Products Privacy Policy

This Privacy Policy explains how Tactile Robotics Ltd. (“Tactile,” “we,” “us”) collects, uses, discloses, and protects information when you use any Tactile Robotics software applications (mobile, desktop, or web), cloud services, AI modules, and/or hardware devices, and related support and websites (collectively, the “Services”).

1. Scope

This Policy applies to information collected through the Services. If your school, clinic, or organization (a “Customer”) provides you access to the Services, your use may also be governed by the Customer’s internal policies and the agreement between the Customer and Tactile.

2. Roles (Customer Administrators and Individual Users)

Individuals (e.g., instructors, students, clinicians, patients, researchers, technicians, and administrators) use the Services to support education/training, rehabilitation and remote care workflows, and/or research and monitoring workflows. Customer administrators may manage accounts, groups/programs, device assignments, permissions, rubrics/scoring settings (where applicable), and reporting for users within their organization. Depending on how the Services are deployed, Tactile may act as a controller (when we provide accounts directly) and/or as a service provider/processor (when a Customer controls user accounts and content). Where we are a processor, we process information only on documented instructions from the Customer, as reflected in the applicable agreement.

3. Information We Collect

3.1. Account Information

We may collect information used to create and manage an account, such as your name, email address, and optional profile photo (if you upload one).

3.2. Usage Information

We may collect information about how the Services are used (e.g., feature usage frequency, session activity) to operate, support, and improve the Services. Cookies and Similar Technologies (Web). If you use our website or web-based Services, we may use cookies and similar technologies (e.g., local storage) to keep you signed in, remember preferences, measure performance, and understand usage. You can control cookies through your browser settings; however, disabling cookies may affect functionality. Sensitive Information (if applicable). Some products and deployments may involve sensitive information such as health-related information, education records, research data, or images/video. We do not require you to provide sensitive information unless it is needed for your chosen workflow or is uploaded by you/your Customer. Your Customer (or you, where applicable) is responsible for obtaining appropriate consents and permissions and for ensuring such information is lawfully collected and shared with us.

3.3. Device and Technical Information (App/Web)

When you use the App or web interface, we may collect technical data such as device type, operating system, app version, browser type (if applicable), IP address, diagnostic logs, and crash data. If enabled on your device, the App may receive approximate location information, depending on device permissions.

3.4. Hardware Identifiers and Diagnostics (Hardware)

When the hardware is connected to the App or Services, we may collect hardware-related information such as a device identifier (e.g., serial number or device ID), firmware version, pairing/connectivity information, and diagnostic or performance data (e.g., error logs, calibration status, stability metrics). We use this information to set up the device, provide updates, support troubleshooting, and improve reliability.

3.5. Content and Files You Provide or Generate

Depending on your workflow, you or your Customer may upload, generate, or store content in the Services (“Content”), which may include organizational settings, course/group or program data, tasks, rubrics or scoring configurations, grading or assessment results, reports, and files such as 3D scan data (including STL or similar formats), images, video, sensor/telemetry logs, device events, exercise or session information, patient-reported outcomes (if applicable), and other materials you choose to provide.

3.6. Support Communications

If you contact us for support, we collect the information you provide in communications (e.g., your message, attachments, and troubleshooting details).

3.7. Billing, Shipping, and Warranty Information (if applicable)

If you purchase hardware or paid subscriptions directly from Tactile, we may collect billing contact details and transaction information. Payment card information is typically handled by our payment processors; we do not store full payment card numbers. If we ship hardware, we may collect shipping/fulfillment details (e.g., recipient name, address, phone number) and warranty/returns information.

4. How We Use Information

• Provide and operate the Services (account creation, authentication, core product functionality, collaboration, reporting, and communications).
• Set up, maintain, and support the hardware (pairing, firmware updates, diagnostics, and troubleshooting).
• Maintain security, prevent abuse, and protect the integrity of the Services (fraud prevention, access controls, and monitoring).
• Improve and develop the Services (feature refinement, reliability, performance, and user experience).
• Respond to support requests and communicate important notices about the Services.
• Create de-identified or aggregated analytics and reports to understand usage and improve outcomes. When publishing results, we aim to ensure individuals are not identified.

5. How We Share Information

We do not sell your personal information. We may share information in the following situations: Service providers: We use third-party providers to host and operate the Services (for example, Google Cloud (Cloud Run and Compute Engine) and MongoDB Atlas). These providers process information to support service delivery, security, and performance, and are not permitted to use personal information for their own purposes beyond providing services to us. We may update our service providers (subprocessors) from time to time. We will reflect material updates in this Policy and/or make an updated list available through our website or within the App, where applicable. Customer/institution access: If your account is provided by a Customer, authorized Customer administrators may access information associated with accounts under their organization (e.g., course membership, grading reports, and performance tracking), consistent with the Customer’s policies and agreement with Tactile. Shipping/fulfillment and warranty partners (if applicable): If hardware is shipped or serviced, we may share necessary information with carriers or service providers for delivery, returns, and warranty support. Legal, safety, and public interest: We may disclose information if we believe it is reasonably necessary to comply with law, protect any person from death or serious bodily injury, prevent abuse of the Services, or protect rights, safety, and security.Business transfers: If Tactile is involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to appropriate safeguards.

6. Data Retention

We retain information for as long as needed to provide the Services and for legitimate business purposes (e.g., security, audits, and dispute resolution). Retention periods may be configured by a Customer or defined in a Transaction Agreement/Product Terms. Where not otherwise specified, we generally retain Service data while an account or subscription is active and for a commercially reasonable period after termination to allow export and account closure, after which we may delete or de-identify the data from active systems, subject to limited backup retention and legal obligations.

7. Security

We use administrative, technical, and organizational safeguards designed to protect information, including secure protocols and secure servers for transmission and storage. No system is 100% secure, but we continuously work to improve our security measures.

8. Your Choices and Rights

• Access, correction, and deletion: You may be able to access, correct, update, or delete certain account information through the Services or by contacting us.
• Institution-managed accounts: If your account is managed by a Customer, you may need to submit requests through your institution or administrator.
• Device permissions: You can control certain permissions (e.g., location, camera) in your device settings.

9. International Data Transfers

Tactile is based in Canada, and our service providers may process information in other jurisdictions. Where applicable, we use safeguards intended to protect information during cross-border processing.

10. Children’s Privacy

The Services are not intended for children under the age of 13 (or the minimum age required in your jurisdiction) without appropriate authorization by a parent/guardian or an institution. For institution-managed accounts, the Customer is responsible for providing any required notices and obtaining any necessary consents. If you believe a child has provided personal information without proper authorization, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the most current version and update the effective date. If changes materially reduce your privacy rights, we will provide additional notice (e.g., in-app notice or email).

12. Contact Us

Questions or concerns about hardware and privacy?

Email: support@tactilerobotics.ca

Mailing address: 200-135 Innovation Dr (UM Smartpark), Winnipeg, MB CANADA R3T 6A8