TurboPT Privacy Notice

Last Modified: July 1, 2026

This Privacy Notice ("Notice") describes how TurboPT ("TurboPT," "we," "us," or "our") collects, uses, discloses, and protects information in connection with our website located at https://turbopt.com (the "Website"), our web portal, and our electronic medical record (EMR) and practice management services (collectively, the "Services").

This Notice explains:

  1. What information we collect, how we use it, and with whom it may be shared.
  2. The choices available to you regarding the use of your information.
  3. The measures we take to protect your information.
  4. How you can access or correct your information.

Please read this Notice together with any User Agreement or Business Associate Agreement that applies to you.


I. Our Role and the Scope of This Notice

TurboPT provides EMR and practice management software to healthcare providers, including physical therapy practices and their staff (our "Customers"). Depending on the context, TurboPT may act as:

     A service provider to our Customers with respect to their own business and contact information; and

     A Business Associate (as defined by HIPAA, described in Section IV) with respect to protected health information that Customers create, receive, maintain, or transmit through the Services.

This Notice governs information collected through the Website and the Services. It is not a HIPAA Notice of Privacy Practices. A healthcare provider's own Notice of Privacy Practices governs how that provider uses and discloses patient health information; TurboPT handles protected health information only on behalf of, and under the direction of, the provider pursuant to a Business Associate Agreement.


II. Information We Collect

Information you provide to us. We collect information you submit directly, including when you:

     Register for or use the Services or web portal;

     Request a demonstration, support, or other information;

     Communicate with our sales, support, or onboarding teams by phone, text message, email, or web form;

     Upload documents, images, or other data to the Services; or

     Provide a mobile telephone number for text-message communications.

This information may include names, business contact information, email addresses, telephone and mobile numbers, account credentials, and the contents of your communications with us.

Health information. Our Customers and their authorized users enter patient, employee, and therapist data into the Services. Where that data constitutes protected health information, we handle it as a Business Associate under HIPAA, as described in Section IV.

Information collected automatically. When you use the Website or Services, we and our analytics providers may automatically collect log and usage information such as IP address, browser type, referring and exit pages, pages viewed, links clicked, device information, and similar data. We collect and use this information in aggregate or de-identified form to operate, secure, and improve the Services.


III. How We Use Information

We use the information we collect to:

     Provide, maintain, operate, and secure the Website and Services, including registering users and providing customer support;

     Respond to your questions, requests, and communications, including support and onboarding conversations conducted by phone, text message, email, or web form;

     Send administrative and service-related communications, such as notices about features, maintenance, security, terms, or changes to this Notice;

     Analyze usage trends and improve the performance, functionality, and security of the Services; and

     Comply with legal obligations and enforce our agreements.

We do not use protected health information except as permitted by our Business Associate Agreements and applicable law.


IV. Protected Health Information HIPAA and HITECH

Certain of our Customers are "covered entities" or "business associates" subject to the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA"), as amended by the Health Information Technology for Economic and Clinical Health Act ("HITECH").

When TurboPT stores, processes, or transmits "individually identifiable health information" (as defined by HIPAA) on behalf of a healthcare provider who has entered into a Healthcare Provider User Agreement and Business Associate Agreement with us, TurboPT does so as that provider's Business Associate. In that capacity, TurboPT:

     Uses and discloses protected health information only as permitted by the applicable Business Associate Agreement, as required to provide the Services, or as required by law, and not in any manner that the provider itself could not;

     Implements and maintains reasonable and appropriate administrative, physical, and technical safeguards designed to protect the confidentiality, integrity, and availability of protected health information, consistent with the HIPAA Security Rule;

     Requires its subcontractors that create, receive, maintain, or transmit protected health information on our behalf to agree in writing to substantially the same restrictions and conditions that apply to TurboPT;

     Does not sell protected health information and does not use or disclose protected health information for marketing except as permitted by HIPAA and authorized by the provider or, where required, the individual; and

     Provides notification of any breach of unsecured protected health information to the affected provider without unreasonable delay and consistent with the requirements of HITECH and the HIPAA Breach Notification Rule.

As a Business Associate, TurboPT is directly subject to applicable provisions of HIPAA and HITECH. Nothing in this Notice modifies the terms of any Business Associate Agreement; in the event of a conflict between this Notice and a Business Associate Agreement with respect to protected health information, the Business Associate Agreement controls.


V. Text Messaging (SMS/MMS)

TurboPT uses text messaging to communicate with our Customers and their authorized staff in support of their use of the Services.

Types of messages. Messages are conversational and support-oriented. They include responding to support requests, troubleshooting, confirming and following up on support tickets, coordinating onboarding and training, and providing account, billing, and service notifications. We do not send unsolicited marketing text messages.

How we obtain consent. Consent to receive text messages is obtained during our existing business relationship with the Customer, typically verbally over the phone when a Customer contacts our support team or when our team coordinates onboarding, training, or account setup, or in person during account-management meetings. At the time consent is obtained, our representative informs the Customer that they will receive support-related text messages from TurboPT and provides the disclosures below.

Opt-out and help. You may opt out of text messages at any time by replying STOP. You may reply HELP for assistance. We honor opt-out requests promptly.

Rates and frequency. Message and data rates may apply, and message frequency may vary depending on your interactions with us.

No sale or sharing of mobile information. TurboPT will not sell, rent, or share mobile telephone numbers, text-messaging consent, or SMS opt-in information with any third parties or affiliates for their own marketing or promotional purposes. Mobile information is used solely to deliver the support communications described above and to operate the messaging program, and is disclosed only to service providers that help us deliver those messages, subject to obligations to protect the information and use it only for that purpose.

For more information about our privacy practices, see the remainder of this Notice or contact us using the information in Section XIV.


VI. How We Share Information

We do not sell your personal information. We share information only in the following limited circumstances:

     With your healthcare provider or treatment facility. For patients using the portal, we provide information to the applicable care provider and/or treatment facility for purposes such as scheduling, rescheduling, or canceling appointments; sending appointment reminders; secure messaging; and updating contact information.

     With service providers. We share information with vendors and service providers that perform services on our behalf (such as hosting, communications, and analytics providers). These providers are contractually restricted from using the information for any purpose other than providing services to us and, where the information is protected health information, are bound by written agreements consistent with Section IV.

     For legal and safety reasons. We may disclose information where required by law, subpoena, or legal process, or where we reasonably believe disclosure is necessary to comply with law or lawful requests from law enforcement, to enforce our Terms of Use, to protect the security, quality, or integrity of the Services, or to protect the rights, property, or safety of TurboPT, our users, or others.

     Aggregated or de-identified information. We may share information that has been aggregated or de-identified such that it cannot reasonably be used to identify you.

We do not share mobile information or SMS consent as described in Section V.


VII. Change of Control

If TurboPT is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, information we hold may be transferred as part of that transaction. Any such transfer of protected health information will be conducted in accordance with HIPAA, HITECH, and the applicable Business Associate Agreements, and any successor entity will remain bound by commitments consistent with this Notice with respect to the information transferred. Mobile information and SMS consent will continue to be handled consistent with Section V.


VIII. Your Choices and Rights

You may, at any time, contact us using the information in Section XIV to:

     Request access to the information we hold about you;

     Request correction of inaccurate information;

     Request deletion of information, subject to our legal and contractual obligations; or

     Raise a concern about our use of your information.

You may opt out of non-essential communications from us at any time, and you may opt out of text messages by replying STOP as described in Section V. Requests concerning patient health information should be directed to your healthcare provider, who controls that information; TurboPT will support the provider in responding consistent with HIPAA and our Business Associate Agreement.


IX. Data Security

We take reasonable precautions to protect information both online and offline. Sensitive information transmitted through the Website and Services is encrypted in transit using industry-standard protocols (such as TLS/SSL). Access to personally identifiable information and protected health information is limited to personnel who need it to perform their roles, and the systems on which we store such information are maintained in secure data centers located in the United States. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.


X. Cookies and Analytics

We use cookies and similar technologies to operate the Website, remember your preferences, and understand how the Website is used. Some cookies are placed by third-party analytics providers (for example, Google Analytics) that help us measure traffic and usage trends; we do not control those third parties' technologies. Analytics information is collected and used in aggregate or de-identified form. You can adjust your browser settings to refuse cookies, though some features of the Website may not function properly as a result.


XI. Minors

The Website is not intended for or directed to children under the age of 13. TurboPT does not knowingly collect personal information directly from children. If we learn that we have collected personal information directly from a child without appropriate authorization, we will delete it as soon as practicable. Healthcare providers, parents, and guardians who are authorized adults may provide, store, and submit information about others, including minors, through the Services, and assume responsibility for doing so in compliance with applicable law.


XII. United States Only

The Website and Services are administered in and intended for users within the United States. Information you submit is stored and processed on systems located in the United States. If you access the Services from outside the United States, you consent to the transfer, storage, and processing of your information in the United States, where data-protection laws may differ from those of your jurisdiction.


XIII. Changes to This Notice

We may update this Notice from time to time. When we do, we will revise the "Last Modified" date above and, where appropriate, provide additional notice. Your continued use of the Website or Services after an update indicates your acceptance of the revised Notice.


XIV. Contact Us

If you have questions about this Notice or believe we are not abiding by it, please contact us:

TurboPT 1110 N Virgil Ave, PMB 94792 Los Angeles, CA 90029

Phone: (800) 628-8980 Email: support@turbopt.com