top of page
FFB LOGO.png

Privacy Policy

Privacy Policy - The Basics

Effective date: 12/15/2025


This Privacy Policy explains how Fieldflux Biosystems, Inc. (“Fieldflux,” “we,” “us,” “our”) handles information when you use our websites, applications, and services, including Membrane: Health, Membrane Pro, the companion sharing experience, and related features (collectively, the “Services”).

1) Privacy posture

Fieldflux is built around timing, coherence, and relationship. Privacy follows the same principle: clear consent, minimal exposure, and purpose-limited collaboration. The Services emphasize:

  • consent-driven sharing,

  • scope control,

  • time-bounded access to shared datasets,

  • and workflows designed to support professional use without revealing personal identity.

 

2) Information we collect

 

A) Account and subscription information

When accounts or subscriptions are used, the Services may process:

  • contact and account details (e.g., email),

  • subscription status and entitlements (e.g., Pro access),

  • billing metadata handled by app store/payment providers (Fieldflux does not receive full payment card numbers).

 

B) Health and device data (with permission)

If permissions are granted (for example through device-resident health frameworks), the Services may access health-related metrics such as:

  • sleep signals (duration, stages, efficiency),

  • autonomic and cardiovascular signals (e.g., resting heart rate, HRV),

  • activity and mechanical signals (e.g., steps, active energy, exertion proxies),

  • metabolic proxies (e.g., respiratory rate, temperature; glucose where supported and authorized),

  • mobility metrics where available.

The exact set depends on device support and the permissions granted.

 

C) Professional sharing datasets

The companion sharing workflow can generate a shareable QR code representing a 28-day dataset across autonomic, circadian, metabolic, and mechanical metrics. The dataset is packaged to be anonymous by design: it contains no identifying profile fields (name, age, sex, contact details, or similar identifiers).

 

3) How we use information

Fieldflux uses information to:

  • generate insights, summaries, and reports within the Services,

  • enable Pro features (including professional import, analysis, and reporting),

  • operate secure sharing and retrieval workflows,

  • maintain reliability, security, and abuse prevention,

  • provide support and improve product quality,

  • comply with legal obligations.

 

4) Professional sharing: QR code → secure upload → Pro import → analysis

 

Pro subscription requirement

Accessing shared datasets via QR import requires an active Pro subscription within the Membrane Health app.

 

Secure upload and retrieval

When the companion app generates a QR code, the associated dataset is uploaded to a secure AWS S3 bucket under an anonymous package identifier. A Pro user imports the dataset by scanning the QR code, which triggers a download into the Membrane Pro app.

 

Analysis and reporting

After import, Membrane Pro analyzes the dataset using the Membrane fusion engine and generates a 28-day analysis and related professional views and exports (e.g., reports).

 

Automatic expiration

Shared datasets are time-bounded. Packages stored in AWS S3 are configured to self-destruct after 3 days.

 

Anonymity by design

Professional imports are designed to provide meaningful physiological context while preserving identity. The Pro user receives the dataset without personal profile details (name, age, sex, contact information, or similar identifiers).

 

5) How we share information

Fieldflux shares information in limited ways:

  • Service providers that support secure storage and delivery (e.g., AWS S3) and operational reliability,

  • With user direction, such as exporting reports or sharing outputs,

  • Legal and safety reasons, when required by law or necessary to protect users and systems,

  • Business transfers, if Fieldflux undergoes a merger, acquisition, or asset transaction.

Fieldflux does not sell personal information.

 

6) Security

Fieldflux uses administrative, technical, and organizational measures designed to protect information, including secure storage configurations and controlled access pathways for shared datasets. Security also depends on safeguarding share artifacts (e.g., QR codes) and verifying intended recipients in professional settings.

 

7) Data retention

Retention follows functional need and time-bounded sharing:

  • Professional share packages are stored in secure AWS S3 and automatically deleted after 3 days.

  • Reports and exports saved outside the app (e.g., PDFs saved to Files or sent via email) persist according to the storage location and recipient policies.

  • Account and operational records are retained as needed for service delivery, support, security, and compliance.

 

8) Your choices and controls

Controls include:

  • managing device permissions for health data access,

  • generating or discontinuing share flows,

  • choosing whether to export reports,

  • managing subscription status through applicable purchase channels.

 

9) Children’s privacy

The Services are designed for adult users and professional contexts. If a jurisdiction requires additional age-based safeguards, Fieldflux implements appropriate controls.

 

10) Changes to this Privacy Policy

Updates are posted with a revised effective date. Continued use after that date reflects acceptance of the updated Policy.

 

11) Contact

Fieldflux Biosystems, Inc.
850 New Burton Rd. Suite 201

Dover, DE. 19904
Email: support@fieldfluxbiosystems.com

bottom of page