Privacy Policy

Better Balance, Inc. ("Better Balance," "we," "us," or "our") is committed to protecting your privacy and the security of your personal and health information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our fall prevention platform and related services (collectively, the "Services").

Better Balance, Inc. is a Delaware C Corporation. We provide digital health services to healthcare providers and patients in compliance with applicable U.S. and Canadian privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA) and the Personal Information Protection and Electronic Documents Act (PIPEDA).

1. Information We Collect

1.1 Protected Health Information (PHI)

When you or your healthcare provider use our Services, we may collect:

• Personal identifiers (name, date of birth, contact information)
• Health and medical information (fall risk assessments, mobility data, gait analysis results)
• Treatment information (exercise plans, progress tracking, care plans)
• Biometric data (movement patterns, balance metrics, physical activity data)
• Device and sensor data from smartphones used for gait tracking

1.2 Account and Usage Information

We collect information necessary to provide and improve our Services:

• Account credentials and professional information (for healthcare providers)
• Usage data (features accessed, session duration, interaction patterns)
• Technical data (IP address, browser type, device information, operating system)
• Communications with our support team

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our fall prevention Services
• Enable healthcare providers to assess, monitor, and treat patients
• Generate gait analysis, balance assessments, and fall risk reports
• Create personalized exercise programs and care plans
• Facilitate Remote Therapeutic Monitoring (RTM) and billing compliance
• Communicate with you about your account, Services, and support
• Comply with legal obligations and respond to legal requests
• Detect, prevent, and address technical issues and security threats
• Conduct research and analytics to improve our Services (using de-identified data only)

3. Information Sharing and Disclosure

We do not sell your personal or health information. We may share your information only in the following circumstances:

3.1 With Your Healthcare Provider

Patient health information is shared with your authorized healthcare providers to facilitate treatment and care coordination.

3.2 Service Providers

We may share information with trusted third-party service providers who assist us in operating our Services, including:

• Cloud hosting and data storage providers
• Analytics and performance monitoring services
• Customer support and communication platforms
• Payment processors (for healthcare provider billing)

All service providers are bound by Business Associate Agreements (BAAs) and contractual obligations to protect your information in accordance with HIPAA and applicable privacy laws.

3.3 Legal Obligations

We may disclose information when required by law, legal process, court order, or government request, or when necessary to:

• Comply with legal obligations and regulatory requirements
• Protect the rights, property, or safety of Better Balance, our users, or the public
• Prevent fraud, security issues, or technical problems
• Respond to emergencies involving threats to health or safety

3.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

4. Data Security

We implement industry-standard security measures to protect your information, including:

• End-to-end encryption for data in transit and at rest
• Multi-factor authentication and access controls
• Regular security audits and vulnerability assessments
• HIPAA-compliant infrastructure and data centers
• Employee training on privacy and security practices
• Incident response and breach notification procedures

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

5. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of your personal and health information
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your information (subject to legal retention requirements)
• Restriction: Request limitation on how we process your information
• Portability: Request transfer of your information to another provider
• Objection: Object to certain processing activities
• Revoke Consent: Withdraw consent for data processing (where applicable)

To exercise these rights, please contact us using the information provided in Section 10. We will respond to your request within the timeframe required by applicable law (typically 30 days).

6. Data Retention

We retain your information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

• Patient health records: Minimum of 6 years after last treatment or as required by applicable law
• Account information: Duration of active account plus 3 years
• Billing and financial records: 7 years as required by tax and financial regulations
• Security logs and incident reports: 3 years

After the retention period, we securely delete or anonymize your information in accordance with our data retention and disposal procedures.

7. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children without parental or guardian consent. If you believe we have inadvertently collected information from a child, please contact us immediately.

8. International Data Transfers

As a company operating in Canada with services provided to U.S. healthcare organizations, your information may be processed and stored in the United States and Canada. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification to registered users
• Displaying a prominent notice within our Services

Your continued use of our Services after such notification constitutes acceptance of the updated Privacy Policy.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us: