July 1, 2026

Privacy Policy

Dannce.AI, Inc. ("Dannce," "we," "us," or "our") develops a platform that helps individuals record guided movement videos and, where applicable, enables authorized clinic users to review those recordings. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use our mobile application, web portal, websites, and related services (collectively, the "Services").

How the Services Work

Clinician-mediated mode. A clinic or healthcare provider invites you to the Services and links your account to that practice. Your clinic is generally the covered entity for purposes of HIPAA, and Dannce operates as a processor and Business Associate of the clinic. Authorized clinic users may review your recordings.

  1. Eligibility and Age

You must be at least 18 years old to create an account or to be invited as a patient. We do not display advertising and do not sell or share personal information, regardless of user age or mode.

  1. Personal Information We Collect

2.1 Personal Information We Collect

  • Contact information: name, email, phone number, mailing address.

  • Account information: username, authentication credentials, profile details, role, clinic affiliation (clinician-mediated mode), account preferences.

  • Patient/profile information: name, phone number, date of birth, and—in clinician-mediated mode—assigned clinic and related notes entered by authorized clinic users.

  • Movement recording information: videos, images, audio (if enabled), and related metadata such as recording date, duration, and assigned or selected task.

  • Communications: messages, support requests, feedback.

  • Questionnaire or survey information that you choose to provide.

2.2 Information Generated Through Use of the Services

  • Recording status and progress: tasks completed, recordings saved, and—in clinician-mediated mode—recordings reviewed, flagged, or retake-requested.

  • Review activity (clinician-mediated mode): when a recording is opened, reviewed, flagged, archived, or deleted by an authorized clinic user.

  • Audit log information: user ID, role, clinic ID (if any), timestamp, action, IP address, device/browser information.

  • Technical information: device type, browser type, operating system, IP address, app version, log files, general usage information.

  • Camera and on-device processing information: The Services use your device's camera to capture movement recordings. During recording, on-device processing is used to validate framing (for example, confirming that you are positioned correctly in the camera's field of view). This processing occurs on your device; the framing-validation data (such as whether key body landmarks are detected in the frame) is not transmitted to our servers. The resulting video recordings are uploaded to our servers for use in providing the Services.

  • Online activity information: pages or screens viewed, features used, session timing, interactions with emails or notifications.

2.3 Information From Clinics and Other Users (clinician-mediated mode)

If you are a patient invited by a clinic, your clinic or care team may provide information about you to set up your profile and assign recording tasks. If you are a clinic user, your clinic administrator may provide information needed to create or manage your account.

  1. How We Use Personal Information

3.1 To Provide and Operate the Services

To create and manage accounts, enable recording and (in clinician-mediated mode) clinical review, track recording progress, provide technical support, and maintain security.

3.2 To Support Clinic Review Workflows (clinician-mediated mode)

To display tasks and progress, maintain review statuses, support historical comparison of recordings over time, and maintain audit logs for accountability.

3.3 To Improve and Operate Our Services

We may use information to understand how users interact with the Services, improve usability and reliability, develop new features, and troubleshoot errors. For these operational purposes, we use aggregated, de-identified, or anonymized information where appropriate.

3.4 No Use of Health Data for Marketing or Advertising

We do not use medical, movement, recording, camera, or other health-related data for advertising, marketing, data mining, or any other purpose unrelated to providing the Services or improving health management. Data collected through your device's camera is used solely to provide the Services and is not shared for advertising or marketing purposes.

3.5 No Sale or Sharing for Cross-Context Behavioral Advertising

We do not sell personal information and we do not share personal information for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act.

3.6 Security, Compliance, and Protection

We use personal information to secure the Services, detect and prevent fraud and security incidents, enforce our terms, comply with applicable laws and legal process, and protect rights, privacy, safety, and property.

  1. How We Share Personal Information

  • Authorized clinic users (clinician-mediated mode). Recordings and related patient information may be accessible to authorized users associated with your assigned clinic, limited by role and clinic assignment. 

  • Service providers. Vendors that help us operate the Services (cloud hosting, storage, security and authentication, customer support, email/SMS delivery, IT), under contracts that limit their use of the information to providing services to us.

  • Professional advisors. Lawyers, auditors, insurers, and consultants where necessary for services they provide to us.

  • Legal and safety purposes. To comply with law or legal process, protect rights, privacy, safety, or property, investigate security incidents, or enforce our agreements.

  • Business transactions. In connection with an actual or potential merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar event. Any successor will be required to honor the commitments in this Privacy Policy.

  • With your direction or consent. With third parties at your direction or with your consent.

  1. Retention

  • Recordings. Retained for 60 days after account deletion or termination. After 60 days, recordings are archived or deleted according to applicable clinic retention settings, legal requirements, or operational needs.

  • Biometric information. Retained for 60 days after account deletion or termination, or sooner once the purpose for collection is satisfied, consistent with applicable biometric privacy law.

  • Account data. Retained for 60 days after account deletion or termination unless longer retention is required to comply with legal obligations or resolve disputes.

  • Audit logs. Retained separately for 6 years from the logged event to support HIPAA requirements, security, accountability, and financial audit and compliance purposes.

  • De-identified derived data. The retention schedules in this section do not apply to movement-derived data (such as 3D pose estimates, joint trajectories, and other kinematic features) that has been de-identified in accordance with applicable law. De-identified derived data is not personal information or biometric data and is retained and managed outside the schedules above.

  1. Recording Audit Trails

We maintain audit trails for recording-related activity, which may include when a recording was uploaded, opened, played, marked reviewed, flagged, retake-requested, archived, or deleted, together with the user, role, clinic (if any), timestamp, and related identifiers. Audit trails support security, accountability, and appropriate use of the Services.

  1. Security

We use technical, organizational, and administrative safeguards designed to protect personal information, including encryption in transit, encryption at rest, role-based access controls, audit logging, access restrictions based on clinic assignment (clinician-mediated mode), and operational security monitoring. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

  1. Your Rights and Choices

8.1 In-App Account Deletion

You can delete your account at any time from within the app under Settings → Account → Delete Account, or by emailing privacy@dannce.ai. We will complete deletion within 60 days, subject to retention requirements in Section 5 and Section 9 (HIPAA) and our obligations under applicable law.

8.2 California Residents (CCPA / CPRA)

California consumers have the right to know, access, correct, delete, opt out of the sale or sharing of personal information (we do not sell or share), limit the use and disclosure of sensitive personal information, and not be discriminated against for exercising these rights. To submit a request, email privacy@dannce.ai or use the in-app controls under Settings → Privacy. You may use an authorized agent, subject to verification.

8.3 Other U.S. State Privacy Rights

Residents of states with applicable consumer privacy laws may have additional rights regarding their personal information, which may include the right to access, correct, delete, or obtain a copy of their personal information, and the right to opt out of certain processing activities. To exercise any rights available to you under applicable state law, email privacy@dannce.ai or use the in-app controls under Settings → Privacy.

8.4 Marketing Communications

If we send marketing emails, you may opt out via the unsubscribe instructions or by contacting us. You may still receive service-related messages.

8.5 Cookies

Our website and Services may use cookies, local storage, pixels, and similar technologies to operate the Services, remember preferences, improve performance, and understand usage. You can adjust your browser settings to block or delete cookies; some parts of the Services may not function properly if cookies are disabled.

  1. HIPAA Notice (clinician-mediated mode)

Where Dannce provides the Services to a HIPAA-covered entity (a clinic), Dannce acts as a Business Associate under HIPAA. Our use and disclosure of Protected Health Information (PHI) is governed by the applicable Business Associate Agreement between Dannce and the covered entity, and the covered entity's Notice of Privacy Practices governs the use and disclosure of PHI. This Privacy Policy supplements but does not replace that notice. 

  1. Children

We do not knowingly collect personal information from children under 18. If you believe someone under 18 has provided personal information to us in violation of this policy, contact privacy@dannce.ai.

  1. Other Websites and Services

The Services may contain links to third-party websites, applications, or services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide additional notice as appropriate. Continued use of the Services after the updated Privacy Policy becomes effective means it applies to your use of the Services.

  1. Contact Us

  • Email: privacy@dannce.ai        

  • Mail: Dannce.AI, Inc., 155 Federal St Ste 501, Boston, Massachusetts 02110-1727

Ready to embrace
technology to better manage
your patients?

Book a live demo or find a participating clinic using Dannce.

Turn phone video into clinical-grade motor data

Turn phone video into
clinical-grade motor data

© 2026 Dannce. All rights reserved.