Pilot BetaOnboarding Canadian physio clinics to shape the product.Contact us to learn more.

Privacy Policy

Effective Date: March 4, 2026

1. Overview

Rehablytics Software Inc. ("Rehablytics", "we", "us", or "our") is committed to protecting the privacy and security of personal information entrusted to us. This Privacy Policy describes how we collect, use, disclose, store, and safeguard information when individuals, healthcare providers, and clinics use our websites, mobile applications, and software platform (collectively, the "Services").

By accessing or using the Services, you agree to the practices described in this Privacy Policy.

2. Scope of This Policy

This Privacy Policy applies to information collected:

  • Through the Rehablytics web platform, mobile applications, and patient portals
  • During communications with us, including email and customer support
  • Through integrations authorized by clinics or users
  • Through analytics and operational tools supporting the Services

This policy does not apply to third-party services not controlled by Rehablytics.

3. Role of Rehablytics (Important for Clinics)

Rehablytics provides software tools that assist healthcare providers and clinics in monitoring patient recovery and engagement.

  • Healthcare providers and clinics are the custodians/controllers of patient health information.
  • Rehablytics acts as a service provider (data processor) on behalf of clinics when handling patient data.

Rehablytics does not provide medical advice, diagnosis, or treatment.

4. Applicable Privacy Laws

We design our Services to align with applicable privacy regulations, including:

  • Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Applicable provincial health privacy laws (e.g., PHIPA in Ontario, HIA in Alberta, PIPA in British Columbia)
  • U.S. HIPAA requirements where applicable through contractual agreements with healthcare providers

5. Information We Collect

a. Personal Information

Information that identifies or relates to an individual, including:

  • Name, email address, and contact information
  • Account credentials
  • Clinic or provider affiliation
  • Professional credentials (for providers)

b. Health and Recovery Information

When used by clinics or patients, we may process health-related data such as:

  • Injury or condition information
  • Recovery protocols and exercises
  • Pain scores and progress logs
  • Exercise adherence data
  • Session notes or clinician observations
  • Patient-reported outcomes

This information may constitute personal health information under applicable laws.

c. Technical and Usage Data

We automatically collect:

  • Device type and operating system
  • IP address and approximate location
  • Application usage metrics
  • Feature interactions and performance data

d. Cookies and Analytics

We use cookies and analytics technologies to:

  • Maintain session functionality
  • Improve performance
  • Understand product usage trends

Users may manage cookie preferences through browser settings.

6. How We Use Information

We use information to:

  • Provide and operate the Services
  • Enable clinics to monitor patient recovery and engagement
  • Generate analytics, dashboards, and summaries
  • Improve product performance and reliability
  • Provide customer support
  • Communicate operational updates
  • Maintain security and prevent misuse
  • Meet legal and regulatory obligations

7. Artificial Intelligence and Automated Processing

Rehablytics uses artificial intelligence and machine learning technologies to assist with:

  • Generating summaries of recovery progress
  • Identifying engagement or adherence trends
  • Supporting clinician insights and workflow efficiency

AI-generated outputs are intended as decision-support tools only and do not replace clinical judgment.

We may use de-identified or aggregated data to improve algorithms and system performance.

8. Sharing of Information

We share information only when necessary:

  • With authorized healthcare providers or clinics
  • With service providers supporting hosting, analytics, messaging, or infrastructure
  • To comply with legal obligations or lawful requests
  • During corporate transactions such as mergers or acquisitions
  • With user or clinic consent

We do not sell personal information.

9. Data Storage and Security

We implement administrative, technical, and physical safeguards designed to protect information, including:

  • Encryption in transit and at rest
  • Access controls and authentication safeguards
  • Secure cloud infrastructure providers
  • Monitoring for unauthorized access

While we strive to protect data, no system can guarantee absolute security.

10. Data Retention

We retain personal information only as long as necessary to:

  • Provide Services
  • Fulfill contractual obligations with clinics
  • Comply with legal and regulatory requirements

Clinics may request deletion or export of patient data subject to applicable healthcare record retention laws.

11. Your Privacy Rights

Depending on your jurisdiction, individuals may have rights to:

  • Access personal information
  • Request corrections
  • Request deletion where legally permitted
  • Withdraw consent for certain processing activities

Requests may be submitted through the clinic or by contacting us directly.

12. International Data Transfers

Information may be processed or stored in Canada, the United States, or other jurisdictions where our service providers operate. We take steps to ensure appropriate safeguards are in place.

13. Children's Privacy

The Services are not intended for individuals under 18 unless authorized and supervised by a healthcare provider or guardian where permitted by law.

14. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated through the Services or via notification.

15. Contact Us

Rehablytics Software Inc.

Email: info@rehablytics.com