1. Who we are
The PulseDoc mobile app and this website (together, the “Service”) are operated by Pulse MD Health LLC, a New Jersey limited liability company doing business as PulseDoc.ai (“PulseDoc”, “we”, “us”), with its registered office at 501 Summit Avenue, Jersey City, NJ 07306. You can reach us about anything in this policy at privacy@pulsedoc.ai.
This policy explains what information we collect, why we collect it, who we share it with, and the choices you have. It applies to patients, to clinicians who practice on the platform, and to visitors of this website.
2. The short version
- We collect the information you give us and the health data you choose to sync, and we use it to run the Service — nothing else.
- We do not sell your data, we do not run ads, and we use no advertising or tracking SDKs.
- Your health data is shared with a clinician only when you book a consultation with them.
- You can permanently delete your account and its data from inside the app at any time. Consultation records — your clinician’s clinical notes, and the symptoms you entered when booking — are the one exception: they are medical records your clinician must retain by law. See section 8.
3. Information we collect
Account and profile
- Contact and sign-in details — your name and email address. You sign in with an email address and password, with a sign-in link or code we email you, or with your Apple or Google account (Apple may share a private relay email address instead of your real one). We do not use your phone number to sign you in.
- Health onboarding details — date of birth, sex and gender identity (recorded as separate fields), height and weight, your health goals, and any symptoms you mark on the body map during onboarding. Because gender identity is sensitive information, we collect it only with your consent and use it solely to give your clinician accurate context.
- Phone number (optional) — if you choose to add one to your profile. It is contact information only; we do not use it to sign you in and we do not send you SMS messages.
- Insurance details (optional) — insurance provider, member ID, and group number, if you choose to add them.
- Some onboarding fields — ZIP code and pronouns — are used on-screen only and are not stored on our servers.
Health and fitness data
- Apple Health (with your permission, read-only) — heart rate, resting heart rate, heart rate variability, steps, walking/running distance, active energy, exercise minutes, stand time, flights climbed, sleep, and workouts.
- PulseBand — heart rate, heart rate variability, blood oxygen (SpO₂), skin temperature, stress, blood pressure readings, steps and activity, and sleep. The PulseBand is a consumer wellness device: it measures and records these signals to show you trends and to prepare your consultation report. It is not a medical device and does not diagnose or treat any condition.
Consultation data
- Messages you exchange with your clinician, the clinician’s visit notes, and the health-report snapshot generated for your visit.
- Video and audio during a consultation stream in real time through our video provider and are not recorded or stored.
Payment and order information
- Card details go from your device directly to Stripe, our payment processor — we never receive or store your card number. We keep a record of each payment (amount, status, and a payment reference).
- Subscriptions bought through the Apple App Store are billed by Apple. Apple does not give us your card details; we receive only confirmation that your subscription is active.
- Shipping address — if you order a PulseBand, we collect the name and postal address you want it shipped to, and we share them with the carrier that delivers it. We use them to fulfil your order and handle any return.
For clinicians
- Professional identifiers (NPI, license number and state, specialty, education, languages, bio) and the credential documents you upload — medical license, board certification, malpractice policy, and DEA registration.
Device data and diagnostics
- Your account ID, a push-notification token if you enable notifications, and — if diagnostics are enabled — crash and performance reports that are not linked to your identity.
4. What we do not collect
- Your device’s location, precise or coarse — the app never asks for location permission. (A shipping address you type in to order a band is order information, not device location.)
- Your contacts, photos library, or browsing history.
- Advertising identifiers or cross-app tracking data — the app contains no advertising, attribution, or product-analytics SDKs, and we do not track you across other companies’ apps or websites.
5. How we use your information
- To provide the Service — sync and display your metrics, prepare the health-report snapshot for a consultation, and connect you with the clinician you book.
- To personalize your experience — for example, tailoring the app to the health goals you select.
- To process payments — to bill your subscription and to fulfil and ship a PulseBand order.
- To send notifications you have enabled, and service emails (sign-in codes, receipts, appointment updates).
- To keep the Service secure and working — account verification, fraud prevention, and crash diagnostics.
- To comply with law where we are required to.
We do not use your data for advertising, and we do not use Apple Health data for marketing, advertising, or data mining of any kind.
6. Who we share it with
Your clinician. When you book a consultation, the clinician you choose can see your profile, your health-report snapshot, and your messages with them — that is the point of the Service.
Service providers (processors). These companies process data on our behalf, under contract, only to run the Service — never for advertising, and nothing is sold:
- Supabase — our backend: database, authentication, file storage, and real-time messaging.
- Stripe — payment processing. Your card details go directly to Stripe from your device.
- Daily.co — real-time video consultations. Receives your name and account ID to join you to a call; calls are not recorded.
- Resend — sends service emails, including your sign-in link or code.
- Sentry — crash and performance diagnostics, not linked to your identity.
- Apple and Google — if you choose to sign in with them. Apple also bills and manages any subscription you buy through the App Store.
- Shipping carriers — receive your name and delivery address to deliver a PulseBand you order.
- Expo and Apple push services — deliver push notifications.
- CMS NPPES (the US government NPI registry) — used to verify clinician credentials; applies to clinicians only.
Legal and safety. We may disclose information when required by law, or to protect the rights, safety, or property of you, us, or others.
Business transfers. If we are involved in a merger, acquisition, financing, reorganization, or sale of all or part of our business, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a materially different privacy policy, and any recipient will remain bound by the commitments in this policy unless you agree otherwise.
7. Health data handling
Health information gets our strictest handling regardless of how it is classified under law: it is encrypted in transit, access is restricted by per-row access controls so that only you and the clinicians you consult can read your records, and it is never used for advertising or shared with data brokers.
Records created during a consultation (visit notes, the report snapshot, and clinical messages) form part of your care record with the clinician who treated you. That clinician is an independent licensed professional and is the custodian of your medical record; they are responsible for it under the health-records and record-keeping laws that apply to their practice. We host those records so your clinician can meet those obligations, and we handle them in line with applicable health-records law.
Apple Health data is used only to provide app functionality, is never written back to Apple Health, and is never stored in iCloud by us.
8. Retention and deletion
We keep your information while your account is active. You can delete your account from inside the app (Settings → Delete account) or by asking us at privacy@pulsedoc.ai. Deletion is permanent and cannot be undone.
Deleting your account erases your profile, your health data (including everything synced from Apple Health and the PulseBand), your messages, your device connections, and every file you uploaded — profile photo, insurance cards, and credential documents.
Some records are kept, and we cannot delete them:
- Consultation records — the clinical notes from a consultation, and the reason for visit and symptoms you entered when booking. These are medical records. The clinician who treated you is required to retain them under federal and state record-keeping law, and we cannot erase them on request without putting that clinician in breach of their obligations.
- Booking and payment records — retained for accounting and tax law.
Both are unlinked from your account, but the clinical content itself remains. This is the same disclosure the app shows you before you confirm a deletion.
9. Security
We use industry-standard safeguards: encryption in transit, role-scoped database access controls (row-level security), and least-privilege access for our systems. No service can guarantee perfect security, but we design so that the blast radius of any failure is as small as possible.
10. Your rights and choices
- Access, correction, portability — contact us at privacy@pulsedoc.ai to request a copy of your data or to correct it.
- Deletion — delete your account in-app at any time, or ask us to do it. Section 8 explains the one category we cannot erase, and why.
- Permissions — Apple Health access, band pairing, and notifications are all optional and can be revoked in your device settings.
Where you live. PulseDoc launches in New Jersey, and consultations are available only to patients physically located in New Jersey at the time of the consultation. Rather than limit the rights above to the residents of any particular state, we extend them to everyone who uses the Service — you may request access, correction, portability, or deletion regardless of where you live, and we will not discriminate against you for exercising them. If the law where you live gives you additional rights, we will honor those too; write to us and we will tell you how we handled your request. If you are not satisfied with our response, you may appeal by replying to us at the same address.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
11. Children
The Service is for adults. You must be 18 or older to create an account, and the Service is not directed to children. We do not knowingly collect information from anyone under 18. If we learn that we have, we will delete it — if you believe a minor has given us information, contact us at privacy@pulsedoc.ai.
12. Changes to this policy
When we change this policy we will update the date at the top, and if the change is material we will notify you in the app or by email before it takes effect.
13. Contact
Pulse MD Health LLC (d/b/a PulseDoc.ai)
501 Summit Avenue, Jersey City, NJ 07306
Email: privacy@pulsedoc.ai