.email
HEARTHERO, INC. ("Company", "we", "our", or "us")respects your privacy and is committed to protecting it through our compliance with this policy. This policy describes how we collect, process, retain, and disclose personal data about you when providing services to you through our websites (HeartHero.com), applications (HeartHero Mobile App), products (Elliot AED), cloud software (HeartHero Cloud Software data storage), and services that link to this policy (our "Services") and our practices for using, maintaining, protecting, and disclosing that information.
This policy applies only to information we collect:
It does not apply to information collected by:
We may provide additional or different privacy policies that are specific to certain features, services, or activities.
Please read this policy carefully to understand our policies and practices regarding your information and how we treat it. By interacting with our Services or providing us with your information, you agree to the collection, use, and sharing of your information as described in this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of the Services after we make changes as described here is deemed to be acceptance of those changes, so please check the policy periodically for updates.
Our Services are not intended for, and we do not knowingly collect any personal data from, children under the age of 18. If we learn we have collected or received personal data from a child under 18 years old without verification of parental consent, we will delete that information.
The Personal Data That We Collect or Process
"Personal data" is information that identifies, relates to, or describes, directly or indirectly, you as an individual, such as your name, email address, telephone number, home address, or payment information (for example, account information such as name, postal address, and email address, credit card number, or any other identifier we may use to contact you online or offline).
The types and categories of personal data we collect or process include:
Name, email address, phone number, mailing and shipping address, account username and password, and profile picture (optional) in your account.
Billing information processed through third-party payment processors. We do not store credit card or debit card numbers directly.
Information about your transactions, purchases, order history, and warranty registration information.
For our Elliot AED device and HeartHero Mobile App, we collect:
During AED usage events, the device may collect health or medical data including ECG recordings, treatment data, and responder notes. This information is used for device safety monitoring, service provision, and compliance with regulatory requirements.
Product reviews, customer support communications, voluntary survey responses and feedback, in-app messages or post-event reports, and uploaded photos or videos (including optional profile pictures).
IP addresses, device identifiers, operating system and version, preferred language, hardware identifiers, browser type and settings, and other device information
Some of the information identified above, including precise geolocation information and health or medical information, may be considered sensitive data under certain laws. If required under applicable law, we will collect and process sensitive personal data only with your consent. If you choose not to provide or allow us to collect some information, we may not be able to provide you with requested features, services, or information.
We also collect:
Statistics or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal data. For example, we may aggregate personal data to calculate the percentage of users accessing a specific Services feature.
Technical information. Technical information includes information about your internet connection and usage details about your interactions with the Services, such as clickstream information to, through, and from our Services (including date and time), products that you view or search for; page response times, download errors, length of your visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods used to browse away from a page.
If we combine or connect non-personal statistical or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal information.
We collect information about you when you interact with our Services, such as when you create or update an account, make a purchase, register a warranty, participate in surveys or promotions, request customer support, or upload content to the Services including reviews, photos, or other media.
As you navigate through and interact with our Services, we may use automatic data collection technologies to collect information that may include personal data. Information collected automatically may include usage details, IP addresses, operating system, browser type, and information collected through cookies and other tracking technologies including details of your interactions with our Services.
Using automatic collection technologies helps us to improve our Services and to deliver a better and more personalized experience.
The technologies we use for this automatic data collection may include:
Cookies. A cookie is a small file placed on your device when you interact with the Services. We use essential cookies required for core app functions (such as secure login and device pairing), analytics/performance cookies to monitor app performance (with your consent), and preference cookies to store your settings (with your consent). You may refuse to accept or disable cookies by activating the appropriate setting on your browser or device. However, if you select this setting, you may be unable to access certain features of the Services.
Web Beacons. Some parts of the Services and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those parts or opened an email and for other related statistics.
When you interact with the Services, there are third parties that may use automatic collection technologies to collect information about you or your device. These third parties may include analytics companies (such as Google Analytics) and advertising or retargeting providers. These third parties may use tracking technologies to collect information about you when you use the Services. The information they collect may be associated with your personal data or they may collect information, including personal data, about your online activities over time and across different websites, apps, platforms, and other online services.
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
We may receive personal data about you from other sources and combine that with information we collect directly from you. For example, we may obtain information about you from service providers that we engage to perform services on our behalf, such as payment processors, cloud hosting providers, and shipping/logistics providers. We may also receive information from emergency medical services (EMS) partners for treatment coordination purposes.
We use information that we collect about you or that you provide to us, including any personal data, to:
The usage information we collect, whether connected to your personal data or not, helps us improve our Services and deliver a better and more personalized experience by enabling us to:
We do not use data for marketing without your explicit consent.
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may also disclose personal data that we collect or you provide as described in this privacy policy:
We do not sell your personal data.
We may also disclose your personal data:
As a US-based company, we may transfer data from other countries to the United States. We ensure safeguards through:
This section describes mechanisms you can use to control certain uses and disclosures of your information and rights you may have under state law, depending on where you live.
Cookies and Other Tracking Technologies. You can set your browser to refuse all or some browser cookies or other tracking technology files, or to alert you when these files are being sent. If you disable or refuse cookies or similar tracking files, some Services features may be inaccessible or not function properly.
Location Data. You can choose whether or not to allow the Services to collect and use real-time information about your device's location through the device's privacy settings. If you block the use of location information, some Services features may become inaccessible or not function properly.
Depending on your state of residency, you may have certain rights related to your personal data, including:
Access and Data Portability. You may confirm whether we process your personal data and access a copy of the personal data we process. To the extent feasible and required by state law, data will be provided in a portable format.
Correction. You may request that we correct inaccuracies in your personal data that we maintain, taking into account the information's nature and processing purpose.
Correction. You may request that we correct inaccuracies in your personal data that we maintain, taking into account the information's nature and processing purpose.
Deletion. You may request that we delete personal data about you that we maintain, subject to certain exceptions under applicable law.
Opt Out of Using Personal Data for Targeted Advertising, Profiling, and Sales. You may request that we do not use your personal data for these purposes.
Important: The exact scope of these rights vary by state. There are also several exceptions where we may not have an obligation to fulfill your request. To exercise any of these rights, please contact us at privacy@hearthero.com, submit a request through the HeartHero Mobile App, or send a written request to 3200 Cherry Creek S Drive Suite 470, Denver, CO 80209.
Some browsers and browser extensions support the Global Privacy Control ("GPC") that can send a signal to process your request to opt out from certain types of data processing, including data "sales" as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.
If you are in the European Union (EU):
Our EU representative pursuant to Article 27 of the General Data Protection Regulation of the European Union is VeraSafe. If you are in the European Economic Area, VeraSafe can be contacted in addition to HeartHero on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031.
Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland
If you are in the United Kingdom (UK):
Our UK representative pursuant to Article 27 of the United Kingdom General Data Protection Regulation is VeraSafe. If you are located within the United Kingdom, VeraSafe can be contacted in addition to HeartHero on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +44 (20) 4532 2003.
Alternatively, VeraSafe can be contacted at:
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
We use commercially reasonable administrative, physical, and technical measures designed to protect your personal data from accidental loss or destruction and from unauthorized access, use, alteration, and disclosure. We protect your data with:
However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Services. In particular, email, texts, and chats sent to or from the Services may not be secure, and you should carefully decide what information you send to us via such communications channels. Any transmission of personal data is at your own risk. The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access.
We keep the categories of personal data described in this policy for as long as reasonably necessary to fulfill the purposes described or for as otherwise legally permitted or required, such as maintaining the Services, operating our organization, complying with our legal obligations, resolving disputes, and for safety, security, and fraud prevention.
Specific retention periods:
At the end of the retention period, personal data will be securely deleted, destroyed, or deidentified.
We may update this policy from time to time, and we will provide notice of any such changes to the policy as required by law. The date the privacy policy was last updated is identified at the top of the page. We will notify you of changes to this policy by updating the "last updated" date and posting the updated policy on the Services. We may email or otherwise communicate reminders about this policy, but you should check our Services periodically to see the current policy and any changes we have made to it.
To exercise your rights or ask questions or comment about this privacy policy or our privacy practices, contact us at:
HeartHero, Inc.
3200 Cherry Creek S Drive Suite 470
Denver, CO 80209
Email: privacy@hearthero.com
You may also submit requests through the HeartHero Mobile App.
This Mobile Application End User License Agreement (“Agreement”) is a binding agreement between you (“End User” or “you”) and HEARTHERO, INC. (“Company”). This Agreement governs your use of the HeartHero Mobile App, (including all related documentation, the “Application”). The Application is licensed, not sold, to you.
BY DOWNLOADING, INSTALLING, OR USING THE APPLICATION, YOU (A) ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS AGREEMENT, INCLUDING ALL WARNINGS AND SAFETY INFORMATION; (B) REPRESENT THAT YOU ARE OF LEGAL AGE TO ENTER INTO A BINDING AGREEMENT; (C) REPRESENT THAT YOU ARE LOCATED IN A JURISDICTION WHERE THE ELLIOT AED IS LEGALLY CLEARED FOR SALE AND USE; AND (D) ACCEPT THIS AGREEMENT AND AGREE THAT YOU ARE LEGALLY BOUND BY ITS TERMS. IF YOU DO NOT AGREE TO THESE TERMS, DO NOT DOWNLOAD, INSTALL, OR USE THE APPLICATION AND DELETE IT FROM YOUR MOBILE DEVICE.
1.1 Classification. The HeartHero Mobile Application is medical device software that functions as an accessory to and controller for the Elliot Automated External Defibrillator (AED). The Application:
1.2 Regulatory Status. The Elliot AED and this Application are NOT cleared or approved by the U.S. Food and Drug Administration (FDA) for sale or use in the United States. The device and Application have received regulatory clearances in the European Union (CE Mark under MDR) and United Kingdom (UKCA marking).
1.3 Geographic Restrictions. This Application may ONLY be used in jurisdictions where the Elliot AED has received regulatory clearance. By installing this Application, you represent and warrant that:
1.4 Intended Use. This Application is intended for use by trained individuals to:
2.1 Medical Emergency Limitations. THIS APPLICATION AND THE ELLIOT AED ARE NOT SUBSTITUTES FOR PROFESSIONAL EMERGENCY MEDICAL SERVICES. In any suspected cardiac arrest emergency:
2.2 Training Requirement. Users of this Application and the Elliot AED MUST be trained in:
DO NOT use the AED without proper training. Contact recognized training organizations.
2.3 Device Dependency Warning. The Elliot AED requires this Application for certain functionality. Application failures, bugs, or connectivity issues may:
HOWEVER, the Elliot AED is designed to operate independently during emergencies even if the Application is not functioning. Always maintain the device according to manufacturer specifications.
2.4 Technical Requirements for Safety-Critical Use. To ensure proper operation, you must:
2.5 No Medical Advice. This Application does NOT provide medical advice, diagnosis, or treatment. All information is for device monitoring and maintenance only. Always consult qualified healthcare professionals for medical decisions. Never delay seeking medical care based on information in this Application.
2.6 Cybersecurity Warning. This Application connects to the internet and transmits sensitive medical data. To reduce cybersecurity risks:
3.1 Types of Medical Data Collected. This Application collects, processes, stores, and transmits the following data:
3.2 Health Information. ECG recordings and treatment data constitute protected health information in many jurisdictions. This data may be subject to:
3.3 Emergency Data Sharing. By using this Application, you acknowledge and consent that in life-threatening emergencies, event data (including ECG recordings) may be:
This emergency sharing occurs automatically and cannot be disabled, as it is essential for patient safety and appropriate medical treatment.
3.4 Regulatory and Safety Monitoring. All device and event data may be used for:
3.5 Privacy Policy. Complete details regarding data collection, use, retention, security, and your privacy rights are set forth in our Privacy Policy available at https://www.hearthero.com/privacy-policy, which is incorporated herein by reference. By using this Application, you consent to data processing as described in the Privacy Policy.
4.1 Mandatory Reporting. You MUST immediately report any Application-related incidents including:
4.2 How to Report. Report incidents immediately to:
HeartHero Safety Department
Email: safety@hearthero.com
Phone: [24/7 Safety Hotline]
Or use the in-app reporting feature: Settings > Report Safety Issue
Also report to your local regulatory authority as required by law in your jurisdiction.
Subject to the terms of this Agreement and your compliance with all regulatory requirements, Company grants you a limited, non-exclusive, and nontransferable license to:
Except as may be expressly permitted by applicable law, you shall not:
7.1 Critical Updates. Company may from time to time provide Application updates, which may include critical safety patches, bug fixes, security updates, performance improvements, and new features (“Updates”). You acknowledge that Company has no obligation to provide Updates but may do so for safety and regulatory compliance reasons.
7.2 Mandatory Installation. CRITICAL SAFETY UPDATES MUST BE INSTALLED PROMPTLY. Based on your Mobile Device settings, Updates may install automatically or you may receive notification. You agree to:
WARNING: Failure to install critical Updates may result in Application malfunction, reduced device performance, safety hazards, or device failure. Running outdated software may void technical support and could affect device warranty coverage.
7.3 Update Acknowledgment. All Updates will be deemed part of the Application and subject to all terms of this Agreement. Updates may modify or remove features.
The Application may display, include, or make available third-party content (including data, information, applications, and other products or services) or provide links to third-party websites or services (“Third-Party Materials”). You acknowledge and agree that Company is not responsible for Third-Party Materials, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality, or any other aspect thereof. Company does not assume and will not have any liability or responsibility to you or any other person or entity for any Third-Party Materials.
IMPORTANT: Third-Party Materials are provided solely as a convenience. Never rely on Third-Party Materials for emergency medical decisions. Emergency services contact information provided by third parties may be inaccurate. Always verify emergency contact numbers for your location.
9.1 Term. The term of this Agreement commences when you download the Application and will continue in effect until terminated by you or Company as set forth below.
9.2 Termination by You. You may terminate this Agreement by deleting the Application and all copies from your Mobile Device. Note that terminating the Application license does not terminate your obligations to maintain the Elliot AED device or report adverse events.
9.3 Termination by Company. Company may terminate this Agreement at any time without notice if it ceases to support the Application, which Company may do in its sole discretion. This Agreement will terminate immediately and automatically without notice if:
9.4 Effect of Termination. Upon termination:
WARNING: Deleting the Application will disable remote monitoring. Your AED device will still function independently, but you will not receive maintenance alerts, software updates, or remote support. Ensure you have alternative maintenance tracking procedures in place.
THE APPLICATION IS PROVIDED TO END USER “AS IS” AND WITH ALL FAULTS AND DEFECTS WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, COMPANY, ON ITS OWN BEHALF AND ON BEHALF OF ITS AFFILIATES AND ITS AND THEIR RESPECTIVE LICENSORS AND SERVICE PROVIDERS, EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT TO THE APPLICATION, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, AND WARRANTIES THAT MAY ARISE OUT OF COURSE OF DEALING, COURSE OF PERFORMANCE, USAGE, OR TRADE PRACTICE.
WITHOUT LIMITATION TO THE FOREGOING, COMPANY PROVIDES NO WARRANTY OR UNDERTAKING, AND MAKES NO REPRESENTATION OF ANY KIND THAT THE APPLICATION WILL:
MEDICAL DEVICE SOFTWARE DISCLAIMER: THIS DISCLAIMER APPLIES TO THE APPLICATION SOFTWARE ONLY AND DOES NOT AFFECT ANY SEPARATE LIMITED WARRANTY PROVIDED WITH THE ELLIOT AED DEVICE HARDWARE, WHICH IS GOVERNED BY SEPARATE WARRANTY DOCUMENTATION.
SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF OR LIMITATIONS ON IMPLIED WARRANTIES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE ABOVE DISCLAIMERS MAY NOT APPLY, AND YOU MAY HAVE ADDITIONAL RIGHTS.
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL COMPANY OR ITS AFFILIATES, OR ANY OF ITS OR THEIR RESPECTIVE LICENSORS OR SERVICE PROVIDERS, HAVE ANY LIABILITY ARISING FROM OR RELATED TO YOUR USE OF OR INABILITY TO USE THE APPLICATION FOR:
THE FOREGOING LIMITATIONS WILL APPLY WHETHER SUCH DAMAGES ARISE OUT OF BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE AND REGARDLESS OF WHETHER SUCH DAMAGES WERE FORESEEABLE OR COMPANY WAS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IMPORTANT: This limitation of liability applies to the APPLICATION SOFTWARE. It does not affect any product liability claims arising from defects in the ELLIOT AED HARDWARE, which are governed by applicable product liability laws. Some jurisdictions do not allow certain limitations of liability, particularly for personal injury or death. In such jurisdictions, our liability will be limited to the greatest extent permitted by law.
You agree to indemnify, defend, and hold harmless Company and its officers, directors, employees, agents, affiliates, successors, and assigns from and against any and all losses, damages, liabilities, deficiencies, claims, actions, judgments, settlements, interest, awards, penalties, fines, costs, or expenses of whatever kind, including reasonable attorneys’ fees, arising from or relating to:
The Application may be subject to export control laws. You shall not, directly or indirectly, export, re-export, or release the Application to, or make the Application accessible from, any jurisdiction or country to which export, re-export, or release is prohibited by law, rule, or regulation. You shall comply with all applicable laws and regulations and complete all required undertakings prior to exporting, re-exporting, releasing, or otherwise making the Application available outside your country of residence. You represent that you are not subject to sanctions or export restrictions.
This Agreement is governed by and construed in accordance with the internal laws of the State of Colorado, United States, without giving effect to any choice or conflict of law provision or rule. Any legal suit, action, or proceeding arising out of or related to this Agreement or the Application shall be instituted exclusively in the federal courts of the United States or the courts of the State of Colorado, in each case located in Denver, Colorado. You waive any and all objections to the exercise of jurisdiction over you by such courts and to venue in such courts.
Exception: Product liability claims arising from personal injury or death allegedly caused by the Application’s interaction with the AED may be brought in the courts of the jurisdiction where the injury occurred, subject to applicable law.
ANY CAUSE OF ACTION OR CLAIM YOU MAY HAVE ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE APPLICATION MUST BE COMMENCED WITHIN ONE (1) YEAR AFTER THE CAUSE OF ACTION ACCRUES, OTHERWISE SUCH CAUSE OF ACTION OR CLAIM IS PERMANENTLY BARRED.
Exception: This limitation does NOT apply to personal injury, wrongful death, or product liability claims arising from Application-related defects, which are governed by the applicable statute of limitations in your jurisdiction
This Agreement, together with the HeartHero Terms of Use (https://www.hearthero.com/terms-and-conditions), Privacy Policy (https://www.hearthero.com/privacy-policy) , and the Elliot AED Instructions for Use, constitute the entire agreement between you and HeartHero, Inc. with respect to the Application and supersede all prior or contemporaneous understandings and agreements, whether written or oral, with respect to the Application.
For questions about this Agreement:
HeartHero, Inc.
3200 Cherry Creek S Drive Suite 470
Denver, CO 80209, USAE
mail: info@hearthero.com
For safety and adverse event reporting:
Email: safety@hearthero.com
Phone: [24/7 Safety Hotline]
For technical support:
Email: support@hearthero.com
Or use in-app support: Settings > Help & Support
EMERGENCY: IN CASE OF MEDICAL EMERGENCY, ALWAYS CALL YOUR LOCAL EMERGENCY SERVICES NUMBER IMMEDIATELY. DO NOT CONTACT HEARTHERO FOR EMERGENCY MEDICAL ASSISTANCE.
