Cardio Command
Privacy

Your heart data stays on your devices.

Cardio Command has no servers, no accounts, and no third-party analytics. Your health data never leaves your Apple ecosystem.

Last updated: June 24, 2026. Questions? support@cardiocommandapp.com

The short version

Cardio Command does not collect, transmit, or store any personal data on external servers. Everything the app reads or records — your heart rate, your climb history, your zone settings — lives on your Apple Watch and your iPhone. I never see any of it.

What the app reads from HealthKit

Cardio Command requests permission to read and write the following HealthKit data types:

  • Heart Rate (read + write) — read live during a workout session to power the game; written back at session end as part of the HKWorkout record.
  • Workouts (write) — each completed climb is saved as an HKWorkout so it appears in Apple Health alongside your other exercise sessions.
  • Activity (read) — used optionally during onboarding to help estimate heart rate zones. You can deny this permission; the app still works.

HealthKit data never leaves your device via Cardio Command. The app does not transmit it to any server, analytics service, or third party.

Game data sync

Your climb history — scores, heart rate profiles, badges, settings — is stored in SwiftData on your Watch and iPhone and synced between them via iCloud (CloudKit). Both devices must be signed into the same Apple ID for sync to work. No data is routed through any servers operated by Cardio Command — the sync path is entirely within Apple's iCloud infrastructure.

Purchases

All in-app purchases are processed by Apple through the App Store. Cardio Command never sees your payment information. Purchase receipts are verified on-device using Apple's StoreKit framework. I receive anonymised aggregate purchase data from Apple (total units sold, region breakdowns) but nothing that identifies you.

Crash reports and diagnostics

If the app crashes, Apple may collect a crash report through the standard iOS/watchOS crash reporting system, subject to your device's privacy settings (Settings → Privacy → Analytics & Improvements). I can see anonymised, aggregated crash logs to fix bugs. These reports do not contain health data.

Cardio Command does not use any third-party analytics SDKs (no Firebase, no Mixpanel, no similar tools).

No accounts

There are no Cardio Command accounts. No email address is collected. No login is required. Your data is tied to your Apple ID for purchase restoration only — and Apple manages that relationship entirely.

Children

Cardio Command is not directed at children under 13 and does not knowingly collect data from them. The app requires an Apple Watch capable of heart rate monitoring; parental supervision is recommended for young users.

Changes to this policy

If this policy changes materially, I'll update the date at the top of this page and note what changed. The current version is always at this URL.

Contact

Questions about privacy? Email support@cardiocommandapp.com. I read every message.