Privacy Policy

We respect your privacy and strive to collect as little information as possible. This page explains what data we collect, how we use it and your rights. Because GetHeartSmart is a public‑education initiative and not a commercial service, we do not require you to create an account or provide personal details in order to use the site.

Information we collect

We deliberately minimise data collection. When you visit our website we may collect:

• Usage data: anonymous information such as pages visited, time spent and device type. We use this to understand how the site is used and improve content. This data is aggregated and does not identify you personally.
• Contact details: if you email us, we will receive the email address and any information you provide. We use this only to respond to your enquiry.
• Cookies: small text files stored on your device. We use essential cookies to remember preferences (like language). We do not employ advertising or marketing cookies and we do not use behavioural profiling.

We do not collect sensitive health information or other data about you. We list only the specific types of data we collect to keep this policy clear and relevant.

How we use your information

We use the information we collect solely to:

• Operate, maintain and improve the website and its accessibility.
• Respond to enquiries that you send via email.
• Detect and prevent abuse or technical issues.

We do not sell, rent or trade your personal information. We will never share your data with third parties except where required by law.

Legal basis & your rights

We comply with data‑protection laws including the UK General Data Protection Regulation (UK GDPR), the EU GDPR and applicable US privacy laws. Websites that handle user data in regions like the EU or California are generally required by regulations such as GDPR and the CCPA to publish a privacy policy that clearly discloses data use, user rights and legal grounds for collection.

You have the right to:

• Request a copy of the personal data we hold about you.
• Ask us to correct inaccurate information about you.
• Ask us to delete your information when it is no longer needed.
• Object to or restrict certain processing of your information.

To exercise these rights, please contact us at info@getheartsmart.org. We will respond within one month.

Data retention & security

We retain personal data only for as long as necessary to fulfil the purposes described above or as required by law. Aggregated usage data is kept for up to 24 months to monitor trends and improve services. We implement administrative, technical and physical measures to protect your data against loss, misuse and unauthorised access. In keeping with best practice we delete or anonymise personal data once it has served its intended purpose.

Third‑party services & external links

GetHeartSmart uses open‑source and publicly hosted services to deliver content. We may link to external websites operated by reputable organisations (e.g., national health services, research institutions). We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policy of any site you visit via our links.

Changes to this policy

We may update this policy from time to time to reflect changes in the law or our practices. The “Last updated” date at the bottom of this page will indicate when it was revised. Significant changes will be announced on our homepage.

Contact us

If you have any questions about this privacy policy or about how we handle your data, please email info@getheartsmart.org.

Last updated: 9 January 2026