Privacy Policy

Last Updated: June 23, 2025

Revobo, LLC (“Revobo” or “we”) provide remote therapeutic monitoring devices (“RTMDs”) that are attached to medical wearables, such as braces and orthotics, which are tracked through the Revobo or Revobo+ Platforms, accessible via an Internet site (“Website”) or a downloadable mobile application (“App”) (collectively, the “Platform”) and used by medical service providers, their staff and affiliates (“Providers”) and patients (“Patients”) (collectively, “You” or “User”) to facilitate usage and assess recovery and impact of the medical wearable and the health of the Patient relating thereto.

This Privacy Policy explains how we interact with and use personally identifying information (“Personal Information”) of individuals, both Patients and authorized Users at the Provider’s facility, in connection with our Platforms.

Types of Personal Information

We use certain Personal Information that may identify a Patient, their parents or guardians, and Users in connection with providing the Platforms. These may be collected by:

  • visiting the Website,

  • requesting a link to download the App,

  • signing up for or using a User Account or Patient Account, or

  • inputting the Personal Information of a Patient, parent, or guardian into the Platform.

These Personal Information may include:

  • Contact information such as name, email address, phone numbers;

  • Family member names;

  • Health insurance information;

  • Login credentials such as usernames and passwords used for account creation, access and authentication;

  • Online identifiers such as IP address, browser and device characteristics, device ID, operating system, language preferences, cookies, beacons, referring URLs, and country/general location data.

This Personal Information may be collected passively (e.g., when you navigate the Portal, App, or use the medical wearable with an RTMD) or actively (e.g., creating an account or submitting information).

Health Information

Because of the nature of the RTMDs and Platforms, we also collect and use certain personal health information (“PHI”) of Patients through the administration of the Platforms. This information is provided by Patients and/or Users:

  • when establishing an account relating to a Patient;

  • by information transmitted automatically by the RTMDs on the wearables;

  • by Patient or guardian responses relating to Patient’s pain, medications and usage, activities, physician-prescribed treatment plans and adherence to such plans;

  • by the Provider in connection with their review of RTMD data and use of the Platform in monitoring the progress of the Patient; and/or

  • from the Patient’s electronic health records (“EHR”) that may be linked with the Platforms.

Any PHI is used strictly as necessary for the use of the Platform and with Patient or parent/guardian authorization.

We abide by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”), and their regulations for all PHI we use. We specifically follow the standards for privacy and security of individually identifiable health information according to HIPAA and the HITECH Act.

Cookies

As you navigate the Website and/or use the App, “cookies” may be placed on your device so that we can understand your usage and enhance your experience. Cookies are files that may contain limited information, such as:

  • the type of browser you are using,

  • your general location,

  • your device’s IP address,

  • the date and time of your visit,

  • your web domain type, and

  • your activity on the Website or App.

This information is used to:

  • remember you the next time you visit the Website or App for easier login,

  • identify usage patterns for analytics,

  • improve the Website and App, and

  • provide you with a secure online experience.

Most browsers allow you to delete, block, or restrict certain cookies on your device. However, this may affect your ability to use the Website and App.

We may share cookie information with advertising and marketing partners to provide relevant advertising or marketing information based on your previous interaction with our Website or App. These partners have their own privacy policies and may be members of the Network Advertising Initiative (“NAI”) or Digital Advertising Alliance (“DAA”).

To remove yourself from some or all of these member advertising programs, visit:

Note: If you delete or block cookies, or use a different computer or browser, you may need to renew your opt-out choices.

For more information on cookies and how we use them, please refer to our Cookie Policy.

How We Use Personal Information

We use the Personal Information to:

  • Provide the Platform, and otherwise fulfill our contracts with Providers

  • Maintain and service Provider, User, and Patient accounts

  • Provide customer service and support for the Platform and RTMDs

  • Analyze usage and perform analytics of the Platform

  • Verify and maintain the quality and safety of the Platform

  • Improve, upgrade, or enhance the Platform

  • Inform you of other products or services we have that may be of interest to you

  • Prevent, detect and investigate security incidents

  • Debug, patch and update the Platform

  • Resist malicious, deceptive, fraudulent, or illegal actions on or relating to the Platform

  • Prosecute perpetrators

  • Ensure physical and data safety

We use PHI solely for the purpose of administering and maintaining the Platform and RTMDs, and when elected by the Provider, managing the Platform for Providers. Regardless of format, all clinical and therapeutic information is considered by the treating Provider, and the treating Provider makes all clinical and therapeutic decisions.

Personal Information and PHI are not sold or shared with third parties.

Disclosure

Your Personal Information and PHI may be shared on the Platform between Revobo and your treating Provider. No other Users, Providers, or Patients have access to your data.

It may be necessary to disclose or allow access to Personal Information with others in limited circumstances. These include:

  • With Service Providers that perform certain tasks on our behalf, but only to the extent necessary to provide their services for us, and then subject to contractual obligations to adhere to the same levels of privacy protection as we do;

  • With law enforcement or government agencies if required by law; and

  • In the event of a business transaction, such as merger, acquisition, or asset purchase.

Retention & Security

All data, including Personal Information and PHI, is stored in secure cloud-hosted servers. We retain any Personal Information and PHI only for as long as we need it to provide the Platform to you (as long as the Patient’s therapeutic plan calls for monitoring of wearables usage through RTMDs), after which it may be anonymized, deidentified, or otherwise rendered no longer identifying (“Deidentified Data”). We may continue to use Deidentified Data to improve the RTMDs and Platform.

We maintain reasonable administrative, technical, and physical security measures intended to protect against loss, misuse, or improper access, disclosure, alteration, or destruction of Personal Information and PHI, including but not limited to:

  • firewalls,

  • partitions,

  • antivirus/anti-malware software,

  • encryption, and

  • penetration testing.

Access to any Personal Information or PHI is only available based on account-level access, requiring login and multi-factor authentication.

We comply with the HIPAA Security Rule, the HIPAA Breach Notification Rule, and applicable standards of the HIPAA Privacy Rule as business associates of your Provider, and are otherwise HIPAA and HITECH compliant.

While we use reasonable measures to secure our Platform, you should take appropriate precautions to protect personal and confidential information, and to use your devices/apps in a secure and responsible manner. Revobo is not responsible for the security of your devices and expects that you will configure and use them in a secure and responsible manner.

We will provide a secure transmission method for you to send us your personal information. While such secure transmission methods provide reasonable protections against unauthorized access, if you have concerns regarding the transmission of sensitive information, you should consider using nonelectronic communication methods or not submitting your information at all. We cannot guarantee that any information you submit to us is secure, nor can we guarantee the performance or adequacy of any security measure we use.

Data Transfers

The Personal Information and PHI we collect and use are transferred to and/or maintained on cloud-based servers through Azure, which may be located anywhere in the world. You should be aware that by using the Platform, your Personal Information may therefore be transferred outside of your state or country.

By accepting this Privacy Policy and using the Platform, you are providing your consent for such data transfer to another state or country, which may have different data privacy requirements from yours.

Privacy Rights

Unsubscribe and GPC Signals

You have the right at any time to prevent us from contacting you for marketing purposes.

  • You can opt out of promotional communications by following the “Unsubscribe” instructions provided in any promotional email sent to you.

  • You can also indicate that you do not wish to receive marketing communications from us in the “Settings” section of the Platform.

We may continue to send you administrative emails — for example, communications about your account or updates to our Privacy Notice — even if you opt out of promotional emails.

A Global Privacy Control (GPC) signal is available as an optional browser extension that, when activated, automatically communicates your privacy preferences to opt out of websites selling or sharing your personal information.

The Platform responds to GPC signals as a valid opt-out method — although we do not sell or share personal information.

Learn more at: https://globalprivacycontrol.org/

State Privacy Rights

Depending on where you are located or live, you may have certain rights regarding your Personal Information under local law. These may include the right to:

  • Access – Request details regarding your Personal Information that we process, including:

    • types of personal information processed

    • data sources

    • processing purposes

    • retention duration

    • applicable safeguards

  • Correction – Request that we correct incomplete or inaccurate parts of your Personal Information.

  • Delete/Erasure – Request deletion of your Personal Information, subject to limitations (e.g., for service completion or legal compliance).

  • Restrict/Limit Processing – Request that we restrict use of your Personal Information, such as for targeted advertising or behavioral marketing.

    Note: We do not share Personal Information for marketing purposes.

  • Data Portability – Request a copy of your Personal Information in a commonly used, machine-readable format.

  • Opt-Out of Sale – Request to opt out of:

    • targeted advertising

    • cross-context behavioral advertising

    • profiling that produces legal or similarly significant effects

    Note: We do not sell or share Personal Information for such purposes.

  • Against Automated Decision-Making – Decline decisions about you made solely by automated processes without human input.

  • Non-Discrimination – You have the right not to be discriminated against in price or service for exercising any of your privacy rights.

You may withdraw any consent you have previously given.

If you are dissatisfied with our response to a data privacy request, you may appeal the decision to your state’s Attorney General’s office.

To exercise any of the above rights, Patients should contact their Provider.
Any privacy requests received directly by Revobo will be forwarded to the appropriate Provider.
Revobo will work with the relevant Provider to respond to any verified privacy requests.

Children’s Privacy

Revobo is committed to protecting the privacy of children. The Platform is not intended or designed to attract children under the age of 13.

  • We do not knowingly collect, maintain, or use personal information from children under 13 years of age without the authorization of a parent or guardian.

  • No part of our websites is directed to children under the age of 13.

If you learn that your child has provided us with their Personal Information without your consent, you may alert us using our contact form.

If we learn that we have collected any Personal Information from a child under 13 without parental or guardian authorization, we will promptly take steps to delete such information.

Changes to This Privacy Policy

This Privacy Policy is subject to change at any time at Revobo’s sole discretion.
Any changes made are effective upon posting.

It is your responsibility to review this Privacy Policy each time you access the Platform, because you will be bound by any changes made.

Questions

If you have questions about our privacy practices, you may contact us:

Revobo, LLC
6901 Lynn Way, Suite 301
Pittsburgh, PA 15208

📞 +1 888-706-7099 (toll free)
📧 privacy@revobo.com
🌐 https://revobo.com