Heat-On Inc

Privacy Policy for HeatVision

Last updated on February 6, 2026

Heat On Inc. ("Heat On," "we," "us," or "our"), a company registered in New York, United States, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and disclose information when you use the HeatVision iOS mobile application (the "App") distributed through the Apple App Store, and the related services we provide (including our web portal at app.heatvision.io) (collectively, the "Services").

By using the Services, you acknowledge that your information will be processed as described in this Privacy Policy. If you do not want your information processed as described, do not use the Services.

App Store Privacy Summary (Plain-English)

  • We collect account and profile details, device and push-notification identifiers, basic usage/security logs, diagnostics/crash information, and heating system/equipment data tied to your account.

  • We use this data to operate the App (authentication, monitoring, alerts), keep it secure, troubleshoot issues, and coordinate repairs you request.

  • We do not use your data for advertising, and we do not track you across other companies' apps or websites.

  • We do not sell your personal information.

  • We share limited data only with (1) push notification services needed to deliver alerts, (2) infrastructure/hosting providers, and (3) repair technicians when you request service or warranty fulfillment, plus (4) legal disclosures if required.

1. Information We Collect

a) Information you provide directly

We collect information you provide when you create or use your account, including:

  • Account credentials: email address and password (used for authentication).

  • Profile information: first name, phone number, company name, and company address (used to provide core Services, including coordinating service/repairs).

b) Information collected automatically (device and identifiers)

When you use the App, we collect:

  • Push notification token: a unique identifier used solely to deliver transactional push notifications related to your heating system (alerts, status changes, maintenance reminders, service updates).

  • Push notification delivery involves transmitting tokens through Apple Push Notification service (APNs) and Expo's notification infrastructure solely to deliver notifications.

  • This token is not used for advertising, marketing, or cross-app tracking.

  • Device information: device brand, model, operating system version, and platform type, collected solely to ensure compatibility, support troubleshooting, and help enable push notification delivery.

  • Authentication tokens (JWT): stored securely on your device using operating system protected storage to maintain your login session. These tokens are cleared upon logout.

c) Usage and security data

We collect limited operational telemetry linked to your account, including:

  • Login activity (e.g., timestamps) to help monitor account security and detect unauthorized access.

  • Session duration to maintain service quality and reliability.

We do not use this information for advertising, marketing, or behavioral profiling.

d) Diagnostics data

We collect diagnostics data to keep the App stable and reliable, which may include:

  • Crash logs / error reports (which may include your account identifier, device information, and actions leading to an error).

  • Operational logs (such as API request logs and system events) retained for security and debugging.

Diagnostics data is used only to identify and resolve technical issues, improve stability, and maintain reliability. It is not used for advertising, marketing, tracking, or behavioral profiling.

e) Heating system and equipment data

We collect and store data associated with your account about your heating setup (for example, boilers, thermostats, and related systems), including:

  • Equipment monitoring data and diagnostics needed to provide system monitoring, automated equipment diagnostics, and failure detection.

  • Commands you send (such as changing temperature or system settings) which are transmitted securely to your equipment to perform the requested action.

This data is used solely to provide core Service functionality. We do not use it to infer lifestyle patterns or to build advertising profiles.

2. How We Use Your Information

We use the information we collect to:

  • Authenticate you and provide secure access to the Services.

  • Provide the App's core functions, including heating system monitoring, diagnostics, and failure detection.

  • Deliver transactional notifications (alerts, maintenance reminders, service updates) when you enable notifications.

  • Display and manage your account and profile within the Services.

  • Coordinate repair visits, support requests, and warranty fulfillment (where applicable).

  • Monitor login activity and operational telemetry for security and service reliability.

  • Investigate and resolve crashes, errors, and technical issues.

3. Advertising, Analytics, and Tracking

  • No advertising use: We do not use your information for advertising or marketing.

  • No third-party analytics SDKs: We do not use third-party analytics services (such as Google Analytics, Firebase Analytics, Mixpanel, or similar) in the App.

  • No tracking: We do not track you across other companies' apps or websites, and we do not share collected data with data brokers, advertising networks, or other parties for cross-context behavioral advertising.

The limited operational telemetry we collect (login activity, session duration) is used internally only for security and reliability, and not for behavioral profiling.

4. Device Identifiers and Push Notifications

The App uses a push notification token and basic device information to:

  • Deliver notifications you opt into,

  • Ensure compatibility,

  • Support diagnostics and troubleshooting.

These identifiers are not used to track you across apps or websites and are not shared with advertising networks or data brokers. Push notification tokens are deleted from our servers upon account deletion or upon request.

5. Data Storage and Security

a) Local (on-device) storage

Authentication tokens are stored using operating system protected storage. They maintain your login session and are removed upon logout.

b) Server storage

Your account information, profile data, heating system data, usage/security data, and diagnostics data are stored on our secure servers. We use industry-standard security measures such as HTTPS/TLS encryption in transit, firewall protection, and access controls to limit access to authorized personnel.

c) Push notification delivery

Push notification tokens are transmitted securely and are used only to route notifications through APNs and Expo notification infrastructure.

6. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information.

We share information only in these limited circumstances:

a) Service providers (processors)

We may share data with service providers that help us operate the Services, such as:

  • Expo (for push notification delivery; see Expo's privacy policy at https://expo.dev/privacy)

  • Apple Push Notification service (APNs) (for notification delivery to iOS devices)

  • Hosting and infrastructure providers (to securely store and process data)

These providers may process data only to provide services to us.

b) Repair technicians (when you request service)

We share relevant heating system information and necessary contact details with third-party repair technicians solely to schedule and perform repair services you request. Repair technicians are contractually prohibited from using the data for any other purpose.

c) Warranty fulfillment

If warranty service requires dispatching additional repair technicians, we may share necessary information to fulfill warranty obligations, subject to the same data protection requirements.

d) Legal requirements

We may disclose information if required by law, regulation, court order, or governmental request.

7. Your Rights and Choices

a) Access and correction

You may access and update your profile information through the App or the web portal at app.heatvision.io.

b) Push notifications

Notifications are sent only after you grant permission in iOS. You can revoke permission at any time in iOS Settings (Notifications > HeatVision).

c) Account deletion

You can permanently delete your account and associated personal data within the App. You may also request deletion through app.heatvision.io or by contacting [email protected]. After verifying your request, we will delete your personal data from active systems and backups within 30 days, except where retention is required by law.

d) Data portability

You may request a machine-readable copy of your personal data by contacting [email protected].

e) Withdraw consent

Where processing is based on consent (such as notifications), you may withdraw consent at any time via system settings or by disabling the feature.

8. Legal Basis for Processing (EEA/UK Users)

If you are located in the EEA or the UK, we process personal data under these legal bases:

  • Contract necessity (to provide the Services you request),

  • Legitimate interests (security, diagnostics, reliability improvements),

  • Legal obligation (compliance with applicable laws),

  • Consent (e.g., enabling push notifications).

9. Data Retention

We retain data only as long as necessary:

  • Account data: retained while your account is active; deleted within 30 days of a verified deletion request.

  • Authentication tokens (local): cleared upon logout.

  • Push notification tokens: deleted upon account deletion or upon request.

  • Login activity/session duration: retained up to 12 months for security/reliability, then deleted.

  • Diagnostics (crash/error logs): retained up to 12 months, then deleted.

  • Operational server logs: retained up to 90 days, then deleted.

  • Heating system data: retained while your account is active for continuity and diagnostics; deleted upon account deletion.

10. Children's Privacy

The App is not specifically directed to children under 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If you believe a child under 13 provided personal information, contact [email protected], and we will take steps to delete it.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you may have rights including:

  • Right to know, delete, and correct,

  • Right to opt out of sale/sharing (we do not sell or share for cross-context behavioral advertising),

  • Right to non-discrimination.

Contact [email protected]. We respond within the timelines required by law.

12. International Data Transfers

Our servers are located in the United States. If you access the Services from outside the U.S., your information may be transferred to and processed in the U.S. For transfers from the EEA/UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated policy within the App and/or on our website and update the "Last updated" date. Continued use of the Services after the update means you have been informed of the revised policy.

14. Contact Us

Heat On Inc.

823 East 16th Street, #201

Brooklyn, NY 11230

United States

Telephone: +1 929 687 9318

Email: [email protected]

Data Protection Contact: [email protected]