Privacy Policy

Last Updated: July 23rd, 2023

ezPT Technologies Ltd. (“ezPT Tech,” “we,” “us,” and “our”) provides several tools to Physical Therapists to manage patient scheduling, intake, charting and billing. This Privacy Notice is designed to help you understand how we collect, use, and share your personal information and to help you understand and exercise your privacy rights.
We DO NOT and will NEVER sell Your Personal Data to Third Parties.
We will only share or disclose Personal Data as described in this Privacy Policy.

  1. SCOPE
    This Privacy Notice applies to personal information processed by us on our website, our services offered via the website, and our related online and offline offerings. To make this Privacy Notice easier to read, our websites, our services offered via the website, and our related offerings are collectively called “Services.”
    In this Policy, we use the word “Subscriber” to refer to anyone who has subscribed to and paid for use of our patient management platform (for example, a health clinic or health practitioner). We use the word “you” to refer to any individual user of our Services, such as a patient, practitioner or staff member of a Subscriber, or an individual browsing or using our websites and web-based resources.
  2. CHANGES TO OUR PRIVACY NOTICE
    We may revise this Privacy Notice from time to time in our sole discretion. If there are any material changes to this Privacy Notice, we will notify you and require you to accept them before you may continue to use the Services.
  3. NOTICE TO PATIENTS
    If you are a patient of one of our Subscriber clinics or practitioners, your clinic or practitioner controls your patient information, including your contact information, billing details and patient records. Please contact your clinic or practitioner for any questions about your patient information. See the section titled Patient Data below for further information.
  4. PERSONAL INFORMATION WE COLLECT
    The categories of personal information we collect depend on how you interact with us, our Services and the requirements of applicable law. We collect information that you provide to us, information we obtain automatically when you use our Services, and information from other sources such as third-party services and organizations, as described below.
    A. Information You Provide To Us Directly
    We may collect the following personal information that you provide to us.
    • Account Creation. We may collect information when you create an account, such as name, email address, and name and address of your place of work.
    • Purchases. We may collect personal information and details associated with your purchases, including payment information. In some cases, you may need to provide us with additional information to verify your identity before completing a transaction. Any payments made via our Services are processed by third-party payment processors. We do not directly collect or store any payment card information entered through our Services, but we may receive information associated with your payment card information (e.g., your billing details).
    • Your Communications with Us. We may collect personal information, such as email address, phone number, or mailing address when you request information about our Services, register for our newsletter or marketing, request customer or technical support, apply for a job or otherwise communicate with us.
    • Surveys. We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.
    • Interactive Features. We and others who use our Services may collect personal information that you submit or make available through our interactive features (e.g., patient scheduling, intake, charting, billing functionalities, forums, blogs, and social media pages). Any information you provide on the public sections of these features will be considered “public,” unless otherwise required by applicable law, and is not subject to the privacy protections referenced herein.
    • Sweepstakes or Contests. We may collect personal information you provide for any sweepstakes or contests that we offer. In some jurisdictions, we are required to publicly share information of sweepstakes and contest winners.
    • Conferences, Trade Shows, and Other Events. We may collect personal information from individuals when we attend conferences, trade shows, and other events.
    • Business Development and Strategic Partnerships. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities.
    • Job Applications. We may post job openings and opportunities on our Services. If you reply to one of these postings by submitting your application, CV and/or cover letter to us, we will collect and use your information to assess your qualifications.
    B. Information Collected Automatically
    We may collect personal information automatically when you use our Services:
    • Automatic Data Collection. We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, browser or device information, location information (including approximate location derived from IP address), and Internet service provider. We may also automatically collect information regarding your use of our Services, such as pages that you visit before, during and after using our Services, information about the links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services. In addition, we may collect information that other people provide about you when they use our Services, including information about you when they tag you.
    • Cookies, Pixel Tags/Web Beacons, and Other Technologies. We, as well as third parties that provide content, or other functionality on our Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect information through your use of our Services.
    – Cookies. Cookies are small text files placed in device browsers that store preferences and facilitate and enhance your experience.
    – Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in our Services that collects information about engagement on our Services. The use of a pixel tag allows us to record, for example, that a user has visited a particular web page. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.
    Our uses of these Technologies fall into the following general categories:
    • Operationally Necessary. This includes Technologies that allow you access to our Services, applications, and tools that are required to identify irregular website behavior, prevent fraudulent activity and improve security or that allow you to make use of our functionality;
    • Performance-Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how individuals use our Services (see Analytics below);
    • Functionality-Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services or keeping track of your specified preferences, interests, or past items viewed;
    • Advertising- or Targeting-Related. We may use first party or third-party Technologies to deliver content, including ads relevant to your interests, on our Services or on third-party websites.
    See Section 11 below to understand your choices regarding these Technologies.
    • Analytics. We may use Technologies and other third-party tools to process analytics information on our Services.
    • Social Media Platforms. Our Services may contain social media buttons (that might include widgets such as the “share this” button or other interactive mini programs). These features may collect your IP address, which page you are visiting on our Services, and may set a cookie to enable the feature to function properly. Your interactions with these platforms are governed by the Privacy Notice of the company providing it.
    C. Information Collected from Other Sources
    We may obtain information about you from other sources, including through third-party services and organizations. For example, if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site, we may collect information about you from that third-party application that you have made available via your privacy settings.
  5. HOW WE USE YOUR INFORMATION
    We use your information for a variety of business purposes, including to provide our Services, for administrative purposes, and to market our products and Services, as described below.
    A. Provide Our Services
    We use your information to fulfill our contract with you and provide you with our Services, such as:
    • Managing your information and accounts;
    • Providing access to certain areas, functionalities, and features of our Services;
    • Answering requests for customer or technical support;
    • Communicating with you about your account, activities on our Services, and policy changes;
    • Processing your financial information and other payment methods for products or Services purchased;
    • Processing applications if you apply for a job, we post on our Services; and
    • Allowing you to register for events.
    B. Administrative Purposes
    We use your information for various administrative purposes, such as:
    • Pursuing our legitimate interests such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;
    • Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
    • Measuring interest and engagement in our Services;
    • Short-term, transient use, such as contextual customization of ads;
    • Improving, upgrading or enhancing our Services;
    • Developing new products and Services;
    • Ensuring internal quality control and safety;
    • Authenticating and verifying individual identities;
    • Debugging to identify and repair errors with our Services;
    • Auditing relating to interactions, transactions and other compliance activities;
    • Enforcing our agreements and policies; and
    • Complying with our legal obligations.
    C. Marketing and Advertising our Products and Services
    We may use personal information to tailor and provide you with content and advertisements. We may provide you with these materials as permitted by applicable law.
    Some of the ways we may market to you include email campaigns, custom audiences advertising and “interest-based” or “personalized advertising,” including through cross-device tracking.
    If you have any questions about our marketing practices or if you would like to opt out of the use of your personal information for marketing purposes, you may contact us at any time as set forth below.
    D. Other Purposes
    We also use your information for other purposes as requested by you or as permitted by applicable law.
    • Consent. We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.
    • De-identified and Aggregated Information. We may use personal information and other information about you to create de-identified and/or aggregated information, such as de-identified demographic information, de-identified location information, information about the device from which you access our Services, or other analyses we create.
    • Share Content with Friends or Colleagues. Our Services may offer various tools and functionalities. For example, we may allow you to provide information about your friends or colleagues through our referral services. Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services.
  6. LEGAL BASIS (GDPR EU/UK)
    For personal information that is subject to the General Data Protection Regulation (GDPR), we rely on the following legal bases for collecting and using your personal information:
    • Your consent
    • Our legitimate interests (which are not overridden by your privacy rights), such as operating our business, understanding and improving our Services, direct marketing related to our Services, communicating with our Subscribers and users about our Services, events or related resources, improving our websites and protecting our legal rights and interests.
    You may withdraw your consent at any time. Where we are using your personal information for our legitimate interests, you have the right to object to that use. See below under YOUR PRIVACY CHOICES AND RIGHTS for how to withdraw consent or object.
    If you are a patient of one of our Subscriber clinics, please contact your clinic or practitioner if you have any questions about the legal basis for collecting and using your personal information. Our Subscribers may have a different legal basis for collecting and using a patient’s personal information, such as providing health care or treatments as a regulated healthcare professional.
  7. PATIENT DATA
    Patient Data. Subscribers use our patient management platform to collect personal information from their patients and create patient records. These records may include a patient’s name, address, health insurance and billing information, medical charts, appointment history and other patient data (“Patient Data”). This information is sometimes referred to as “personal health information”, “protected health information”, “data concerning health” or “sensitive data” depending on the location of the Subscribers and the privacy laws applicable to them. If you are a patient, Patient Data is collected from you when you book an appointment with your Subscriber clinic or practitioner and when you set up an account with the Subscriber clinic through our online booking website.
    Subscriber’s Role. Subscribers retain sole control over Patient Data and may be referred to as a “health information custodian”, a “covered entity” or a “controller” depending on their location and the privacy laws applicable to them.
    Subscribers determine:
    • What Patient Data to collect;
    • How the Subscriber will use the Patient Data;
    • Who has access to Patient Data;
    • How long the Subscriber will store Patient Data; and
    • On what basis the Subscriber may delete Patient Data.
    Subscribers are responsible for complying with laws and regulations governing the use of Patient Data, and for determining the legal basis for such use.
    ezPT Tech’s Role. ezPT Tech is a service provider to Subscribers and may be referred to as an “agent”, “business associate” or “processor” of the Subscriber. ezPT Tech stores Patient Data in its secure data centers and makes it available to Subscribers and their users through our patient management platform. ezPT Tech otherwise has no control over Patient Data. ezPT Tech will only access Patient Data on the instructions of the Subscriber or its practitioners or staff or, in rare cases, where needed in order to prevent or address technical problems or if required by law or court order.
    Storage Location. We currently serve Subscribers and their patients located in the Unites States only. Patient Data is stored in the data centers located in the United States. When we expand to other countries, Patient Data will be stored in the regional data center for the location chosen by the Subscriber during the sign-up process. If we do not have a data center in the Subscriber’s region, Patient Data will be stored in our United States data center, unless otherwise requested by the Subscriber. Please note that we use US-based service providers for appointment reminders sent by email or SMS and, therefore, Patient Data contained in appointment reminders will go through and may be stored temporarily in the United States. All our data centers and service providers maintain a high level of security and are compliant with applicable privacy laws.
    Patient Rights. Patients have certain rights with respect to their Patient Data, which may include knowing what information your Subscriber clinic has about you, correcting any inaccurate Patient Data, obtaining a record of your Patient Data and, in certain circumstances, deleting or removing your Patient Data. Please note that Subscribers have strict legal and regulatory obligations around Patient Data and may not always be permitted to delete or remove Patient Data.
    Questions about Patient Data. If you have any questions about your Patient Data or wish to exercise any or your patient rights, please contact your Subscriber clinic or practitioner. If your Subscriber clinic or practitioner has any questions about the management of Patient Data in the Services, they may contact us and we will support them as needed to respond to your request. Please note that, in order to maintain strict security of your Patient Data, we can only access Patient Data upon instruction from the Subscriber.
  8. HOW WE DISCLOSE YOUR INFORMATION
    We do not sell your personal information. We disclose your information to third parties for a variety of business purposes, including to provide our Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer, as described below.
    A. Disclosures to Provide our Services
    The categories of third parties with whom we may share your information are described below.
    • Service Providers. We may share your personal information with our third-party service providers who use that information to help us provide our Services. This includes service providers that provide us with IT support, hosting, payment processing, customer service, and related services.
    • Business Partners. We may share your personal information with business partners to provide you with a product or service you have requested. We may also share your personal information to business partners with whom we jointly offer products or services.
    • Affiliates. We may share your personal information with our company affiliates, for our administrative purposes including activities such as IT management, for them to provide services to you, or to support and supplement the Services we provide.
    • APIs/SDKs. We may use third-party application program interfaces (“APIs”) and software development kits (“SDKs”) as part of the functionality of our Services. For more information about our use of APIs and SDKs, please contact us as set forth below.
    B. Disclosures to Protect Us or Others
    We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our, or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.
    C. Disclosure in the Event of Merger, Sale, or Other Asset Transfers
    If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be transferred as part of such a transaction, as permitted by law and/or contract.
    D. Anonymized/Aggregated Data
    ezPT Tech may use computer-generated algorithms to gather anonymous and aggregated information from our Subscribers and their Patient Data in order to assist in our continued development and improvement of the Services, and for research, data analysis, benchmarking, statistics or trend analysis. We will ensure that none of the information we gather identifies, or could be used to identify, any user or patient. ezPT Tech may share such anonymized information with Subscribers and others, for example, by providing insights into most common conditions, most popular treatments or benchmarking fees against industry or regional norms.
  9. SECURITY
    We protect your personal information, including Patient Data stored in our platform, by:
    • Using industry standard security controls such an encryption and an SSL (Secured Sockets Layers) certificate to ensure information is transmitted over a secured connection between your browser and our web server.
    • Using state-of-the-art data centers that are HIPAA compliant with appropriate security and compliance certifications.
    • Having our personnel sign strict confidentiality agreements to ensure they understand the confidential nature of the data we process, and only accessing your account when you request assistance from us.
    • Requiring password protection of your user account with a password set by you. We cannot access or identify your password. The only way to recover a password is for you to initiate a reset via the email address you use for the Services.
    While we employ industry standard measures to protect your information, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized disclosure. You share responsibility for protection of your personal information by setting a strong password and by keeping your username and password confidential. By using our Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on our Services, by mail or by sending an email to you.
  10. RETENTION PERIOD OF PERSONAL INFORMATION
    We retain personal information only for as long as necessary to achieve our stated purposes, or as required by applicable law. For example, Contact and Billing information is kept for as long as a Subscriber account is active and for a reasonable period after it has been deactivated in the event you or your Subscriber wishes to re-activate the account. User account information may also be retained as necessary to comply with our legal obligations, comply with applicable laws, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, or maintain our relationship with your Subscriber organization. Credit card information is never kept or stored by us.

If you are a patient of one of our Subscriber clinics, please contact your clinic or practitioner for information regarding the storage period for your Patient Data.

  1. YOUR PRIVACY CHOICES AND RIGHTS
    Your Privacy Choices. The privacy choices you may have about your personal information are determined by applicable law and are described below.
    • Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding our Services or updates to our Terms of Service or this Privacy Notice).
    • “Do Not Track.” Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
    • Cookies and Interest-Based Advertising. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. However, if you adjust your preferences, our Services may not work properly. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt-out of personalized advertisements on some mobile applications by following the instructions for Android, iOS and others.
    The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada.
    Please note you must separately opt out in each browser and on each device.
    Your Privacy Rights. In accordance with applicable law, you may have the right to:
    • Access Personal Information about you, including: (i) confirming whether we are processing your personal information; (ii) obtaining access to or a copy of your personal information;
    • Request Correction of your personal information where it is inaccurate, incomplete or outdated. In some cases, we may provide self-service tools that enable you to update your personal information;
    • Request Deletion, Anonymization or Blocking of your personal information when processing is based on your consent or when processing is unnecessary, excessive or noncompliant;
    • Request Restriction of or Object to our processing of your personal information;
    • Withdraw Your Consent to our processing of your personal information. If you refrain from providing personal information or withdraw your consent to processing, some features of our Service may not be available. In addition, all our marketing email messages contain the ability to automatically “opt-out” or unsubscribe from our mailing lists and marketing messages.;
    • Request a portable copy of your personal information;
    • Be Informed about third parties with which your personal information has been shared; and
    • Lodge a complaint with a supervisory authority (i.e., the independent public authority responsible for monitoring data protection laws in your country). You may also contact the Information and Privacy Commissioner of British Columbia (for British Columbia matters) (http://www.oipc.bc.ca/) or the Privacy Commissioner of Canada (for international matters and inter-provincial matters) (http://www.priv.gc.ca/).
    There may be some cases where we cannot provide you with certain information about you if it would mean disclosure of personal information of another person or other confidential information, or if it would compromise our security systems. If you require access to your personal information, please Contact Us. We will respond to you within thirty (30) days of receiving your request. We may charge a fee where permitted by applicable law.
    If you would like to exercise any of these rights, please contact us as set forth in Section 15 below. We will process such requests in accordance with applicable laws
  2. INTERNATIONAL DATA TRANSFERS
    All information processed by us may be transferred, processed, and stored in the United States, which may have data protection laws that are different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws.
  3. CHILDREN’S INFORMATION
    The Services are not directed to children under 18 (or other age as required by local law), and we do not knowingly collect personal information from children. If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below. If we learn that we have collected a child’s personal information in violation of applicable law, we will promptly take steps to delete such information.
  4. THIRD-PARTY WEBSITES/APPLICATIONS
    The Services may contain links to other websites/applications and other websites/applications may reference or link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Providing personal information to third-party websites or applications is at your own risk.
  5. CONTACT US
    If you have any questions about our privacy practices or this Privacy Notice, or to exercise your rights as detailed in this Privacy Notice, please contact us (ezPT Technologies Ltd.) at:
    reachout@ezpttech.com