1. Introduction
PhysioSense ("we", "our"), registered in Montenegro, operates the website physiosense.net. This policy describes how we collect, use, and protect your personal data in accordance with the GDPR, the Montenegrin Law on Personal Data Protection, and applicable data protection laws.
PhysioSense is intended for users aged 16 and older. If you are under 16, you may only use PhysioSense with the consent of a parent or legal guardian.
2. Data We Collect
Account data:
- Email address (for authentication)
- Name (for profile display)
- Role (e.g., physiotherapist, student)
- Professional license number (optional)
- Subscription tier selection
- Payment data (processed by Paddle — we do not store card details)
Health data (GDPR Article 9 — special category):
- Health assessment data (diagnosis, recovery phase, symptom duration, pain level, functional status, patient age, sex, comorbidities, equipment, goals, treatment setting)
- Patient-reported outcomes (pain scores, functional scores, clinical progress, adherence data)
- Generated reports (personalized evidence-based educational content, PDF documents)
Legal basis for health data
When you create a personalized plan, we collect health-related information that constitutes "special category data" under GDPR Article 9. We process this health data based on your explicit consent (Article 9(2)(a)), which you provide when creating a plan. You may withdraw this consent at any time by deleting your plans or your account in Settings.
3. How We Use Your Data
- To provide and personalize the platform — Contract, Art. 6(1)(b); Explicit consent for health data, Art. 9(2)(a)
- To process subscriptions and payments — Contract, Art. 6(1)(b)
- To send transactional emails (account confirmation, password reset, outcome measurement reminders) — Contract, Art. 6(1)(b)
- For platform security and error tracking — Legitimate interest, Art. 6(1)(f)
- To improve the platform based on aggregated usage (with consent) — Consent, Art. 6(1)(a)
4. Data Storage & Security
- Database and authentication: Supabase (EU — Frankfurt). Row-Level Security (RLS) on all tables.
- Application hosting: Vercel (EU — Frankfurt, fra1). HTTPS/TLS encryption, HSTS with 2-year duration.
- Passwords: hashed via bcrypt (Supabase Auth). We never store passwords in plain text.
- Security headers: Content-Security-Policy, X-Frame-Options: DENY, X-Content-Type-Options: nosniff, CSRF protection on all mutations.
- Outcome backups: encrypted and stored in Supabase Storage (daily backup).
5. Sub-Processors
We use the following sub-processors to process your data:
| Service | Purpose | Location | Transfer Safeguard |
|---|
| Supabase | Authentication and database | EU (Frankfurt) | EU adequacy — no transfer |
| Vercel | Application hosting and CDN | EU (Frankfurt) | EU adequacy — no transfer |
| Paddle | Payment processing (MoR) | UK / EU | UK adequacy decision |
| Resend | Transactional emails | US | EU-US DPF. Email addresses only. |
| Sentry | Error tracking | EU | EU adequacy — no transfer |
We do not sell, rent, or share your personal data with third parties for marketing purposes. Data Processing Agreements (DPAs) are in place with all sub-processors.
6. Your Rights (GDPR)
- Access (Art. 15) — view your data in Settings
- Rectification (Art. 16) — update your data in Settings
- Erasure (Art. 17) — request account deletion in Settings > Profile
- Data Portability (Art. 20) — download all your data in JSON format via Settings > Export Data
- Restriction (Art. 18) — contact privacy@physiosense.net
- Withdraw Consent (Art. 7(3)) — withdraw your consent to health data processing at any time via Settings > Consent Management. Withdrawal does not affect the lawfulness of processing performed before withdrawal.
- Objection (Art. 21) — contact privacy@physiosense.net
- Complaint (Art. 77) — you have the right to lodge a complaint with a supervisory authority. For Montenegro: AZLP, www.azlp.me. For EU residents: your local DPA.
7. Automated Decision-Making
PhysioSense does not make automated decisions about you. Report generation filters published evidence based on your input but does not constitute automated decision-making or profiling under GDPR Article 22. All clinical decisions remain with the treating professional.
8. Data Retention
- Account data: while account is active. Deletion on request via Settings.
- Health data: while consent exists. Withdrawing consent triggers deletion.
- Generated reports: retained anonymized for quality. Upon account deletion — permanently erased.
- Payment records: 7 years (legal obligation).
- Error logs: 90 days (Sentry automatic deletion).
9. Policy Changes
If we make material changes to this policy, we will notify you via email or in-app notification at least 14 days before they take effect.
10. Contact
For privacy inquiries, contact us at: privacy@physiosense.net
We have not appointed a Data Protection Officer (DPO) as our processing does not meet the thresholds under GDPR Article 37.
We respond within 30 days in accordance with GDPR requirements.