Last updated: March 2, 2026
Physicare.ai ("we", "our", "us") is a Canadian platform that provides intelligent tools to rehabilitation professionals to assist them with clinical documentation, treatment planning, and patient monitoring.
We are committed to protecting the privacy and personal information of all our users. This privacy policy ("Policy") describes how we collect, use, retain, protect, and disclose your personal information, in accordance with An Act to modernize legislative provisions as regards the protection of personal information (commonly known as "Law 25", Quebec) and the Personal Information Protection and Electronic Documents Act (PIPEDA, Canada).
In accordance with Law 25, we have designated a person responsible for the protection of personal information (PRPPI) whose contact details are as follows:
Name : William Prud'homme
Email : privacy@physicare.ai
Mailing address : #300 – 204 Saint-Sacrement Street, Montreal, Quebec H2Y 1W8
The PRPPI is the point of contact for any question, request, or complaint regarding the protection of your personal information. You may contact them at any time.
This Policy applies to all users of the Physicare.ai platform, including healthcare professionals (physiotherapists, occupational therapists, kinesiologists, and other rehabilitation professionals) and patients.
We limit the collection of personal information to what is necessary for the purposes identified in Section 5 of this Policy. We collect the following categories of personal information:
Last name, first name, email address, and password (encrypted).
Clinical observations, treatment plans, diagnoses, prescribed exercises, follow-up notes, and audio recordings of clinical sessions.
Usage logs, preferences, connection information (date, time, IP address), device type, operating system, and browser version.
Payment transactions are processed by Stripe. Physicare.ai does not store your credit card numbers. Only transaction identifiers and billing history are retained.
We use Google Analytics and Microsoft Clarity to analyze platform usage. These tools collect aggregated browsing data, such as pages viewed, session duration, and interactions on the platform. This data is used solely for service improvement purposes. You can manage your cookie and tracking preferences through our consent banner during your first visit. By default, only cookies strictly necessary for the operation of the platform are enabled.
Your personal information is collected and processed for the following specific purposes:
Provide clinical documentation, treatment planning, and patient monitoring features.
Ensure the proper technical operation of the platform, personalize the user experience, and improve our services.
Send account-related communications (registration confirmation, billing, service change notifications) and provide technical support.
Subject to your explicit and separate consent, health data may be irreversibly anonymized (through PHI masking) and then used to train and improve our artificial intelligence models. This anonymized data cannot in any way identify a user. You may refuse this use without any consequence on your access to the platform's services.
Consent is required for the collection, use, and disclosure of your personal information. Given the sensitive nature of the health information processed by Physicare.ai, we obtain manifest, free, informed consent given for specific purposes, in accordance with Law 25.
When creating your account and using the platform, you will be asked to consent separately to the following purposes:
You may withdraw your consent at any time by changing your preferences in your account settings or by contacting our PRPPI at privacy@physicare.ai. Withdrawing consent for essential purposes (sections 5.1 to 5.3) may limit or prevent the use of certain platform features. Withdrawal of consent takes effect upon receipt and is not retroactive.
Physicare.ai integrates artificial intelligence tools that generate suggestions for clinical documentation, treatment plans, diagnoses, and exercises. These tools serve exclusively as decision-support aids for rehabilitation professionals.
No decision affecting users is made in a fully automated manner by our platform. The healthcare professional retains full control and responsibility at all times to validate, modify, or reject any AI-generated suggestion before its application.
Content generated by artificial intelligence is clearly identified as such on the platform. AI suggestions do not in any way replace professional clinical judgment.
Personal information is retained for the following periods:
You may request the complete deletion of your account and personal information by contacting privacy@physicare.ai. We will process your request within 30 days. Certain data may be retained beyond this period if required by law (tax obligations, professional obligations, ongoing litigation).
Data is securely hosted in data centers located in Canada, primarily through Google Cloud Platform (Montreal region) and Amazon Web Services (Canada region).
We use the following service providers in the operation of the platform:
| Provider | Function | Data Location |
|---|---|---|
| Google Cloud Platform | Primary hosting | Montreal, Canada |
| Amazon Web Services (AWS) | Service infrastructure | Canada |
| Stripe | Payment processing | United States and Canada |
| Google Analytics | Platform usage analytics | United States |
| Microsoft Clarity | Platform usage analytics | United States |
| OpenAI | AI inference (clinical suggestion generation) | United States |
| Google Gemini | AI inference (clinical suggestion generation) | United States |
| Anthropic | AI inference (clinical suggestion generation) | United States |
Each subcontractor is contractually required to protect your personal information in accordance with standards at least equivalent to those set out in this Policy and by applicable laws. All data transmitted to AI providers (OpenAI, Google Gemini, Anthropic) for inference undergoes protected health information masking (PHI masking) before transmission, so that no data that could directly identify an individual is sent to these providers. This data is not used by these providers to train their models.
Certain subcontractors (Stripe, Google Analytics, Microsoft Clarity, OpenAI, Google Gemini, Anthropic) may process data outside Quebec or Canada. In accordance with Law 25, a privacy impact assessment (PIA) is conducted before any transfer of personal information outside Quebec to ensure that the data receives adequate protection. Physicare.ai commits to transferring personal information only to jurisdictions offering a level of protection equivalent to that of Quebec, or to implementing appropriate contractual measures to ensure such protection.
No personal information is sold, rented, or exchanged to third parties for commercial or advertising purposes.
We implement reasonable technical and organizational security measures to protect your personal information against unauthorized access, loss, alteration, or disclosure. These measures include encryption of data in transit and at rest, secure user authentication, role-based access management and the principle of least privilege, logging and monitoring of data access, and staff training in security best practices.
In accordance with the sixth principle of PIPEDA and the requirements of Law 25, Physicare.ai is committed to ensuring that personal information held is as accurate, complete, and up-to-date as necessary to fulfill the purposes for which it is used. Professionals are encouraged to keep their patients' clinical information up to date and to report any inaccuracies. Users may at any time request the rectification of their personal information by contacting our Person Responsible for the Protection of Personal Information at privacy@physicare.ai.
Physicare.ai maintains a register of all confidentiality incidents, whether they involve unauthorized access, use, or disclosure of personal information, or the loss of personal information. This register is retained for a minimum period of 24 months from the date the incident was identified. In the event of an incident, we conduct a serious harm risk assessment. When an incident presents a real risk of significant harm, we notify the relevant authorities and affected individuals as soon as possible, in accordance with both applicable regimes: for users residing in Quebec, the Commission d'accès à l'information du Québec (CAI) is notified in accordance with Law 25; for users residing elsewhere in Canada, the Office of the Privacy Commissioner of Canada (OPC) is notified in accordance with PIPEDA. The register contains sufficient detail to allow the relevant authorities to verify Physicare.ai's compliance with its breach notification obligations.
In accordance with Law 25, Physicare.ai conducts privacy impact assessments before any project involving the collection, use, or disclosure of personal information, including before implementing new features, before any transfer of personal information outside Quebec, and before acquiring or developing new data processing systems.
In accordance with Law 25, the privacy settings of the Physicare.ai platform are configured by default to the highest level of privacy. Analytical cookies and non-essential tracking technologies are disabled by default. Any feature involving broader data sharing or visibility requires voluntary activation by the user.
In accordance with Law 25 and PIPEDA, you have the following rights:
To exercise any of these rights, contact our PRPPI at privacy@physicare.ai. We will process your request within 30 days of receipt.
Physicare.ai does not knowingly collect personal information from minors (under 14 years of age in Quebec) without the consent of a parent or legal guardian. If a minor is a patient of a professional using the platform, parental or guardian consent is required in accordance with applicable laws.
We may update this Policy to reflect changes in our practices, services, or applicable legislation. In the event of a substantial change, we will notify you by email or by a prominently visible notice on the platform at least 30 days before the changes take effect. If the changes affect the purposes of collection or use of your personal information, new consent may be requested. Your continued use of the platform after the changes take effect constitutes acceptance of the updated Policy. If you do not accept the changes, you may stop using the platform and request the deletion of your account.
For any question, access request, rectification, deletion, portability, or any other request relating to your personal information, you may contact us:
Person Responsible for the Protection of Personal Information
William Prud'homme
Email : privacy@physicare.ai
Address : #300 – 204 Saint-Sacrement Street, Montreal, Quebec H2Y 1W8
For general technical support: support@physicare.ai
Physicare.ai is committed to upholding the highest standards in personal information protection in a digital health context.