Privacy Policy

Last Updated: December 19, 2025

1. Introduction

Reability ("we," "our," or "us") is a physiotherapy services provider headquartered in Bangalore, Karnataka, India. We are committed to protecting your privacy and handling your personal information with care and transparency.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, website, and physiotherapy services (collectively, the "Services"). This policy applies to all users of our Services across India.

By using our Services, you consent to the practices described in this Privacy Policy in accordance with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

2. Information We Collect

2.1 Personal Information

  • Full name, email address, and phone number
  • Date of birth, gender, and blood type
  • Residential addresses (for home visit services)
  • Emergency contact details
  • Profile photograph (optional)

2.2 Sensitive Personal Data (Health Information)

As a healthcare provider, we collect health-related information classified as Sensitive Personal Data under Indian law:

  • Medical conditions, diagnoses, and symptoms
  • Medications and allergies
  • Treatment history and physiotherapy records
  • AI-generated health assessments (gait analysis, range of motion)
  • Exercise logs and progress data
  • Videos and images captured during assessments

2.3 Device and Usage Information

  • Device type, operating system, and unique device identifiers
  • IP address and approximate location (city level)
  • App usage patterns and feature interactions
  • Crash logs and performance data

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: Providing physiotherapy consultations, creating personalized treatment plans, and delivering home visit services
  • AI-Powered Assessments: Processing videos for gait analysis, form correction, and range of motion measurements
  • Appointment Management: Scheduling, reminders, and practitioner assignment
  • Progress Tracking: Monitoring recovery and generating health insights
  • Communication: Sending appointment reminders, exercise notifications, and important service updates
  • Quality Improvement: Analyzing usage patterns to enhance our Services
  • Legal Compliance: Meeting regulatory requirements and responding to legal requests

4. Data Sharing and Disclosure

We may share your information with:

  • Physiotherapists: Your assigned practitioners access relevant health information to provide treatment
  • Service Providers: Trusted third parties who assist in operating our Services (Convex for database, Clerk for authentication, Razorpay for payments)
  • Legal Requirements: When required by law, court order, or government authority
  • Emergency Situations: With emergency contacts or medical professionals when necessary for your safety

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

We implement reasonable security practices as required under the IT Rules, 2011, including:

  • Encryption of data in transit (HTTPS/TLS) and at rest
  • Secure authentication with password hashing
  • Role-based access controls for staff
  • Regular security audits and vulnerability assessments
  • Secure cloud infrastructure hosted in India-compliant regions

6. Your Rights

Under Indian data protection laws, you have the right to:

  • Access: Request a copy of your personal data held by us
  • Correction: Request correction of inaccurate or incomplete information
  • Withdrawal of Consent: Withdraw consent for data processing (may affect service availability)
  • Data Portability: Request your data in a commonly used format
  • Deletion: Request deletion of your personal data, subject to legal retention requirements

To exercise these rights, contact our Grievance Officer at privacy@reability.in

7. Cookies and Tracking

Our website uses cookies and similar technologies for:

  • Session management and authentication
  • Remembering user preferences
  • Analytics to improve our Services

You can control cookie preferences through your browser settings. Disabling cookies may affect certain website functionality.

8. Third-Party Services

Our Services integrate with:

  • Convex: Database and backend services
  • Clerk: Authentication and user management
  • Razorpay: Payment processing (we do not store full payment card details)
  • YouTube: Exercise video content delivery

These services have their own privacy policies, and we encourage you to review them.

9. Data Retention

We retain your data for as long as necessary to provide our Services and comply with legal obligations:

  • Medical records: Minimum 3 years as per medical practice guidelines
  • Financial records: 8 years as per Indian tax laws
  • Account data: Until account deletion request
  • Anonymous analytics: Indefinitely

10. Children's Privacy

Our Services may be used by minors (under 18) for pediatric physiotherapy with parental/guardian consent. Parents or guardians must create and manage accounts for minor patients and provide consent for data collection.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes through the app, email, or website notice. Continued use of our Services after changes constitutes acceptance of the updated policy.

12. Contact Information

For questions, concerns, or to exercise your rights, contact:

Grievance Officer

Reability Healthcare Private Limited

Bangalore, Karnataka, India

Email: privacy@reability.in

Response time: Within 30 days of receiving your request

13. Governing Law

This Privacy Policy is governed by the laws of India, including the Information Technology Act, 2000 and applicable rules. Any disputes shall be subject to the exclusive jurisdiction of courts in Bangalore, Karnataka.