Privacy Notice – OrthoTherapy
Last updated: February 2026
At OrthoTherapy – Physical Therapy and Rehabilitation Clinic, we protect the privacy of patients, staff members, and administrators. This Privacy Notice explains what personal data is collected through the OrthoTherapy mobile app, why it is used, how it is stored, and how you can exercise your rights.
1. Data Controller
OrthoTherapy – Physical Therapy and Rehabilitation Clinic
📍 Av. Homero 1339 – 2nd Floor, Polanco, Polanco II Secc, Miguel Hidalgo, 11550 Mexico City, CDMX, Mexico
📞 Phone: +52 55 5173 1743
📱 WhatsApp: +52 55 7663 3438
📧 Privacy email: orthotherapyc@gmail.com
🌐 Website: https://orthotherapy.co/
2. Personal Data We Collect
a) Identification and contact
Name
Email address
Phone number
Physical address (if the user enters it in their profile)
b) Clinical and health information (authorized staff only, according to permissions)
Medical record data and treatment progress
Reason for visit, symptoms, medical history, and other care-related records
Clinical files: imaging (e.g., X-rays), prescriptions, lab results, interpretations, and other medical documents
c) Content provided by the user or authorized staff
Photos, videos (e.g., exercise videos), and PDF documents uploaded through the app
d) Technical and operational data
Internal user identifier (Firebase UID)
Minimal technical data required for app operation and security (e.g., device information, crash/error events, and session-related data)
In some cases, limited network information such as IP address may be logged for security, abuse prevention, and technical support
Note: The app uses cloud infrastructure to authenticate users and store information (e.g., Google Firebase). We do not collect data for advertising purposes.
3. Purposes of Processing
We use personal data only for:
Clinical and administrative operations: user management by role (administrator/staff/patient).
Appointments and visits: scheduling, management, and tracking of appointments and visit records.
Medical records: creation, updates, and access by authorized staff.
Clinical file management: uploading, viewing, organizing, and backing up documents, photos, and videos related to care.
Authentication and security: login, access control, and prevention of unauthorized access.
Operational notifications: communications related to care and app usage.
Technical support and stability: troubleshooting, diagnosing issues, and improving performance.
We do not use your data for advertising, do not sell personal information, and do not share it with third parties outside the clinic except as described in Section 8 (Disclosures).
4. Analytics and usage measurement (current status and future improvements)
Currently, the app may log minimal technical information required for operation and security (for example, error events or necessary operational events).
If we enable analytics tools in the future to measure performance and usage (for product improvement and support), we will do so in a limited manner, with no advertising purposes, and this Notice will be updated accordingly.
5. Legal Basis and Consent
We process personal data based on:
Your consent when you register, use the app, provide information, and upload content.
The healthcare and administrative service relationship required to deliver care and operate the app.
Compliance with applicable legal obligations.
Health data is considered sensitive; we apply enhanced safeguards and role-based access restrictions, and we process it strictly for clinical and administrative purposes related to care.
6. Data Retention and Deletion
Data is stored using cloud services (Google Firebase) with technical security measures.
We retain information as long as necessary to fulfill the purposes described and comply with applicable obligations.
Users may request account and/or data deletion. We will delete or de-identify the data unless retention is required by law or needed to address claims.
7. Your Rights and How to Exercise Them
You may request access, correction, cancellation/deletion, or objection by emailing: orthotherapyc@gmail.com.
To protect your account, we may request minimal information to verify your identity. Where applicable, you may also update certain information directly in the app depending on your role.
8. Disclosures and Service Providers
We do not disclose personal data to third parties outside the clinic, except:
Technology service providers necessary to operate the app (e.g., cloud infrastructure such as Firebase), acting as processors under appropriate safeguards and solely to provide the service.
Competent authorities, when required by law or by a valid legal request.
9. Security and Access Control
We implement reasonable measures to protect information, including:
Authentication and role-based access control.
Restricting medical records and sensitive files to authorized staff according to permissions.
Technical safeguards to prevent unauthorized access, loss, or alteration.
No system is perfect, but we take security seriously and continuously improve protections.
10. Minors
The app is intended for patients and clinic personnel.
For minor patients, data must be managed according to the clinic’s internal policies and applicable laws, which may require involvement or consent of a parent/guardian when appropriate.
11. Privacy Contact
For privacy questions or requests:
📧 orthotherapyc@gmail.com
12. Changes to This Notice
Any updates will be published within the app and/or on https://orthotherapy.co/, including the updated “Last updated” date.