Privacy Policy

 Privacy Policy (EU & worldwide) takes your privacy very seriously and treats all your personal data with great care. This document sets out’s policy regarding privacy and security. It is recommended that you read this policy carefully. The capitalized words are defined in the Terms of Service.

  1. Who is is registered under Sophus Health Pty Ltd; established and existing under the laws of Australia, having its registered office at 4/94 McLeod Street, Cairns QLD 4780, AUS, and active on the website of has developed a platform used by healthcare providers to gather information from, and/or provide information to their patients. does not screen Content posted by healthcare providers, nor does it select or screen specific programs that are displayed to patients. as processor on behalf of healthcare providers will store and process your personal data on behalf of its customers, the healthcare providers. For this processing, the healthcare provider will act as the “data controller” within the meaning of the European Privacy Directive (1995/46) and the Data Protection Act 1998 and is responsible for the lawful processing of your personal data. Please refer to your healthcare provider for information on the way the healthcare provider will process your personal data. Whilst takes the protection of personal data very seriously, is not responsible for the compliance with applicable privacy laws by the healthcare provider. as controller  

In certain circumstances may also process your personal data for its own purposes, in which case will be the “data controller” of your personal data and responsible for the lawful processing of this personal data. is the controller for the processing of payments by healthcare providers, the processing of account information, the use of Intercom cookies as set out below (under 3) and the provision of aggregated information to authorised parties (with your consent).   

  1. What personal data does collect and process?


In order to make use of the Service, it is necessary to create a personal Account. For this you are required to enter certain information about yourself. Your name, gender, e-mail address, phone number and country of residence are obligatory. For healthcare providers who register on behalf of an entity, information about that entity (name and contact details) are also required.   

The information contained in your account is not visible to third parties. For patients, only the healthcare provider that has sent them an invitation to use the Service can see their Account information.

A detailed list of data that is processed by can be found here.

Use of the Service  

By using the Service, the healthcare provider provides information about the exercise program of the patients and the patients provide information about their compliance with the exercise program and their experiences while doing the exercises. This information is private between the patient and the healthcare provider. will store and process this information only on behalf of the healthcare provider. will only use the patient information for its own purposes with the consent of the patient. After the patient has given his consent, will anonymise the patient information and share it with authorised third parties.  

If the patient is a minor, the parents or legal guardians of the patient will be asked to give their consent for the processing described above.  

  1. Cookies

When using, cookies are saved on your computer. Cookies are small pieces of information (in the form of text) that a server sends to your browser (such as Internet Explorer or Firefox) with the intention that the browser sends this information back to the server the next time a user makes use of the Service. Cookies cannot damage your computer or the files saved on it.

When you use the Service, first party cookies are saved on your computer. First party cookies are made by or for and are stored on your computer by and only has access to these cookies. Such cookies are used by, for example, to remember your login information.

In order to collect data on the usage of’s website (the marketing website, not the platform used for access to the Service), uses Google Analytics. Google Analytics stores a permanent cookie on your computer which is subsequently used to register your use of the website. This data is then analyzed by Google and the results are given to This enables to get more insight in the way in which the website is used and, based on this information, to make adjustments to the website or the provided services.

You can configure your browser so that you do not receive any cookies the next time you use the Service. However, it is then possible that you will no longer be able to make full use of    

  1. For what purposes will use personal data about you? may use your personal data for the following purposes:  

  • To allow the healthcare provider to use the Service, including the management of programs for patients, the management of the patient’s compliance with the program and the exchange of program templates with other users of

  • To allow the patient to use the Service, including the access to home exercise programs provided by the healthcare provider and monitoring the compliance and providing feedback to the healthcare provider.

  • To process payments by healthcare providers.

  • To communicate with you about the Service and/or other services of;

  • To configure to your wishes and needs.

  • For protection purposes and to generate anonymous statistical data. will only provide medical information to third parties if the healthcare provider has given its consent for the specific third party involved (for instance, an insurance company) and if such information is aggregated to make sure that the patient cannot be identified. will only provide your personal data to third parties other than as set out in this Privacy Policy in the following cases:   

  • if it is obliged to do so based on the Agreement with the healthcare provider;

  • if it is obliged to do so on account of national or international laws, case law and/or regulations;

  • if considers it necessary to do so in defense of its own rights; or

  • if you have given permission to do so. may post customer testimonials/comments/reviews on the Website, which may contain personal data of healthcare providers. shall obtain the healthcare provider’s consent via email prior to posting the testimonial. uses third-party analytics services to help understand the usage of the Service by healthcare providers. No patient information is shared through these services.  

In particular, we provide a limited amount of the personal data of the healthcare provider (such as your email address and sign-up date to Peaberry Software, Inc. (“”) and utilize to collect data for analytics purposes when you visit the Website or use the Service. analyzes your use of our Website and/or Service and tracks our relationship so that can improve its service to you. We may also use as a medium for communications, either through email, or through messages within the Service. is a company that is based in the United States. and have an EC Data Protection Agreement to protect the privacy of’s users. also uses sub-processors, as listed on to process your data. When personal data is processed by sub-processors, has data processing agreements in place with these sub-processors.

  1. How does protect your personal data? takes appropriate technical and organizational measures to protect your (personal) data against loss or any form of unlawful use. Because of the medical nature of some of the personal data, has incorporated a very high level of security.  

To protect the confidentiality and integrity of your personal data, we:  

  • Have internal policies that keep your data private and confidential.

  • Encrypt all communications between and our users (http: via SSL, email via TLS).

  • Encrypt all patient health information in our database (“at-rest”).

  • Limit information access inside our company to the absolute minimum necessary.

  • Use an electronically and physically secured data center.

  • Use a firewall which blocks access by attackers and unauthorized users.

  • Automatically logoff healthcare providers after a certain period of inactivity.

  • Require all of our users to choose strong passwords, and choose a new password every 90 days.

  • Use a world-class CDN (content distribution network) which filters out possible attackers

  • Use state-of-the art development and testing systems.

  • Use best-in-class server management technologies.

  1. Viewing, changing and deleting your personal data

If you wish to know what personal data has collected about you or if you wish to change data that you cannot change yourself in your Account, then you can send your request to will provide you with the personal data within 4 weeks. will retain your personal data for as long as your Account is active or as needed to provide the Service to you, to resolve disputes, enforce agreements or comply with any legal obligations. If you wish to delete your Account or request that no longer uses your personal data, you can contact us at   

  1. Can this policy be changed?

It is possible for this policy to be amended in the future. Any changes to the policy will be mentioned on the Website, so it is recommended to regularly have a look at the Website.   

  1. Questions?

If you have any questions, please do not hesitate to contact us via  

Last modified: 26 November 2018