Legal
Privacy Policy
This Privacy Policy explains what Membrane Health and our related services collect, how we use it, and the choices you have. It mirrors the Fieldflux Biosystems privacy policy, which governs all Fieldflux products. In this document, "Fieldflux," "we," and "us" mean Fieldflux Biosystems, Inc.
1) Our privacy posture
We're built around consent-driven sharing, scope control, time-bounded access to any shared datasets, and workflows designed to support professional use without revealing your personal identity. In plain terms: you decide what is shared, with whom, and for how long — and the tools are designed to keep it that way.
2) Information we collect
Account & subscription information
- Contact details, including your email address.
- Subscription status and entitlements.
- Billing metadata. Fieldflux does not receive your full payment card numbers — payments are handled by the app store or payment processor.
Health & device data (only with your permission)
With your permission, Membrane Health reads signals from Apple Health / HealthKit and your connected devices, including:
- Sleep signals — duration, stages, and efficiency.
- Autonomic and cardiovascular signals — resting heart rate and heart-rate variability.
- Activity metrics — steps and active energy.
- Metabolic proxies — respiratory rate, temperature, and glucose where authorized.
- Mobility metrics where available.
Professional sharing datasets
The app can generate shareable QR codes representing a 28-day dataset. These datasets contain no identifying profile fields — no name, age, sex, contact details, or similar identifiers.
3) How we use information
We use information to:
- generate your insights and readings;
- enable Pro features;
- operate secure sharing workflows;
- maintain the reliability and security of the services;
- provide support; and
- comply with legal obligations.
4) Professional sharing workflow
When you choose to share a dataset with a professional, it is uploaded to Amazon Web Services (AWS S3) under an anonymous identifier and is configured to self-destruct after 3 days.
5) How we share information
We share information:
- with service providers who help us operate the services;
- at your direction — for example, when you share a dataset with a clinician or coach;
- for legal and safety reasons; and
- in connection with a business transfer.
Fieldflux does not sell personal information.
6) Security
We use administrative, technical, and organizational measures to protect your information, including secure storage and controlled access pathways.
7) Data retention
- Professional packages auto-delete after 3 days from AWS S3.
- Any external exports you create follow the storage policies of whoever receives them.
- Account records are retained as long as needed to provide the service and for support, security, and compliance.
8) Your choices and controls
You can:
- manage device and Apple Health permissions at any time;
- generate or discontinue a share flow;
- choose whether to export reports; and
- manage or cancel your subscription.
9) Children's privacy
The services are intended for adults and professional contexts, with jurisdiction-appropriate age safeguards where required.
10) Changes to this Privacy Policy
We may update this policy from time to time. Updates are posted with a revised effective date, and continued use of the services constitutes acceptance.
11) Contact
Fieldflux Biosystems, Inc.
850 New Burton Rd. Suite 201
Dover, DE 19904
Email: support@fieldfluxbiosystems.com