CalmBP Consumer Health Data Privacy Policy
This Consumer Health Data Privacy Policy is published by Double Door Media LLC ("CalmBP," "we," "us") in compliance with the Washington My Health My Data Act (RCW Ch. 19.373), the Nevada Consumer Health Data law (SB 370), the Connecticut Data Privacy Act's consumer-health-data amendments, and similar US state laws.
It applies in addition to our Privacy Policy. Where this Consumer Health Data Privacy Policy and our main Privacy Policy address the same subject, this policy controls with respect to consumer health data and your rights regarding that data.
For the purposes of this policy, "consumer health data" means personal information that is linked or reasonably linkable to a consumer and that identifies the consumer's past, present, or future physical or mental health status — including data that reveals or describes (a) bodily functions or vital signs (such as blood pressure or heart rate); (b) the use or purchase of medications or medical equipment; (c) sleep, exercise, or other activity related to health; or (d) any data processed to identify a consumer's health status or to derive health-related inferences from non-health information.
1. Categories of Consumer Health Data We Collect
We collect the following categories of consumer health data when you use the CalmBP App:
- Vital signs. Blood pressure (systolic and diastolic) and pulse, including the time at which each reading was taken and any notes or context tags you choose to add.
- Medications and adherence. The medications you have entered (name, dose description, reminder time, supplement designation), whether you have logged each scheduled dose as taken or skipped.
- Physical activity. Walks, runs, rides, and other exercise you log or that we read from Apple HealthKit (with your permission), including duration, type, and your stated mood after the activity. Daily step counts (with your permission) and an aggregate hourly activity-pattern derived from your step data on the premium tier.
- Sleep. Duration, quality, and source of each sleep record (manual entry or Apple HealthKit).
- Body composition. Weight you log or that we read from Apple HealthKit (with your permission).
- Diet and intake. Daily sodium-level rating, alcoholic drinks consumed, and caffeine servings consumed, if you choose to log them.
- Mood and context. Mood tags you assign to days or to specific readings (for example, "stressed," "anxious," "tired").
- Derived insights. Correlations and patterns we compute from your data and store for your reference (for example, "your average reading on walking days is X mmHg lower than on non-walking days").
We do not collect: location data; reproductive or sexual health data; mental health diagnostic information (we do not diagnose anything; the only mental-health-adjacent data we collect is the self-reported mood tags you choose to record); genetic or biometric identifiers; communications or social-graph data; inferences about your health derived from non-health data sources.
2. Sources of Consumer Health Data
We collect consumer health data from the following sources, all of which require your explicit consent:
| Source | What we receive |
|---|---|
| You, directly via the App | Manually entered BP readings, medications, walks, sleep, weight, intake, mood, notes, and context tags |
| Voice entry (on-device only) | A blood pressure reading parsed from text that your device transcribed locally using Apple's Speech Framework (iOS) or Android's SpeechRecognizer (Android). The audio recording never leaves your device — it is not sent to our servers, to Google, or to any other third party. |
| Cuff-display scans through Google's Gemini API (transient) | A BP reading extracted from a photo of your monitor's display. The image is processed in memory and never stored. |
| Apple HealthKit / Health Connect (with your per-category permission) | BP, sleep, weight, walks, and step counts you have authorized us to read |
| Bluetooth blood pressure monitors connected to your device | Only via HealthKit; we never communicate directly with monitor hardware |
We do not collect consumer health data from any data broker, advertising network, or third-party source other than the ones you explicitly authorize.
3. How We Use Consumer Health Data
We use consumer health data only for the following purposes, all of which are strictly necessary to provide you the services you have requested:
- Display your readings, trends, and history in the App.
- Generate reminders, walk nudges, and other notifications that you have opted in to.
- Compute correlations within your own data (for example, comparing your readings on walking days versus non-walking days).
- Generate the plain-language description of each insight using Google's Gemini API, sending only anonymized correlation summaries — never your name, your email, your identity, or any data point in a way that links back to you outside our systems.
- Permit you to export your data to share with your doctor.
- Sync your data across your devices (premium tier).
We do not use consumer health data: to show you advertising or build any advertising profile; to make automated decisions that produce legal or similarly significant effects about you; to train any third-party general-purpose AI model; for any purpose unrelated to the wellness features you have specifically asked us to provide.
Specifically, we do not use your consumer health data, the photos you submit through cuff-display scan, or any output derived from them to train Google's Gemini models or any other AI system. Google's published API terms prohibit them from using paid-tier API content for model training, and we have not consented to any other use of your data for AI development. (Voice entry never reaches Gemini — transcription happens on your device.)
4. Categories of Consumer Health Data We Share, and With Whom
We share consumer health data only with the limited set of service providers below, only as needed for them to operate the service on our behalf, and only under written contractual terms that prohibit them from using the data for any other purpose:
| Service provider | Categories shared | Purpose |
|---|---|---|
| Supabase, Inc. (database + auth, US) | All categories listed in Section 1 — for premium-tier users only. For free-tier users, we store nothing on Supabase except authentication identifiers. | Encrypted database storage |
| Google LLC (Cloud Run, US) | All data your App sends to our backend, in transit | Backend service hosting |
| Google LLC (Gemini API, US) | Transient cuff-display photos; anonymized correlation summaries during insight-text generation | Image-to-data and insight-text generation. Content is processed in memory and not persisted by us. Voice audio is never sent to Gemini — voice transcription is fully on-device. |
| Expo, Inc. | None directly. Push notification payloads contain only non-clinical reminder text (such as "Time for an evening walk?"). Push tokens are non-health identifiers. | Push delivery |
| Sentry (Functional Software, Inc.) | None. Sentry is configured with field-level redaction so consumer health data is stripped from any crash report or breadcrumb before it leaves your device. | Error monitoring |
We do not share consumer health data with any advertising network, advertising technology service, data broker, social media platform, profiling business, or any third party for the purpose of advertising or marketing — ours or anyone else's.
5. Selling Consumer Health Data
We do not sell consumer health data, and we have never sold consumer health data. We will not begin selling consumer health data in the future without first obtaining your separate, freely given, specific, informed, opt-in consent — and only then if you provide that consent.
6. Geofencing
We do not engage in geofencing. We do not collect your location and we do not target advertising or notifications based on your proximity to any healthcare facility.
7. Your Rights Under State Consumer-Health-Data Laws
You have the following rights with respect to your consumer health data. These rights are available to you regardless of where you live in the United States, but several of them are specifically required by Washington's My Health My Data Act, Nevada's SB 370, and other state laws.
- Right to confirm whether we are collecting, sharing, or selling consumer health data about you.
- Right to access the consumer health data we have about you. We provide this through the Settings → Privacy & Data → Download all my data flow in the App or by emailing privacy@calmbp.com. The export is delivered as a portable JSON file and contains every record of consumer health data in Section 1 above. It does not include operational records that are not consumer health data (push tokens, encrypted credentials for connected calendars, rate-limit defense state, internal mapping identifiers); those records are still wiped if you delete your account.
- Right to withdraw consent. You can withdraw consent to our collection or sharing of consumer health data at any time by deleting your account from the App, or by emailing privacy@calmbp.com. Withdrawal will end further processing but does not affect processing that has already occurred.
- Right to delete. You can ask us to delete the consumer health data we have collected from you. We will delete it from our active systems within thirty (30) days and from backups within an additional ninety (90) days.
- Right to receive a list of all third parties with whom we have shared your consumer health data, along with contact information for each. Section 4 above provides the current list; if you want a copy with timestamps of the sharing events, email privacy@calmbp.com.
- Right not to be discriminated against for exercising any of these rights. We will not deny you service, charge you a different price, or provide a different quality of service because you exercised a right.
To exercise any of these rights, use the in-App controls or email privacy@calmbp.com. We will verify your request by sending a confirmation to the email address associated with your account, and we may ask for additional information solely to verify your identity. We will respond within forty-five (45) days as required by applicable law.
If we deny your request, we will tell you why, and we will provide you with information about how to appeal — including, if you live in Washington, your right to contact the Washington Attorney General's Office.
You can also designate an authorized agent to exercise rights on your behalf. The agent must provide written authorization signed by you and must verify their identity directly with us.
8. How Long We Keep Consumer Health Data
We keep consumer health data only as long as we need it to provide the services you have asked us to provide. Specific retention periods are set out in our main Privacy Policy, Section 7.
If you delete your account, we delete your consumer health data from our active systems within thirty (30) days and from our backups within an additional ninety (90) days.
9. Security
We protect consumer health data with industry-standard measures, including encryption in transit (TLS 1.2+); AES-256 encryption at rest in our cloud database; on-device SQLCipher (AES-256) encryption of the local database that holds your readings on your phone, with the encryption key stored in the iOS Keychain (or Android Keystore) and only accessible after device unlock; authentication-token storage in the iOS Keychain; row-level access controls in our cloud database; and field-level plus pattern-level redaction of consumer health data in our error monitoring service before any event leaves your device.
In the event of a breach involving unsecured consumer health data, we will notify you within sixty (60) days as required by the Federal Trade Commission's Health Breach Notification Rule (16 C.F.R. Part 318).
10. Authentication of Identity; Anti-Discrimination
To process a rights request, we may need to verify your identity. We use the email address associated with your account for this purpose. We do not require you to create a new account, pay a fee, or provide additional consumer health data to exercise any right.
11. Contact Us
For any question or request related to consumer health data: privacy@calmbp.com
To file an appeal of a denied request: privacy@calmbp.com with subject line "Appeal of consumer health data request"
For consumers in Washington, you may also contact the Washington Attorney General's Office about your rights under the My Health My Data Act: https://www.atg.wa.gov/file-complaint
12. Changes to This Policy
We will update this Consumer Health Data Privacy Policy from time to time. The "Effective Date" at the top of this policy reflects the most recent version. We will notify you in the App at least thirty (30) days before a material change takes effect.
© 2026 Double Door Media LLC. All rights reserved.