Legal

Privacy Policy.

Effective Date: September 30, 2025 · Ergono3D Pty Ltd · Melbourne, Australia

Ergono3D ("Ergono3D," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our websites, use our mobile/desktop applications, or engage with our services (collectively, the "Services"). If you do not agree with this Policy, please do not access or use the Services.

1. Scope & Key Definitions

  • Personal Data: Information that identifies or can reasonably identify a person (e.g., name, email, device IDs, IP address).
  • Sensitive Personal Data: Data that may be considered sensitive under law (e.g., precise images of your feet, 3D scans, body measurements, pressure maps, and health-related inferences).
  • Input Data: Photos, videos, scans, measurements, and annotations you provide for posture or insole design features.
  • Design Outputs: Custom 3D models/files (e.g., STL/STEP/G-code) and related specifications generated by the Services.

2. Information We Collect

a) Data You Provide

  • Account & Contact: Name, email, password, shipping/billing addresses, phone.
  • Payment: Limited payment information processed by our payment processor (we do not store full card numbers).
  • Support/Comms: Messages, survey responses, marketing preferences.
  • Input Data (Sensitive): Foot images, 3D scans, measurements, pressure maps, and notes you upload to generate posture insights or customized insoles.
  • Professional User Data: If you are a clinician/retailer uploading data for a client/patient, you confirm you have appropriate consent and lawful basis.

b) Data Collected Automatically

  • Device/Usage: IP address, device identifiers, app version, OS/browser, language, time zone, crash logs, diagnostic data, pages/screens viewed, referrers.
  • Cookies & Similar Tech: Cookies, pixels, SDKs for authentication, analytics, preferences, and marketing (see Section 8).

c) Data from Third Parties (Optional/Where Enabled)

  • Single Sign-On / Social Login: Basic profile and verification data from providers you choose to connect.
  • Service Providers: Fraud prevention signals, delivery status, customer support tools.

3. How We Use Personal Data

We process your data to:

  • Provide the Services: Create/manage your account; generate posture insights; create custom 3D Design Outputs; fulfill orders; provide support.
  • Operate, Maintain, Improve: Debug, analytics, quality assurance; train and tune workflows (including algorithmic models) using aggregated and de-identified data.
  • Safety & Integrity: Detect, prevent, and respond to abuse, security incidents, and legal requests.
  • Communications: Transactional emails (receipts, updates); service announcements; marketing communications (you can opt out).
  • Personalization: Remember settings; recommend capture tips, materials, or break-in guidance.
  • Legal Compliance: Tax, accounting, and recordkeeping obligations.

AI/Model Use: We do not use your identifiable Input Data to train public models. We may use aggregated and/or de-identified data to improve our algorithms and features.

4. Legal Bases (EEA/UK Only)

Where GDPR/UK GDPR applies, we rely on:

  • Contract (to provide the Services you request),
  • Consent (for processing Sensitive Personal Data, certain analytics/marketing, and cross-border transfers where required),
  • Legitimate Interests (to secure, improve, and personalize Services; prevent fraud), and
  • Legal Obligations.

You can withdraw consent at any time where consent is the legal basis.

5. Disclosure of Personal Data

We share data only as needed:

  • Service Providers / Sub-Processors: Hosting, cloud storage, payment processing, analytics, customer support, emailing, and manufacturing logistics (if you request third-party production). Bound by confidentiality and data-processing terms.
  • Professional Users: If you work with a clinic/retailer and connect your account, your relevant data may be shared with that professional per your instructions.
  • Business Transfers: In a merger, acquisition, or asset sale, data may transfer subject to this Policy.
  • Legal & Safety: To comply with law, enforce terms, or protect rights, property, or safety.
  • With Your Direction: When you ask us to share data (e.g., sending files to a chosen manufacturer).

We do not sell your Personal Data. In some U.S. jurisdictions, certain analytics/ads disclosures could be considered a "share"; see Section 10 for opt-out rights.

6. International Data Transfers

We may transfer, store, or process data outside your country (e.g., in the U.S., EU, Canada). Where required, we use appropriate safeguards such as Standard Contractual Clauses and conduct transfer risk assessments. You may request a copy of relevant safeguards (subject to redactions).

7. Data Retention

  • Account Data: Kept while your account is active and as needed for legal/operational purposes.
  • Input Data & Design Outputs: Retained to support your projects, reprints, and adjustments. You may delete specific uploads in-app where available or request deletion (see Section 10).
  • De-Identified Data: May be retained for analytics and service improvement. We periodically review and minimize retention consistent with our obligations.

8. Cookies & Tracking

We use cookies/SDKs for authentication, performance, and (where permitted) marketing/retargeting. Most browsers allow you to control cookies. Some features may not function without essential cookies. "Do Not Track" signals are not consistently honored by industry; we respond where required by law.

9. Security

We employ administrative, technical, and physical safeguards appropriate to the nature of the data (e.g., encryption in transit, access controls, least-privilege practices, and secure development processes). No method of transmission or storage is 100% secure; you use the Services at your own risk.

10. Your Privacy Rights

Depending on your location, you may have rights to:

  • Access/Know, Correct/Rectify, Delete/Erase, Portability, Restrict or Object to certain processing, and Withdraw Consent.
  • Opt Out of targeted advertising/"sharing" (U.S. state laws) and certain profiling.
  • Appeal a denied request (where required).

Submit requests via support@ergono3d.com. We may verify your identity and, where applicable, act on your request within statutory timelines. Authorized agents may submit requests per local rules.

11. Sensitive Personal Data & Health Inferences

  • We process Sensitive Personal Data (e.g., foot images, scans, measurements, and potential health-related inferences) only to deliver the Services you request (e.g., posture insights and customized insoles) and for safety, security, and compliance.
  • Where required, we will ask for explicit consent.
  • We do not use Sensitive Personal Data for marketing or to train public models.

12. Children's Privacy

The Services are not intended for children under 13 (or older where local law requires). We do not knowingly collect Personal Data from children under the applicable age. If you believe a child provided data, contact us to delete it.

13. Professional Users (Clinicians/Retailers)

If you upload another person's data, you represent and warrant that you have obtained all necessary consents/authorizations and will comply with applicable privacy/medical laws (including providing required notices). You are the controller for your client relationships; Ergono3D acts as a processor where applicable and will execute data-processing agreements on request.

14. Third-Party Links & Websites

Our Services may link to third-party sites or services. We are not responsible for their privacy practices. Review their policies before providing data.

15. Communications Preferences

You may manage marketing preferences or unsubscribe using in-email links or in-app settings. We may still send transactional or service messages (e.g., security or order notices).

16. Automated Decision-Making & Profiling

We use automated processing to generate posture insights and custom 3D Design Outputs from your Input Data. These outputs are recommendations and files you control; they do not produce legal or similar significant effects. Where local law grants rights related to automated decisions, you may request human review or object (see Section 10).

17. California, Virginia, Colorado & Other U.S. State Disclosures

Residents of certain U.S. states have additional rights, including to know, access, delete, correct, opt out of targeted advertising/"sharing", and limit use of sensitive data. We do not sell Personal Data. To exercise rights, email support@ergono3d.com and include your state of residence.

18. GDPR/UK GDPR Disclosures

For EEA/UK users, the controller is Ergono3D. We may appoint an EU/UK representative where required. You have the rights listed in Section 10 and the right to lodge a complaint with your local data protection authority.

19. Changes to this Policy

We may update this Policy from time to time. We will update the "Effective Date" and, for material changes, provide prominent notice (e.g., in-app or email). Your continued use of the Services after the effective date constitutes acceptance.

20. Contact Us

Ergono3D Pty Ltd
Australia
team@ergono3d.com