Privacy policy

ReFlex Technologies Privacy Policy

Last updated: November 13, 2025

ReFlex Technologies LLC (“ReFlex,” “we,” “our,” or “us”) operates this store, website, mobile applications, wearable devices, and related services (collectively, the “Services”). Our mission is to make cutting-edge health technology accessible to everyone. This Privacy Policy explains how we collect, use, and disclose personal information through all ReFlex Services, including this Shopify-powered store, our websites, and the ReFlex mobile and desktop applications.

By using or accessing any of the Services, you acknowledge that you have read and understood this Privacy Policy.

1. Personal Information We Collect or Process

When we use the term “personal information”, we mean information that identifies or can reasonably be linked to you. We may collect or process the following categories of personal information, depending on your interaction with our Services and as permitted by law:

  • Contact Information: name, billing/shipping address, phone number, and email address.

  • Financial Information: payment card details, transaction records, and related payment confirmations.

  • Account Information: username, password, security questions, preferences, and settings.

  • Transaction History: items viewed, added to cart, purchased, or returned.

  • Communications: messages or inquiries you send to our support team.

  • Device and Usage Information: browser, IP address, network connection, and interactions with our Services.

  • Location Data: approximate geographic location derived from IP or device settings (when enabled).

2. Sources of Personal Information

We collect information from the following sources:

  • Directly from you, such as when you make a purchase, create an account, or communicate with us.

  • Automatically, through cookies and analytics tools when you use our Services.

  • From service providers, such as Shopify or other partners assisting with payments, hosting, or analytics.

  • From integrations or linked accounts, when you connect third-party services (e.g., Apple Health, Google Fit).

3. How We Use Personal Information

Depending on how you use our Services, we may use your personal information to:

  • Provide and improve the Services, including processing orders, payments, returns, and account management.

  • Customize your experience, such as recommending products and personalizing content.

  • Market our products, including via email, SMS, or advertising (subject to your preferences).

  • Detect and prevent fraud, unauthorized access, or security issues.

  • Comply with laws, legal processes, or enforce our Terms of Service.

  • Communicate with you, respond to inquiries, and provide customer support.

4. How We Disclose Personal Information

We may share your personal information as follows:

  • With Shopify, our e-commerce provider, to enable transactions and store operations.

  • With service providers who perform functions on our behalf (e.g., cloud hosting, fulfillment, analytics).

  • With marketing and business partners, only where permitted and consistent with your preferences.

  • In connection with legal obligations or business transactions such as mergers or acquisitions.

  • With your consent, such as when connecting third-party integrations or sharing training data.

We do not sell personal information.

5. Relationship with Shopify

Our online store is hosted by Shopify Inc., which helps us process orders, payments, and site analytics.
Information you submit through our store is transmitted to and processed by Shopify as a data processor.
To learn more about Shopify’s privacy practices, visit Shopify’s Privacy Policy.

6. Third-Party Websites and Links

Our Services may link to websites or apps operated by third parties. We are not responsible for their privacy practices and encourage you to review their policies before providing personal information.

7. Children’s Data

Our Services are not directed to children, and we do not knowingly collect personal information from individuals under the age of majority in their jurisdiction. If you believe your child has provided personal information, contact us to request deletion.

8. Security and Retention

We use administrative, technical, and physical safeguards to protect personal information. However, no system is perfectly secure.
We retain information only as long as necessary to provide the Services or as required by law.

9. Your Rights and Choices

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of your personal information. You may also opt out of marketing communications at any time by using the unsubscribe link in our emails.

If you are in the European Economic Area or United Kingdom, you may also object to processing or withdraw consent where applicable.

To exercise these rights, contact us at paul@reflextech.co.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States.
When transferring data internationally, we rely on recognized safeguards such as Standard Contractual Clauses.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we do, we will revise the “Last updated” date and post the updated version on our website.

ReFlex App, Wearable Device, and Biometric Data Addendum

In addition to the personal information described above, ReFlex processes physiological and biometric data collected through our mobile and desktop applications and wearable devices (the “ReFlex Platform”). This section explains how that data is handled.

1. Categories of Biometric and Physiological Data

When you use the ReFlex device and app, we may collect the following types of data:

  • Electromyography (EMG) Data – raw and filtered muscle activity signals.

  • Derived Metrics – activation levels, fatigue scores, muscle symmetry, or similar neuromuscular analytics.

  • Device Metadata – firmware version, Bluetooth identifier, battery status, and session timestamps.

  • Usage Data – app interactions, graphs viewed, session duration, and crash logs.

  • Linked Health Data (optional) – if you connect other services (e.g., Apple Health or Google Fit), we may receive limited data such as workout sessions or movement data, depending on your permissions.

2. How We Use EMG and Physiological Data

We process this data to:

  • Provide core ReFlex functionality (real-time EMG visualization, activation and fatigue metrics).

  • Deliver performance analytics, progress summaries, and training insights.

  • Improve signal accuracy and product performance through de-identified analysis.

  • Conduct aggregated research to enhance our algorithms and understanding of muscular performance.

We do not sell or use EMG data for advertising, biometric identification, or unrelated marketing.

3. Data Protection and Security

Because EMG and related physiological data qualify as sensitive personal information, ReFlex employs additional safeguards:

  • End-to-end encryption during transmission and at rest.

  • Data minimization — only data necessary for the feature you use is collected.

  • De-identification or anonymization for aggregated analytics.

  • Strict internal access controls and logging.

  • Secure deletion or anonymization when you close your account or request removal.

4. Retention

We retain EMG and physiological data only as long as necessary to provide Services or comply with legal obligations.
When deleted, data is permanently removed or anonymized within 30 days unless law requires longer retention.

5. Your Rights Regarding EMG Data

You may request to:

  • Access or download your EMG data.

  • Delete or anonymize your data.

  • Withdraw consent for data processing.

To do so, contact paul@reflextech.co or use in-app data management settings when available.

6. HIPAA Disclaimer

ReFlex is not a “covered entity” or “business associate” under the U.S. Health Insurance Portability and Accountability Act (HIPAA).
We protect your physiological data under this Privacy Policy and applicable global privacy regulations.

7. Legal Basis for Processing (GDPR / UK GDPR)

For users in the European Economic Area or United Kingdom, we process biometric and physiological data only when you have provided explicit consent, or where processing is necessary for contract performance, legitimate interests, or compliance with legal obligations.

8. Contact

For privacy questions or to exercise your rights, contact:
ReFlex Technologies LLC
7 Healy Way, Langhorne, PA 19047, USA
Email: paul@reflextech.co