Privacy Policy

Last updated: 2026-03-27

SpineAlign ("we," "us," or "our") operates the website getspinealign.com and is committed to protecting the privacy of our customers and visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, place an order, or interact with our services. Please read this policy carefully. By accessing or using our website, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.

1. Information We Collect

SpineAlign collects information in several ways to provide and improve our products and services. The types of information we collect include:

1.1 Personal Information You Provide

When you interact with SpineAlign, you may voluntarily provide personal information, including but not limited to:

• Identity Information: First name, last name, and date of birth
• Contact Information: Email address, phone number, billing address, and shipping address
• Account Information: Username, password, and account preferences
• Payment Information: Credit card numbers, debit card numbers, and billing details (processed securely through our third-party payment processors)
• Order Information: Purchase history, product preferences, and order notes
• Communication Information: Messages you send to our customer support team, product reviews, survey responses, and feedback

1.2 Information Collected Automatically

When you visit getspinealign.com, we may automatically collect certain information about your device and browsing activity, including:

• Device Information: IP address, browser type and version, operating system, device type, and unique device identifiers
• Usage Data: Pages visited, time spent on pages, click patterns, referring URLs, and exit pages
• Location Data: General geographic location based on your IP address
• Log Data: Server logs, access times, and error reports

1.3 Information from Third Parties

We may receive information about you from third-party sources, including:

• Payment processors and fraud prevention services
• Marketing and advertising partners
• Social media platforms (if you interact with our social media accounts or use social login features)
• Analytics providers
• Shipping and fulfillment partners

2. How We Use Your Information

SpineAlign uses the information we collect for the following purposes:

2.1 Order Fulfillment and Customer Service

• Processing and fulfilling your orders, including shipping and delivery
• Sending order confirmations, shipping notifications, and delivery updates
• Managing returns, exchanges, and refunds
• Responding to your inquiries, requests, and customer support tickets
• Verifying your identity for account security and fraud prevention

2.2 Improving Our Products and Services

• Analyzing usage trends and customer behavior to improve our website and product offerings
• Conducting research and analysis to enhance the user experience
• Testing new features, functionality, and designs
• Monitoring and improving the performance and security of our website

2.3 Marketing and Communications

• Sending promotional emails, newsletters, and special offers (with your consent where required)
• Personalizing your shopping experience and product recommendations
• Displaying targeted advertisements on our website and third-party platforms
• Administering contests, promotions, and surveys

2.4 Legal and Compliance

• Complying with applicable laws, regulations, and legal processes
• Enforcing our Terms of Service and other agreements
• Protecting the rights, property, and safety of SpineAlign, our customers, and the public
• Detecting, preventing, and addressing fraud, security breaches, and other harmful activity

3. Cookies and Tracking Technologies

SpineAlign uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and personalize content.

3.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, login status, and browsing activity.

3.2 Types of Cookies We Use

• Essential Cookies: These cookies are necessary for the basic functionality of our website, such as maintaining your shopping cart, processing checkout, and enabling secure access to your account. You cannot opt out of essential cookies.
• Performance and Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting anonymous usage data. We use this information to improve site performance and user experience.
• Functional Cookies: These cookies remember your preferences and settings, such as language, region, and display options, to provide a more personalized experience.
• Advertising and Targeting Cookies: These cookies are used to deliver relevant advertisements to you based on your interests and browsing behavior. They may also limit the number of times you see an ad and help measure the effectiveness of advertising campaigns.

3.3 Managing Your Cookie Preferences

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. However, please note that disabling certain cookies may affect the functionality of our website and your ability to complete purchases. You may also manage your preferences through our cookie consent banner when you first visit getspinealign.com.

3.4 Other Tracking Technologies

In addition to cookies, SpineAlign may use web beacons (pixel tags), local storage, and similar technologies to collect information about your interactions with our website and emails.

4. Third-Party Services

SpineAlign works with trusted third-party service providers to operate our business and deliver our products and services. These third parties may have access to your personal information only to perform specific tasks on our behalf and are obligated to protect your data.

4.1 Categories of Third-Party Service Providers

• Payment Processors: We use third-party payment processors (such as Stripe and PayPal) to securely handle payment transactions. SpineAlign does not store your full credit card information on our servers.
• Shipping and Fulfillment Partners: We share your shipping address and order details with carriers and fulfillment centers to deliver your purchases.
• Analytics Providers: We use services such as Google Analytics to analyze website traffic and user behavior. These providers may collect information through cookies and similar technologies.
• Email and Marketing Platforms: We use third-party platforms to send transactional emails, marketing communications, and manage our customer relationship data.
• Advertising Partners: We work with advertising networks and social media platforms to deliver targeted ads and measure campaign performance.
• Customer Support Tools: We use third-party helpdesk and live chat software to manage customer inquiries.
• Fraud Prevention Services: We use third-party tools to detect and prevent fraudulent transactions.

4.2 Third-Party Links

Our website may contain links to third-party websites, products, or services that are not owned or controlled by SpineAlign. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party websites you visit.

4.3 Social Media Features

Our website may include social media features, such as share buttons or embedded content from platforms like Facebook, Instagram, and Twitter. These features may collect your IP address and browsing data and are governed by the respective platform's privacy policy.

5. Data Security

SpineAlign takes the security of your personal information seriously. We implement a variety of technical, administrative, and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction.

5.1 Security Measures

• Encryption: All data transmitted between your browser and our website is encrypted using SSL/TLS (Secure Sockets Layer/Transport Layer Security) technology.
• Secure Payment Processing: Payment information is processed through PCI DSS-compliant third-party payment processors and is never stored on SpineAlign servers in an unencrypted format.
• Access Controls: Access to personal information is restricted to authorized SpineAlign employees and contractors who need the information to perform their job duties.
• Regular Audits: We conduct regular security assessments and vulnerability testing to identify and address potential risks.
• Data Minimization: We collect and retain only the personal information necessary to fulfill the purposes outlined in this Privacy Policy.

5.2 Data Retention

SpineAlign retains your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When your data is no longer needed, we will securely delete or anonymize it.

5.3 Breach Notification

In the event of a data breach that compromises your personal information, SpineAlign will notify affected individuals and relevant authorities in accordance with applicable laws and regulations.

Important: While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard protections.

6. Children's Privacy

SpineAlign does not knowingly collect, solicit, or maintain personal information from individuals under the age of 16 (or the applicable age of consent in your jurisdiction). Our website and products are not directed at children under 16.

If we become aware that we have collected personal information from a child under 16 without verified parental consent, we will take immediate steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided personal information to SpineAlign, please contact us at support@getspinealign.com so we can take appropriate action.

7. Your Privacy Rights

7.1 Rights Under the General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), the United Kingdom, or Switzerland, you have certain rights under the GDPR and related data protection laws. SpineAlign acts as the data controller for the personal information we collect. Our lawful bases for processing your data include:

• Contract Performance: Processing necessary to fulfill your orders and provide our services
• Legitimate Interests: Processing necessary for our legitimate business interests, such as fraud prevention, website improvement, and direct marketing (where balanced against your rights)
• Consent: Processing based on your explicit consent, such as subscribing to marketing emails
• Legal Obligation: Processing necessary to comply with applicable laws and regulations

Under the GDPR, you have the following rights:

• Right of Access: You have the right to request a copy of the personal information we hold about you.
• Right to Rectification: You have the right to request correction of inaccurate or incomplete personal information.
• Right to Erasure ("Right to Be Forgotten"): You have the right to request deletion of your personal information, subject to certain legal exceptions.
• Right to Restriction of Processing: You have the right to request that we limit the processing of your personal information under certain circumstances.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.
• Right to Object: You have the right to object to the processing of your personal information for direct marketing purposes or based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw your consent at any time without affecting the lawfulness of prior processing.
• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, please contact us at support@getspinealign.com. We will respond to your request within 30 days, as required by applicable law.

7.2 Rights Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

If you are a California resident, you have specific rights under the CCPA and CPRA regarding your personal information:

• Right to Know: You have the right to request that SpineAlign disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information was collected, the business or commercial purpose for collecting the information, and the categories of third parties with whom we share the information.
• Right to Delete: You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.
• Right to Correct: You have the right to request correction of inaccurate personal information.
• Right to Opt-Out of Sale or Sharing: You have the right to opt out of the "sale" or "sharing" of your personal information. SpineAlign does not sell your personal information in the traditional sense. However, certain uses of cookies and advertising technologies may constitute "sharing" under the CCPA/CPRA. You may opt out by adjusting your cookie preferences on our website.
• Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of sensitive personal information to purposes necessary to provide our services.
• Right to Non-Discrimination: SpineAlign will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level of quality based on your exercise of these rights.

To submit a verifiable consumer request under the CCPA/CPRA, please contact us at support@getspinealign.com. You may also designate an authorized agent to make a request on your behalf. We will verify your identity before fulfilling any request and will respond within 45 days, as required by law.

7.3 Categories of Personal Information Collected (CCPA Disclosure)

In the preceding 12 months, SpineAlign may have collected the following categories of personal information:

• Identifiers (name, email address, postal address, phone number, IP address)
• Customer records information (payment information, billing and shipping addresses)
• Commercial information (purchase history, products viewed, shopping preferences)
• Internet or other electronic network activity (browsing history, search history, interactions with our website)
• Geolocation data (general location based on IP address)
• Inferences drawn from the above categories to create a profile about consumer preferences

7.4 International Data Transfers

If you are located outside the United States, please be aware that your personal information may be transferred to, stored, and processed in the United States or other countries where SpineAlign or our service providers operate. By using our website and providing your information, you consent to such transfers. SpineAlign ensures that appropriate safeguards are in place, such as Standard Contractual Clauses or other approved mechanisms, to protect your data during international transfers in compliance with the GDPR and other applicable data protection laws.

8. Changes to This Privacy Policy

SpineAlign reserves the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will:

• Update the "Last updated" date at the top of this page
• Post the revised Privacy Policy on getspinealign.com
• Notify you of material changes via email or a prominent notice on our website prior to the changes taking effect

We encourage you to review this Privacy Policy periodically to stay informed about how SpineAlign collects, uses, and protects your information. Your continued use of our website and services after any changes to this Privacy Policy constitutes your acceptance of the updated terms.

9. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or SpineAlign's data practices, please do not hesitate to contact us:

• Company: SpineAlign
• Website: getspinealign.com
• Email: support@getspinealign.com

For GDPR-related inquiries, you may also contact our data protection team at support@getspinealign.com. We will make every effort to respond to your inquiry within a reasonable timeframe and in accordance with applicable legal requirements.

If you are not satisfied with our response to your privacy concern, you have the right to lodge a complaint with your local data protection authority (for EEA, UK, and Swiss residents) or the California Attorney General's office (for California residents).