be governed by the laws of the People's Republic of China. Any dispute arising from or related to this Privacy Policy shall first be resolved through friendly negotiation between the parties. If negotiation fails, either party may submit the dispute to the Guangzhou Arbitration Commission for arbitration. The arbitral award shall be final and binding on both parties.

Miscellaneous

If you have questions, complaints, or need to exercise your rights regarding this Privacy Policy or personal information protection, please contact us through the following channels. We will respond within 15 working days:

  1. Customer Service Email: SXheartrate@outlook.com

Appendix I: List of Third-Party SDKs

Third-party Company Name: Sensors Data (Beijing) Technology Co., Ltd.

Type: Sensors Data SDK

Shared Information: Device Information

Purpose & Scene: To provide data analysis and data-driven insights to improve product quality and optimize user experience.

Official Website: https://manual.sensorsdata.cn/sa/docs/tech_sdk_client_privacy_policy/v0300

Third-party Company Name: Google LLC

Type: Google Gemini API

Shared Information: Uploaded food images and text descriptions (if any)

Purpose & Scene: To provide food composition and Glycemic Index (GI) analysis. The AI service processes your uploaded food information and text descriptions (if any) to generate analysis results. All data is encrypted during transmission and storage, used solely for the current analysis, deleted immediately upon task completion, and is not retained in the cloud.

Official Website:

https://cloud.google.com/terms/cloud-privacy-notice