GDPR: What types of data are collected by Physitrack?
Physitrack is a platform designed from the ground up around privacy and security of both your own and your clients' data. All policies and engineering standards follow this principle. Further, Physitrack is not in the business of sharing data with third parties. Our revenue comes from subscriptions and enterprise features, plain and simple.
- Physitrack runs its applications and databases on Amazon Web Services (AWS). AWS operates perhaps the most secure data centers in the world.
- Data is stored in a database that is hosted in the same data center ("availability zone") as the server on which you use Physitrack. For example, if you use us.physitrack.com, both the application and the database are in the US, and if you use uk.physitrack.com, both the application and the database are in the EU.
- Sensitive fields are encrypted "at rest" (when stored "persisted") in the database as well as "in flight" (when being transferred between your browser/device and our application).
- Physitrack makes two types of database backups: a real-time backup and a backup that is made every 24 hours. These backups are stored in a different data center from the online database to avoid data loss in case of a catastrophe.
- Backups are encrypted.
The list below enumerates what type of data we store.
Note that Physitrack does not store any credit card information on our systems.
Payments are processed by Adyen, our payment processor.
Practitioner data
| Field name | Description | 3rd party processors Note that all data is also processed by AWS |
| First & last name | Adyen, Chargebee, Customer.io, Helpscout, Twilio, Dolby.io | |
| Email address | Adyen, Chargebee, Customer.io, Mailchimp | |
| Owner | Which PT Direct account owns this practitioner? | Adyen, Chargebee, Customer.io |
| Practice name | Adyen, Chargebee, Customer.io | |
| Address | Adyen, Chargebee, | |
| Country | Adyen, Chargebee, Customer.io | |
| State | |
Customer.io, Chargebee |
| Skype ID | ||
| Mobile phone | Twilio | |
| Timezone | Customer.io | |
| VAT ID | Chargebee | |
| Agreed to terms of service? | ||
| Subscription status | Customer.io | |
| App preferences | E.g. weight units, notification preferences | |
| Password | Encrypted | |
| Affiliation | Practice management system or organization | Customer.io |
| API integration | Patient management system (PMS) and api key for the Physitrack-connection to the PMS | Customer.io (only the name of the PMS, not the key) |
| Attempted logins | Timestamp and IP address of unsuccessful login attempts | |
| Custom templates | Custom templates created by this practitioner | |
| Messages | Encrypted. Messages sent to and received from clients. | |
| Video call log | Logs (timestamp and duration, not contents) of video calls | |
| Sign in count | Customer.io | |
| Last sign in date & IP | Customer.io (only timestamp) | |
| Current sign in & IP | ||
| Creation date | Customer.io | |
| Date record was last updated | ||
| Search settings | Recent search settings | |
| Custom exercise videos and images | Coconut, Algolia, Customer.io (only count) |
Client data
| Field name | Description | 3rd party processors |
| First & last name | - | |
| Gender | - | |
| Year of birth | - | |
| Mobile phone | Twilio | |
| Mailchimp | ||
| Access code & exercise program | Access code and exercise program with its content (exercises and/or educational content and/or outcome measures). |
Google Firebase, Fabric.io, Twilio |
| Outcome measures | Encrypted. Answers to outcome measures. | - |
| Messages | Encrypted. Messages sent by and to the client, exercise feedback. | - |
| Video call log | Timestamp and duration of made video calls. | Dolby.io |
| Video call audio | Encrypted. If enabled by the practitioner, an mp3 audio recording of made video calls. | Amazon Web Services |
| Adherence details | Encrypted. Details of the completion of sets, reps, hold, pain level, etc. | - |
| Diagnosis code | Encrypted. Optionally, a practitioner may choose to store diagnosis codes on Physitrack. | - |
| Custom exercise videos and images | The practitioner is prevented from entering the client's first and last name in the exercise title or description. | Coconut, Algolia |
Access code & client-identifiable information
As soon as an access code contains patient-specific information (e.g. messages, outcome measures or exercises featuring this patient), the client must enter their year of birth to access the exercise program. Only a certain amount of incorrect attempts can be made every hour before PhysiApp is locked.
Third-party vendors (subprocessors) that process data on behalf of Physitrack
| Subprocessor | Controls in place | Description |
| Adyen Netherlands |
GDPR-compliant, data processing agreement in place | We use Adyen to process our payments. No client data is processed by Adyen. |
| Algolia France & USA |
GDPR-compliant, Data Processing Agreement with Standard Contractual Clauses in place | We use Algolia to power our search of exercises. No practitioner or client data is processed by Algolia that could let Algolia identify practitioners or clients. |
| Amazon Web Services Luxemburg & USA |
GDPR-compliant, Data Processing Agreement with Standard Contractual Clauses in place | Physitrack owns and controls logical access to the infrastructure maintained by AWS, while AWS maintain the physical security of the servers, network and the data center. For data residency requirements, Physitrack is segregated across different AWS regions. |
| Coconut.co France |
GDPR-compliant, based in EEA | We use Coconut to transcode all videos into web/mobile viewable formats. No patient information is sent to Coconut, but the videos sent to Coconut for encoding may contain videos that feature a client. Coconut automatically deletes all uploaded content after 24 hours. |
| Cloudflare USA |
GDPR-compliant, Data Processing Agreement with Standard Contractual Clauses in place | We use Cloudflare for DNS and content distribution. Cloudflare uses enhanced privacy protocols for DNS over TLS and DNS over HTTPS which prevents data tracking by not linking DNS queries to your personal IP address (personal data) and limits record retention to 24 hours. |
| Chargebee Netherlands, India, USA |
GDPR-compliant, data processing agreement in place, certified under EU-US Privacy Shield, Standard Contractual Clauses in place | We use Chargebee to help manage our subscription process and invoicing. Information sent to Chargebee includes the practitioner's billing information such as name, email and payment method. No client data is sent to Chargebee. |
| HelpHero New Zealand |
GDPR-compliant, guarantee that all information sent to US sub-processors is appropriately protected | We use HelpHero to show onboarding tours to practitioners in the demo version of Physitrack, and to practitioners who have not yet added any clients. No practitioner or client data is processed by HelpHero. |
| Helpscout USA |
GDPR-compliant, Data Processing Agreement & Standard Contractual Clauses in place | We use Helpscout to process customer support emails and display our online knowledge base (such as the one you are looking at). On the web version of Physitrack, when a practitioner sends a message to Helpscout, Helpscout processes the IP address, name and email of the practitioner. Both practitioners and clients have the possibility to send a support email to support@physitrack.com or support@physiapp.com which will be displayed to a qualified Physitrack staff member. We tightly control who has access to Helpscout, and require 2-factor authentication. |
| Mailchimp USA |
GDPR-compliant, Data Processing Agreement & Standard Contractual Clauses in place | We use Mailchimp's "Mandrill App" service to send transactional emails such as passwords and access codes. The recipient email and subject line are stored by Mailchimp, and the message body is only temporarily stored (max 1 hour) for debugging and troubleshooting purposes. Access to Mailchimp is strictly limited. |
| Google Firebase USA |
GDPR-compliant, Data Processing Agreement & Standard Contractual Clauses in place | We use Google Firebase to detect whether a client or a practitioner is online and to generate single-sign on links for patients. No data is processed by Google Firebase which would allow a third party to identify who the parties are. |
| Google Workspace USA |
GDPR-compliant, Data Processing Agreement & Standard Contractual Clauses in place | We use Google Workspace to host our email. All @physitrack.com emails are processed by Google Workspace on behalf of Physitrack. |
| Customer.io USA |
GDPR-compliant, data processing agreement in place, EU-US Privacy Shield, Standard Contractual Clauses in place | We use Customer.io to send onboarding emails and newsletters to practitioners. The information that is sent to Customer.io is limited to the information that is required to properly identify the correct recipients of our various onboarding emails, and includes activity information such as name, email, the number of patients, number of assigned exercise programs, subscription information. No client data is processed by Customer.io. |
| Data Dog Ireland & USA |
GDPR-compliant, data processing agreement in place with Standard Contractual Clauses, EU-US Privacy Shield | We use Data Dog to monitor and improve performance of our application and infrastructure. No names or emails are sent to Data Dog (this data is scrubbed before it is sent to Data Dog), and all data is destroyed after 15 days. |
| Sentry USA |
GDPR-compliant, Data Processing Agreement & Standard Contractual Clauses in place | We use Sentry to track errors in our application. No practitioner or client identifiable data is processed by Sentry, as this data is scrubbed before it gets sent. |
| Sqreen USA & France |
GDPR-compliant, data processing agreement in place | We use Sqreen to detect security vulnerabilities and attacks. No practitioner or client identifiable data is processed by Sqreen, as this data is aliased before it gets sent. |
| Transifex Greece & USA |
GDPR-compliant |
We use Transifex to dynamically translate our marketing site. Transifex places cookies to remember which language you are viewing the Physitrack marketing site in. No practitioner or client data is sent to Transifex. |
| Twilio USA |
GDPR-compliant, data processing agreement with Standard Contractual Clauses in place, EU-US Privacy Shield | We use Twilio to send access codes via SMS to clients and send various notifications via SMS to practitioners. |
| Typeform Spain |
GDPR-compliant | We use Typeform to collect troubleshooting information from practitioners and their clients. No information is automatically sent to Typeform. |
| Dolby.io USA |
Data Processing Agreement in place | We use Dolby.io to help power our video calling functionality. Video streams are encrypted using AES-128 bit encryption or stronger. Only the practitioner and client names and IP addresses are processed by Dolby.io. |
Note: healthcare practitioners may choose to automatically share adherence details and exercise program information from Physitrack to their patient management system.
This is done at the discretion and under the control of the clinic or healthcare practitioner.