Skip to main content

NRP Sim Lite - Privacy Policy

Effective Date: October 8, 2025
Last Updated: October 8, 2025

Copyright © 2025 nrpsim.com. All rights reserved.

OVERVIEW

NRP Sim Lite is designed with privacy as a core principle. We collect minimal data necessary for the app's functionality and do not collect, store, or share any personal information about our users.

Privacy Summary:

  • No personal information collected (no names, emails, phone numbers)
  • Anonymous session data only (randomly generated identifiers)
  • 24-hour maximum data retention (automatically deleted)
  • No device tracking (no IMEI, MAC addresses, or serial numbers)
  • No analytics, advertising, or third-party sharing
  • Scenario summaries stay on your device (never uploaded)
  • GDPR and CCPA compliant (minimal data collection)
  • No user accounts or registration required
  • No camera access (QR scanning disabled)

What We Store (Temporarily in Cloud):
Session codes, anonymous device IDs, vital signs (heart rate, SpO2), connection status, and timestamps. All automatically deleted after 24 hours.

What Stays on Your Device Only:
Scenario summaries, event logs, and audio/haptic feedback.

DATA CONTROLLER

nrpsim.com is the data controller for any data processed through NRP Sim Lite. nrpsim.com operates as an independent developer.

Contact Information:

WHAT DATA WE COLLECT

Cloud Data (Stored Temporarily)

We store minimal, anonymous session data to enable device communication between controllers and monitors:

  • Session code (randomly generated for device pairing, e.g., "ABC123")
  • Anonymous device identifiers (randomly generated, not actual device information)
  • Vital signs data (heart rate, oxygen saturation values during training)
  • Connection status (connected/disconnected states)
  • Session states (paused, timer running)
  • Timestamps (session creation and update times)

Retention: All session data is automatically deleted after 24 hours maximum

Local Data (Never Uploaded)

  • Haptic feedback usage (processed locally, no data stored)
  • Debrief summary (generated locally, displayed in modal, not persisted)
  • Scenario event logs (stay on device only, cleared when session ends)
  • Audio playback data (processed locally)
  • Screen wake state (keep-awake during active sessions)

Data We Do NOT Collect

  • No personal information (names, emails, phone numbers)
  • No actual device identifiers (IMEI, MAC address, device serial numbers)
  • No device information (device type, OS version, manufacturer)
  • No analytics or crash reporting data
  • No diagnostic data or error logs
  • No user behavior tracking
  • No location data
  • No IP addresses
  • No camera data or images (camera access not used)

HOW WE USE DATA

The minimal data we process is used solely for:

  1. Device Communication: Enabling real-time communication between controller and monitor devices during training sessions
  2. Session Management: Managing active training sessions and device connections
  3. Vital Signs Synchronization: Transmitting heart rate and oxygen saturation values between devices in real-time
  4. Screen Wake Management: Keeping screen awake during active training sessions (local device feature only)

Data is NOT used for:

  • User profiling or behavior analysis
  • Advertising or marketing
  • Third-party sharing or selling
  • Analytics or performance tracking
  • Cross-session analysis or historical tracking

DATA STORAGE AND RETENTION

Cloud Storage (Supabase)

  • Session data is stored temporarily during active training sessions
  • All data transmission between devices occurs through Supabase (no Bluetooth, WiFi Direct, or local network communication)
  • All session data (active, inactive, interrupted, or completed) is automatically deleted after 24 hours
  • Automated cleanup runs once every 24 hours to permanently delete sessions older than 24 hours
  • No long-term data retention
  • No export or download features for session data

Local Device Storage

  • Debrief summaries are generated locally and displayed in a modal (not persisted to storage)
  • Scenario event logs are kept in memory during session only (cleared when session ends)
  • No persistent local data storage
  • No diagnostic or crash logs stored
  • No cached data or temporary files

DATA SHARING

We do not share any data with third parties.

  • No data is sold, rented, or shared with advertisers
  • No data is shared with marketing companies
  • No data is shared with analytics services
  • Session data remains within our secure infrastructure solely for app functionality

THIRD-PARTY SERVICES

Backend Infrastructure

  • Supabase: Used for secure, temporary session data storage and real-time communication
  • Data is processed within Supabase's secure infrastructure
  • No personal data is shared with Supabase beyond anonymous session information

Third-Party Libraries

Our app uses standard, privacy-focused libraries including:

  • React Native framework components
  • Expo development platform
  • Audio playback libraries
  • UI component libraries
  • QR code generation library (display only, no scanning)

None of these libraries collect or transmit personal data.

APP PERMISSIONS

Network Access

  • Purpose: Device communication through secure servers (Supabase)
  • Transmission: All session data transmitted via internet connection
  • No Local Networks: Does not use Bluetooth, WiFi Direct, or local network connections

Wake Lock (Keep Screen Awake)

  • Purpose: Prevents screen from sleeping during active training sessions
  • Duration: Only active during training sessions, automatically released when paused or session ends
  • Battery: Controller intelligently disables wake lock when paused to save battery
  • Privacy: No data collected or transmitted related to this feature

Audio and Haptics

  • Purpose: Audio playback for training scenarios and haptic feedback for user interface interactions
  • Processing: All processed locally on device
  • Storage: No audio or haptic data is stored or transmitted

Permissions NOT Used

  • Camera: Not requested or used (QR scanning feature disabled)
  • Microphone: Not requested or used (app does not record audio)
  • Location: Not requested or used
  • Contacts: Not requested or used
  • Storage: Not requested or used (no file saving)

SESSION CODE ENTRY

Manual Entry Only:

  • Controller device joins sessions by manually entering a 6-digit code displayed on the monitor
  • No QR code scanning (camera access not required)
  • Session codes are randomly generated and temporary (valid for 24 hours maximum)
  • Codes are not linked to any personal information

COMPLIANCE

International Data Protection

GDPR (European Union):

  • Legal Basis: Legitimate interest for providing educational software functionality
  • Data Minimization: Only minimum data necessary for app functionality
  • Right to Information: Transparent information provided in this policy
  • Right to Erasure: All session data automatically deleted after 24 hours
  • Data Portability: Not applicable as we don't store personal data

CCPA (United States):

  • No Personal Information: We do not collect personal information as defined by CCPA
  • No Sale of Data: We do not sell any data to third parties
  • Anonymous Data: All data processed is anonymous and not linked to individuals

India Data Protection:

  • Compliance: Minimal data processing complies with Indian data protection requirements
  • Jurisdiction: This privacy policy is governed by Indian law

CHILDREN'S PRIVACY

NRP Sim Lite is intended for medical professionals, students, and trainees in healthcare education. The app does not include age verification mechanisms. We do not knowingly collect personal data from children under 13 (or under 16 in the EU). Since we do not collect personal information, age-specific data protection concerns are minimal. Parents and educators should supervise use by minors. If you believe we have inadvertently collected personal data from a child, please contact us immediately.

DATA SECURITY

Technical Safeguards

  • Secure, encrypted connections for all data transmission
  • Industry-standard database security measures (Supabase infrastructure)
  • Temporary, session-based data storage (maximum 24 hours)
  • Automatic deletion of all sessions older than 24 hours (cleanup runs daily)
  • No persistent storage of sensitive information
  • Anonymous identifiers only (no real device information)

Operational Safeguards

  • Limited access to backend systems
  • Regular security reviews
  • Minimal data collection by design
  • No diagnostic or error logging to minimize data exposure

Security Incidents

  • While we implement industry-standard security measures, no system is completely secure
  • We rely on our third-party infrastructure provider (Supabase) for backend security
  • In the event of a security breach affecting our infrastructure, we will assess the impact and take appropriate action
  • Users are encouraged to report security concerns to [email protected]

User Reporting

  • If you experience app malfunctions or issues, please report them via email to [email protected]
  • No automatic crash reporting or diagnostic data is collected

FUTURE UPDATES AND FEATURES

As NRP Sim Lite evolves, we may introduce new features that could require additional data collection to improve functionality and user experience. Examples may include:

  • Progress tracking or performance analytics
  • Training certificates or completion records
  • Institutional dashboards or reporting features
  • Re-enabling QR code scanning for easier session joining

Important Commitments:

  • Any new data collection will be clearly disclosed in an updated privacy policy
  • Users will be notified of significant privacy policy changes
  • Core privacy principles (minimal data collection, no personal information) will be maintained
  • New features requiring data collection will be optional whenever possible
  • If camera access is re-enabled, it will only be used for local QR code scanning (no images stored or transmitted)

UPDATES TO THIS POLICY

We may update this privacy policy to reflect changes in our practices, new features, or legal requirements. Updates will be posted at:

  • nrpsim.com/lite/privacy
  • Within the NRP Sim Lite application

Notification of Changes:

  • Material changes will be highlighted in app updates
  • Users are encouraged to review this policy periodically
  • Continued use of the app after policy updates constitutes acceptance of the revised terms

NO USER ACCOUNTS OR TRACKING

No User Accounts:

  • No user registration, login, or accounts required
  • No usernames, passwords, or authentication credentials
  • App is fully functional without any personal identification

No Tracking Technologies:

  • No advertising trackers
  • No analytics cookies
  • No user behavior tracking
  • No cross-app tracking
  • No marketing pixels
  • No social media trackers
  • No crash reporting services
  • No error logging services

APP STORE DATA COLLECTION

When you download NRP Sim Lite from app stores (Google Play Store, Apple App Store), these platforms may collect their own data independently:

Data Collected by App Stores:

  • Download and installation metrics
  • Device information (model, OS version)
  • App usage statistics
  • Crash reports (if enabled in your device settings)
  • Geographic location (country/region)

Important:

  • This data is collected by Google/Apple, not by NRP Sim Lite
  • Governed by the respective app store's privacy policy
  • Manage settings in your device/app store account
  • NRP Sim Lite has no access to or control over this data

Learn More:

CONTACT US

For questions about this privacy policy or our data practices:

Email: [email protected]
Website: nrpsim.com

COMMITMENT TO PRIVACY

NRP Sim Lite is committed to protecting user privacy while providing valuable medical training tools. Our privacy-by-design approach ensures minimal data collection and maximum protection for users.

Document Version: 1.1
Effective Date: October 8, 2025
Next Review Date: October 8, 2026

© 2025 nrpsim.com - All Rights Reserved