Sguardo Privacy Policy
Effective Date: April 27, 2026
Last Updated: May 11, 2026
Overview
Sguardo is a personal health records application developed by Sound Prediction, Inc. This privacy policy explains how Sguardo handles your health information.
The key principle: Your health data stays on your device. We don’t want it. Sguardo is designed with a local-first architecture, meaning your personal health information is stored only on your phone or computer, not on our servers. This isn’t just a privacy feature — it’s our business model. We have no interest in collecting, analyzing, or monetizing your health data. We built Sguardo so we never have to.
Information We Collect
Health Data You Import or Enter
- Medical records from healthcare providers (via FHIR APIs)
- Claims and coverage data from health insurance payers
- Medicare data (via CMS Blue Button 2.0)
- Lab results, medications, conditions, and procedures
- Vitals and measurements you manually enter
- Health journal entries and observations
Device Permissions
Sguardo requests only the permissions necessary to provide its features. All data accessed through these permissions is processed and stored locally on your device.
Camera: Used to photograph paper lab reports and medical documents for OCR (optical character recognition) import. Photos are processed entirely on your device to extract health data. Images are not uploaded to any server and are not retained after processing.
Photo Library (iOS): Used to import health data export files (such as Apple Health exports) that you have saved to your photo library or files. Sguardo does not access photos unrelated to health data import.
Apple Health (iOS): With your permission, Sguardo reads health data including heart rate, blood pressure, weight, blood glucose, steps, sleep, oxygen saturation, body temperature, and other vitals. This data is copied to Sguardo’s local database on your device. Sguardo does not write data back to Apple Health unless you explicitly enable this feature.
Health Connect (Android): With your permission, Sguardo reads health data including heart rate, blood pressure, weight, blood glucose, steps, distance, calories, sleep, oxygen saturation, respiratory rate, body temperature, hydration, nutrition, and exercise records. This data is copied to Sguardo’s local database on your device.
Background Refresh: Sguardo may periodically sync health data from connected sources in the background. This keeps your records up to date without requiring you to open the app. Background sync follows the same privacy principles: data is transferred directly to your device and is not stored on our servers.
Internet: Required to connect to healthcare providers, Medicare, and other authorized data sources. All connections use TLS encryption. Your health data is transmitted directly to your device, not stored on intermediate servers (except where relay is technically required, as described below).
How This Data Is Stored
- All health data is stored locally on your device only
- We do not transmit, store, or have access to your personal health information on any server
- Data is stored in an encrypted local database
- If you enable encrypted backups, backup files are encrypted with a key only you control
Non-Personal Technical Data
We may collect anonymous, aggregate technical data to improve the app:
- App crash reports (without personal health information)
- Feature usage statistics (without personal identifiers)
- Device type and operating system version
How We Use Your Information
Your health data is used solely to:
- Display your health records to you
- Provide health insights and visualizations
- Generate personalized recommendations based on clinical guidelines
- Enable you to track vitals, symptoms, and health observations
We never use your health data for:
- Advertising or marketing
- Sale to third parties
- Research without explicit consent
- Any purpose other than providing the app’s features to you
Data Sharing
We Do Not Share Your Health Data
Because your health data is stored only on your device, we cannot share it — we don’t have access to it. This is by design. We architected Sguardo specifically so that your health data never reaches us. We cannot sell what we do not have.
Connections You Authorize
When you connect Sguardo to external services (healthcare providers, insurance companies, Medicare), you authorize those services to send data to the app on your device. This data transfer:
- Is secured using OAuth 2.0 with PKCE
- Can be disconnected at any time
- Is delivered to your device without being stored on our servers
Proxy Services for API Compatibility
Some healthcare data sources require API calls to originate from a server rather than directly from a mobile application. In these cases, your data may pass through Sound Prediction relay servers. When this occurs:
- Data is transmitted, not stored: Your health data passes through our servers only to relay it to your device
- No logging of health data: We do not log, inspect, read, or retain your personal health information
- Encryption in transit: All data is encrypted using TLS during transmission
- Immediate forwarding: Data is forwarded to your device in real-time and is not cached
- No human access: No Sound Prediction employee views your health data
This relay architecture is used only when required by the data source’s technical requirements. Where possible, data flows directly from the source to your device.
Third-Party Services
The app may connect to:
- Healthcare providers (Epic MyChart, Cerner, etc.) via SMART on FHIR
- Health insurance payers via Patient Access APIs
- CMS Blue Button 2.0 for Medicare beneficiaries
- Apple Health / Google Health Connect for device health data
Each connection requires your explicit authorization and can be revoked at any time.
Data Security
We implement security measures appropriate for protected health information:
- Local database encryption
- TLS 1.3 for all API communications
- OAuth 2.0 with PKCE for authentication (no passwords stored)
- No server-side storage of PHI
- Optional encrypted backups with user-controlled keys
Your Rights and Choices
You have complete control over your data:
- Access: All your data is visible to you in the app
- Export: Export your complete health record at any time
- Delete: Delete any or all data from the app at any time
- Disconnect: Revoke any connected service at any time
- No Account Required: Use the app without creating an account
Children’s Privacy
Sguardo is not intended for use by children under 13. The app supports family profiles where a parent or guardian can manage health records for dependents.
Medicare (Blue Button 2.0) Data
If you connect your Medicare account via CMS Blue Button 2.0:
- Your Medicare claims, coverage, and provider data is transferred directly to your device
- This data is stored only on your device
- Sound Prediction does not have access to your Medicare data
- You can disconnect Medicare access and delete this data at any time
Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any material changes through the app or via email if you have provided one.
Contact Us
If you have questions about this privacy policy or our privacy practices:
Sound Prediction, Inc.
Email: privacy@soundprediction.com
Website: https://soundprediction.com
California Privacy Rights
California residents have additional rights under the CCPA. Because we do not sell personal information and your health data is stored only on your device, most CCPA provisions regarding data sales and server-side data do not apply. You may still contact us to exercise any applicable rights.
HIPAA Notice
Sound Prediction, Inc. is not a covered entity under HIPAA. However, Sguardo is designed to handle protected health information (PHI) with appropriate security safeguards. The local-first architecture means PHI is not transmitted to or stored on our servers, minimizing privacy risks.
This privacy policy applies to the Sguardo mobile and desktop applications published by Sound Prediction, Inc.
