EvoWalk™ System Privacy and Data Usage Policy

Last Updated: 10-06-2025

1. Introduction

Welcome to the EvoWalk™ System. This policy explains how we handle the sensitive personal and health information you entrust to us when you use the EvoWalk™ device and its connected mobile application (collectively, the “System”).

Your trust is essential to our mission. We are committed to protecting your data with the highest standards of security and transparency. This document also serves as our Notice of Privacy Practices under the Health Insurance Portability and Accountability Act (HIPAA).

2. Your Health Information (PHI) and HIPAA

As a medical technology company in the United States, we are required by law to maintain the privacy and security of your Protected Health Information (PHI).

  • What is PHI? PHI includes any information that can be used to identify you and relates to your past, present, or future physical or mental health. This includes your movement data, name, birthdate, and more.

  • Our HIPAA Pledge: We have implemented strict technical, administrative, and physical safeguards to protect your PHI from unauthorized access, use, or disclosure. Our employees are trained on HIPAA compliance, and our practices are designed to meet or exceed its requirements.

3. Types of Data Collected

To power the EvoWalk™ System and provide you with personalized feedback, we collect the following types of data:

  • Movement & Gait Data: Step count, gait patterns, walking speed, cadence, and other kinematic measurements generated by the device.

  • Usage Data: Duration and frequency of your EvoWalk sessions.

  • Account Information: Your name, email address, password, and other details you provide when setting up your account in the mobile app.

  • Physiological Data: Information you choose to provide, such as your birthdate, weight, and height, which helps us customize the System's feedback.

  • Feedback & Survey Data: Your written feedback, survey responses, and communications with our support team.

Evolving Data Collection and Display:

At Evolution Devices, we are committed to continuous improvement of our services. As such, the types of data we collect and how we display this data may evolve over time. We may introduce new metrics or more detailed analyses as our technology advances. Any significant changes to our data collection practices will be communicated to you through email and/or app notification.

4. Data Usage

Your data is used for specific, necessary purposes:

  • To Provide and Personalize Your Service: We use your movement and physiological data to analyze your gait, provide real-time feedback, track your progress, and personalize your experience.

  • To Communicate With You: To send you updates about the service, progress reports, and important notices.

  • For Research and Development: To improve the EvoWalk™ System, we analyze user data to understand trends, validate our technology, and develop new features. For these purposes, we only use de-identified or aggregated data, meaning all information that could personally identify you has been removed.

  • To Comply with the Law: To meet our legal and regulatory obligations.

5. Data Sharing

We are extremely careful about who we share your data with. We will never sell your Protected Health Information.

We may share your data in the following limited circumstances:

  • With Your Consent: We will share your data with your authorized healthcare providers or family members only when you give us your explicit consent to do so.

  • With Our Service Providers (Business Associates): We work with trusted partners who provide services like secure cloud hosting (e.g., Amazon Web Services) and data analytics. These partners are known as "Business Associates" under HIPAA. We have a signed Business Associate Agreement (BAA) with each one, which legally requires them to protect your PHI to the same high standard that we do.

  • For Legal Reasons: We may disclose PHI if required by law, such as in response to a court order or other legal process.

6. Patient Rights

You have fundamental rights regarding your health information.

  • Right to Access and Correct: You have the right to inspect and receive a copy of your PHI. You can also request that we correct any inaccurate information. You can manage much of this directly within the EvoWalk app.

  • Right to an Accounting of Disclosures: You can request a list of certain disclosures we have made of your PHI.

  • Right to Request Restrictions: You can ask us to restrict how we use or share your PHI for treatment, payment, or healthcare operations. We will consider your request but are not legally required to agree to it in all circumstances.

Additional Rights for California Residents (CCPA): You have the right to know, delete, and opt-out of the "sale" or "sharing" of your personal information. As stated, we do not sell your PHI.

Additional Rights for European Residents (GDPR): You have the right to access, rectify, erase, restrict processing of, and port your personal data. Our services are hosted in the U.S., and we use legally-required safeguards like Standard Contractual Clauses (SCCs) for any data transferred from Europe.

To exercise any of these rights, please contact our support team at support@evolutiondevices.com. We will respond to your request within 30 days.

7. Data Security, Storage, and Retention

  • Security: All data is encrypted both in transit (as it travels from the device to our servers) and at rest (while stored on our servers). Our servers are located in secure, access-controlled facilities in the USA. We implement comprehensive technical, administrative, and physical safeguards to protect your data.

  • Data Breach Procedures: In the unlikely event of a data breach involving your PHI, we will act promptly to mitigate the impact. Our response includes investigating the breach, taking steps to secure our systems, and notifying affected individuals and relevant authorities as required by law, in accordance with HIPAA’s Breach Notification Rule.

  • Retention: We retain your data only for as long as necessary to provide you with the EvoWalk service and to comply with our legal and regulatory obligations. When data is no longer needed, it is securely deleted or fully anonymized.

8. Children’s Policy

The EvoWalk™ System is not intended for use by children under the age of 13. We comply with the Children's Online Privacy Protection Act (COPPA). If we learn that we have collected PHI from a child under 13, we will take steps to delete that information promptly.

9. Policy Changes and Notifications

We may update this policy to reflect changes in our practices or the law. If we make significant changes, we will notify you through the EvoWalk mobile application or via email. The "Last Updated" date at the top of this policy will always indicate the latest version.

10. Updates to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. The updated policy will be posted on our website, and we will notify you of significant changes through email or app notification.

11. Contact Information

Evolution Devices Inc.
ATTN: Legal Department
44 Gough Street, Suite 1231
San Francisco, CA 94103, USA

If you have any questions or concerns about this Privacy and Data Usage Policy, please contact us at: Email: support@evolutiondevices.com 

By using the EvoWalk™ System, you acknowledge that you have read and understood this Privacy and Data Usage Policy and consent to the collection, use, and disclosure of your information as described herein.