Privacy policy, data privacy and security policy

Curovate respects your privacy and protects the information that we collect. Curovate sends your progress data to a remote server that is password protected and is only accessible by the Curovate team. The data that we collect and store include your name, age, sex, email address, the date and type of surgery or injury, your daily exercises, range of motion, and compliance rate. The collection of this information will help us improve future versions of the app for you and other users as well as allow us to conduct research on recovery after injury or surgery. We do not share this data with other advertisers or marketers. We do not sell or barter your data to third parties. Curovate may use this data to market our own products. Curovate also utilizes Google Analytics which provides us with the following information about our products: time of use, geographic location of users, stoppage of use, the number of downloads, the screen where users stop using our product, number of repeat users, crashes, frequency of use, and the devices that downloaded our product. This information will be used for future development and to fix issues with our products. Google Analytics data are anonymous. Curovate uses Hyper Text Transfer Protocol Secure (HTTPS) for all data transfer from your mobile device to our servers. This means that all the communications between the app and the server (where we store your data) are encrypted. As the app user, our server authenticates that you are the one who is accessing your data and, outside of our company, you are the only one who can access your data. Curovate retains your data for 10 years after your last contact with the app. After 10 years, the only data that will be retained will be any data used in aggregate form for research, marketing, and advertising. The details of the research will be specified in the medical disclaimer. The remaining data will be permanently deleted from our servers. If we wish to retain the data for longer, we will send a request to you by email to allow you to opt-in. The data that are locally stored on your mobile device are entirely in your control. You are welcome to delete or retain this data for as long as you choose. If there is a data breach on our secure HTTPS server, we will notify all impacted users within 72 hours of Curovate first becoming aware of the breach. You will receive an email from Curovate informing you that there has been a data breach. If a data breach occurs, the information that would be vulnerable would be your name, email address, age, surgery or injury date, your knee movement measures, and your exercise compliance data. Curovate does not store financial information. All app subscriptions and thus financial information are handled by Google through the Google Play Store. Curovate follows the rules of the General Data Protection Regulation (GDPR) which calls for data protection by design and default. This provides a greater level of protection for the user than the Data Protection Act of 1998. We have voluntarily completed the Information Commissioner’s Office (ICO) self-assessment and received an overall rating of green for our data privacy and security. App users can do any of the following by emailing Curovate at meetcura@gmail.com: request an electronic copy of all of their data stored on the Curovate servers or request that all of their data be deleted from the Curovate servers. Within our app, we have a notifications setting which allows you to turn off all notifications from Curovate. The notification that does appear on your lock screen does not contain any personal information. Curovate will make every effort to respond to user feedback and emails within 3 business days.