GDPR & deletion

Patient apps support GDPR-style data export and deletion. Clinician Platform retention follows medical-record norms.

Patient-side controls

Data export — machine-readable JSON of the patient app's records.
Account deletion — two-stage confirmation; 30-day grace period.
Analytics consent toggle — opt out of PostHog telemetry separately from deletion.

Clinician-side retention

Patient records are retained according to your jurisdiction's medical-records retention rules.
Revoked patients stay in the platform for documentation and billing purposes.
For full deletion of a patient record, contact support@heartfulsprout.com.

Specific retention windows by jurisdiction coming soon.

Data flows FAQ & troubleshooting