Privacy Policy

Effective Date: July 2, 2026

OdioPapeleo ("the App") is a medical supply order management application designed for foot and ankle surgical professionals, operated by Empire Extremity ("we," "our," or "us") and delivered through the PaperFree Case Sheet website at paperfreecasesheet.com. This Privacy Policy describes how we collect, use, and protect your information.

1. Information We Collect

We collect the following types of information to provide and improve our services:

2. How We Use Your Information

3. Data Storage and Security

Your data is stored on secure servers with industry-standard encryption. We use HTTPS for all data transmission between the App and our servers. Access to your data is restricted to authorized personnel only.

Photos taken through the App are stored securely in cloud storage and are only accessible to authorized users associated with the relevant order.

4. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following circumstances:

5. Google User Data and Google API Services

OdioPapeleo offers an optional Google Calendar integration so that scheduled surgical cases can appear on your Google Calendar and stay in sync with your team. This section describes how the App accesses, uses, stores, and shares data obtained through Google API Services.

Google Calendar permissions we request and why. When you choose to connect your Google account, we request access to the Google Calendar scope that allows the App to view, create, and update calendar events (https://www.googleapis.com/auth/calendar.events). We use this access solely to create and update calendar events that correspond to scheduled surgical cases, so that you and your team can see upcoming cases, changes, and cancellations on your calendar. We do not request access to your Gmail, contacts, or any other Google service.

How we access this data. Access to Google Calendar occurs only after you explicitly authorize the connection through Google's standard OAuth consent screen. You may decline, and the rest of the App continues to work without the calendar integration.

How we use this data. We use your Google Calendar access exclusively to create, update, and remove calendar events that represent scheduled surgical cases within the App. We do not use Google user data for any other purpose.

How we store this data. To keep your calendar in sync without asking you to sign in repeatedly, we securely store the OAuth access and refresh tokens issued by Google, along with the identifiers of the calendar events the App creates. These tokens are stored encrypted on our secure servers and are used only to perform calendar operations you have initiated or that result from changes to your scheduled cases. We do not store the full contents of your Google Calendar.

How we share this data. We do not sell your Google user data, and we do not use it for advertising or to build advertising profiles. We do not transfer Google user data to third parties except as necessary to provide the calendar feature (for example, transmitting requests to Google's own APIs), to comply with applicable law, or as part of a merger or acquisition in which the successor entity is bound by this Privacy Policy.

Limited Use disclosure. OdioPapeleo's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

No AI/ML model training. We do not use Google user data — including any data obtained through the Google Calendar API — to develop, train, or improve any artificial intelligence or machine learning models, whether generalized or personalized. Google user data is never provided as input to AI models, including the AI-assisted features within the App, and is never transferred to any third-party AI or machine-learning tools.

Disconnecting Google Calendar. You can disconnect Google Calendar at any time from within the App, or by revoking the App's access from your Google Account permissions page. When you disconnect, we delete the stored Google OAuth access and refresh tokens from our servers and stop making any calendar requests on your behalf. Calendar events previously created in your Google Calendar remain under your control and can be edited or deleted directly in Google Calendar.

6. Advertising

OdioPapeleo does not display advertisements and does not use advertising IDs or tracking technologies for advertising purposes.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Order records and associated photos are retained for record-keeping and compliance purposes. Google OAuth tokens are retained only while your Google Calendar connection is active and are deleted when you disconnect. You may request deletion of your account and associated data by contacting us.

8. Your Rights

You have the right to:

9. Children's Privacy

OdioPapeleo is designed for medical professionals and is not intended for use by children under the age of 13. We do not knowingly collect information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy within the App or by other appropriate means.

11. Permissions Summary

Android permissions:

iOS permissions:

12. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at:

Empire Extremity
Email: aruggles@empireextremity.com