CardioAge
Privacy & Data

Your Privacy & Data Rights

CardioAge is designed with privacy at its core. Here is exactly how your data is handled.

Core Privacy Principles

Local-only storage: All your health data is stored exclusively in your browser's localStorage. It never leaves your device.
No data transmission: No health values (blood pressure, cholesterol, etc.) are transmitted to any server, ever.
No advertising use: Your health data is never used for advertising, profiling, or any commercial purpose.
No data sale: CardioAge does not sell, share, or license your personal health data to any third party.
Full data portability: You can export all your data at any time in machine-readable JSON format.
Right to deletion: You can permanently delete all your data from this device at any time.

Technical Architecture

All risk calculations are performed client-side in your browser using JavaScript. No health data is sent to a server for processing.

Data storage: Risk snapshots and profile information are stored in your browser's localStorage. This data persists until you clear your browser data or use the deletion function below.

Analytics: This application may collect anonymised, aggregated usage statistics (e.g., which risk model was selected, page views) via a privacy-respecting analytics service. No raw health values are included in any analytics data.

Regulatory Alignment

GDPR

European Union

Right to access, portability, and erasure supported.

CCPA

California, USA

No sale of personal information. Deletion rights supported.

HIPAA-aligned

United States

Architecture follows HIPAA principles. Not a covered entity.

Regulatory Positioning

CardioAge is positioned as an educational cardiovascular risk awareness tool. It uses established guideline-based risk equations. It does not provide diagnosis or treatment recommendations.

✓ Permitted language

  • • "Estimate" risk
  • • "Understand" your risk factors
  • • "Track" changes over time
  • • "Awareness" tool

✗ Not used

  • • "Detect" disease
  • • "Diagnose" conditions
  • • "Prevent heart attack"
  • • Treatment recommendations

Your Data Controls

Data deletion is permanent and cannot be undone. Export your data first if you wish to keep a record.