Privacy Policy
Last Updated: November 2025
1. Introduction
RehabPalAI ("Company", "we", "our", or "us") operates the RehabPalAI website and mobile application (collectively, the "Service"). This Privacy Policy explains our data collection, use, and protection practices when you access and use our Service.
We are committed to protecting your privacy and ensuring you have a positive experience on our platform. Please read this Privacy Policy carefully. If you do not agree with our practices, please do not use our Service.
2. Information We Collect
We collect various types of information in connection with the services we provide:
2.1 Personal Information
- Account Information: Name, email address, password, date of birth, phone number (optional)
- Health Information: Medical history, injury type, surgery type, graft information, recovery stage, pain levels, and rehabilitation progress
- Assessment Data: Initial assessment responses, fitness level, activity history, goals, and limitations
2.2 Biometric Data
- Motion Tracking: Video footage of your movements during exercise analysis (processed locally; not stored on our servers)
- Movement Patterns: Analyzed body position, posture, joint angles, and movement metrics
2.3 Usage Data
- Exercise performance metrics (repetitions, form quality, duration)
- Progress tracking data and recovery milestones
- Feature usage and interaction patterns
- Device information and browser details
2.4 Automatically Collected Data
- IP address and geolocation data
- Cookies and similar tracking technologies
- Log data (access times, pages viewed, referrer information)
3. How We Use Your Information
We use the information we collect for the following purposes:
- Service Delivery: Creating your account, providing personalized rehabilitation programs, and delivering the core Service
- AI Personalization: Analyzing your data to personalize your exercise program and adapt difficulty based on progress
- Form Correction: Real-time analysis of your movement to provide feedback and prevent injury
- Progress Tracking: Monitoring your recovery journey and generating insights and reports
- Communication: Sending service-related updates, support responses, and promotional content (with your consent)
- Analytics: Understanding usage patterns to improve our Service
- Security: Detecting, investigating, and preventing fraudulent or unauthorized activity
- Legal Compliance: Meeting legal and regulatory requirements
4. Data Security
We implement comprehensive security measures to protect your data:
- Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest using industry-standard encryption
- Access Controls: Strict access controls limit who can view your health information
- Video Processing: Motion tracking video is processed locally on your device and is not stored on our servers
- Regular Security Audits: We conduct regular security assessments and penetration testing
- Secure Data Centers: Data is stored on secure, HIPAA-compliant cloud infrastructure
While we implement robust security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining the highest standards.
5. Data Sharing and Disclosure
We do not sell your personal or health data to third parties. We only share your information in the following circumstances:
- Service Providers: With third-party service providers who assist in delivering our Service (cloud hosting, analytics) under strict confidentiality agreements
- Legal Requirements: When required by law, court order, or government authority
- Safety: When necessary to protect health and safety in case of emergency
- Your Consent: With your explicit consent for other purposes
6. Your Rights and Control
You have the right to control your personal information:
- Access: Request access to your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your data (subject to legal retention requirements)
- Portability: Receive your data in a portable format
- Opt-Out: Unsubscribe from promotional communications
To exercise these rights, please contact us at hello@rehabpal.ai.
7. Cookies and Tracking
We use cookies to enhance your experience. You can control cookie preferences through your browser settings. Disabling cookies may affect your ability to use certain features of the Service.
8. Third-Party Links
Our Service may contain links to third-party websites. We are not responsible for the privacy practices of external sites. We encourage you to review their privacy policies before providing your information.
9. Children's Privacy
RehabPalAI is not intended for individuals under 18 years old. We do not knowingly collect information from children. If we become aware that a child has provided us with personal information, we will promptly delete it.
10. Data Retention
We retain your personal and health data as long as your account is active or as needed to provide services. You can request deletion of your account at any time, which will result in the removal of your data (except where retention is required by law).
11. International Data Transfer
Your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have different data protection laws. By using RehabPalAI, you consent to the transfer of your information internationally.
12. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us at:
Email: hello@rehabpal.ai
Website: rehabpal.ai
13. Policy Changes
We may update this Privacy Policy periodically. We will notify you of significant changes via email or by posting the updated policy on our website. Your continued use of the Service constitutes acceptance of the updated Privacy Policy.