Privacy Policy

Privacy Notice

Last Updated: May 28, 2025

At Fasikl, Inc. (“we,” “us,” or “our”), we value your privacy and are committed to protecting your personal information. This Privacy Notice explains how we collect, use, share, and safeguard your information when you visit our website at Fasikl.com (the “Site”) or use the Felix™ mobile app (the “App”) to control your Felix™ NeuroAI™ wristband. Some data collected through the App, such as device usage metrics and health-related information, is considered Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).

This notice addresses your rights under applicable privacy laws. By using our Site or the App, you agree to the practices described in this notice. If you have questions, please contact us using the details in the How Can You Contact Us About This Notice? section below.

Summary of Key Points

Here is a quick overview of what you should know about how we handle your information. Click the links to learn more:

What information do we collect? We collect contact details (like name and email) on our Site, and device usage data, survey responses, and more through the App. Some App data is PHI under HIPAA. See What Information Do We Collect? section below.
How do we use your information? We use it to provide our services, support you, improve our offerings, and comply with laws. See How and Why Do We Use Your Information? section below.
Do we share your information? We share with our service providers and our affiliate, Fasikl Medical Solutions (FMS), for device fulfillment. We do not sell your data. See Do We Share Your Personal Information? section below.
What are your rights? Depending on your location, you may have the right to access, correct, or delete your information. See What Are Your Privacy Rights and Choices? section below.
How do we protect your data? We use strong encryption and access controls to keep your information secure. See How Do We Keep Your Information Secure? section below.

What Information Do We Collect?
How and Why Do We Use Your Information?
Cookies and Similar Technologies (Website)
Do We Share Your Personal Information?
Do We Transfer Your Information Internationally?
Do United States Residents Have Specific Privacy Rights?
How Long Do We Keep Your Information?
What Are Your Privacy Rights and Choices?
Do We Respond to Do-Not-Track Browser Signals?
HIPAA Notice of Privacy Practices

How Do We Keep Your Information Secure?
Children’s Privacy
Changes to This Notice
How Can You Contact Us About This Notice?

What Information Do We Collect?

We collect different types of personal information depending on your use of our Site or App. Below is a breakdown:

Platform	Types of Information Collected
Website (Fasikl.com)	– Contact details: Name, email address, phone number (via “Contact Us” form). – “Who you are” selector: Options like physician, patient, caregiver, or other. – IP address: Automatically collected when you visit. – Cookies and analytics IDs: Used to track browsing behavior (see Cookies and Similar Technologies).
Felix™ App	– Account credentials: Phone number, email address, Apple/Google ID (for login and verification). – Device usage data: Hours worn, stimulation settings, error reports (from the Felix™ NeuroAI™ wristband). – Movement data: Accelerometer and gyroscope data (used for therapy adjustments). – Uploaded content: Photos/videos of device placement, survey responses (optional). – Device and network info: Phone model, OS version, Bluetooth/network performance. – Chatbot transcripts: Messages and attachments sent via the App’s chatbot (retained for 180 days).

Some App data, like device usage, movement data, photos, survey responses, and chatbot messages, is considered PHI under HIPAA because it relates to your health and can identify you. We handle this data with extra care and in full compliance with HIPAA rules. See HIPAA Notice of Privacy Practices section below.

How and Why Do We Use Your Information?

We use your information to provide and improve our services, support you, and meet legal requirements. Here is how:

Account verification and login: We use your phone number, email, or Apple/Google ID to verify your identity and let you access the App.
Device control and personalized stimulation: The App uses device usage and movement data to adjust stimulation settings via an AI algorithm. This AI helps optimize therapy but is not used for diagnosis.
Customer support and troubleshooting: We use device data, network info, survey responses, photos/videos, and chatbot messages to assist you, including through our chatbot and live support.
Marketing (Website only): Contact details from the Site may be used to build marketing lists and send promotional emails (you can opt out—see What Are Your Privacy Rights and Choices?).
Analytics and service improvement: We analyze usage data to identify issues, improve the Site and App, and enhance cybersecurity.
Compliance with law: We may use your information to meet legal obligations, such as responding to court orders or regulatory requests.

Cookies and Similar Technologies (Website only)

Our Site uses cookies and similar technologies to enhance your experience, analyze usage, and deliver targeted ads. Cookies are small text files placed on your device when you visit our Site, which help us recognize you and remember your preferences. Similar technologies, like web beacons, may track your activity (for example, whether you viewed a video).

Types of cookies that we use:
- Essential cookies (functional): These are necessary for the Site to function properly, such as remembering your cookie consent choice. You cannot opt out of these.
- Non-essential cookies (analytics): These track user behavior to improve the Site (for example, unique user IDs, browsing habits). You can opt out via the cookie consent preferences.
- Non-essential cookies (advertising): These enable targeted ads (for example, based on your browsing habits or video views). You can opt out via the cookie consent preferences.
Consent options: When you visit our Site, a banner lets you choose one of the following three choices:
- Accept All: By selecting this choice, you consent to our use of all cookies, including non-essential ones.
- Customize: This selection allows you to manage your cookie preferences manually. However, you cannot opt out of (decline) the use of essential cookies.
- Reject All: By selecting this choice, you opt out of (decline) the use of all non-essential cookies.
Embedded content: Embedded videos (for example, YouTube) may use cookies to track views and preferences. These cookies are set by YouTube and are subject to their privacy practices. For more details, see the YouTube Privacy Statement.

Do We Share Your Personal Information?

We share your information in limited cases to provide our services, but we do not sell your data. Here is who we share with and why:

Service providers:
- Google Cloud Platform: Hosts and processes App data.
- Firebase and Google Play Services: Supports App authentication and notifications. Android only.
- Zendesk: Manages customer support, including chatbot messages and attachments.
- SendGrid and Twilio: Sends verification codes via email or SMS.
Our Affiliated DME Supplier (Fasikl Medical Solutions): We share patient information with our affiliate, FMS, which provides durable medical equipment fulfillment, billing, and customer support. FMS handles this information as a separate covered entity (or business associate) under HIPAA.
Healthcare providers/DME suppliers: We may share PHI with your healthcare provider or other DME suppliers for treatment or payment when necessary.
Embedded social media content: Embedded content on our Site (for example, YouTube videos) may share basic device information (for example, phone model, OS version) with those platforms, per their privacy policies.

We have agreements with these third parties to protect your data, and they cannot use it for their own purposes (for example, marketing).

Do We Transfer Your Information Internationally?

Currently, all data we collect is stored in the U.S. Our Site may be accessed from outside the U.S., but we do not transfer your data internationally. If we expand internationally in the future, such as to the EU or Canada, we will adopt appropriate data transfer mechanisms, such as Standard Contractual Clauses, and otherwise comply with applicable laws like the GDPR and PIPEDA.

Do United States Residents Have Specific Privacy Rights?

If you are a resident of certain U.S. states, such as California, Colorado, Texas, or others (including Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Utah, or Virginia), you may have privacy rights under applicable laws of those states. These rights may include:

The right to know what personal information we collect and how we use it.
The right to access or get a copy of your personal information.
The right to correct inaccuracies in your information.
The right to request deletion of your information.
The right to opt out of certain processing, like targeted advertising (we do not do this).

These rights may be limited by law, such as HIPAA requirements for PHI, or by the nature or extent of our business operations. Because we process personal data of Texas residents, the Texas Data Privacy and Security Act (TDSA) does apply, and we provide mechanisms for you to exercise your rights under TDSA (see What Are Your Privacy Rights and Choices?).

To help you understand our data practices, here are the categories of personal information we collect:

Category	Examples	Collected
Identifiers	Name, email, phone number, IP address, Apple/Google ID	Yes
Personal information (California Customer Records statute)	Name, contact information	Yes
Protected classifications	Gender, age, race	No
Commercial information	Purchase history, payment details	No
Biometric information	Fingerprints, voiceprints	No
Internet or network activity	Browsing history, search history	Yes (Website only, via cookies)
Geolocation data	Device location	No
Audio, visual, or similar information	Photos/videos, call recordings	Yes (App only, user-uploaded)
Professional or employment info	Job title, work history	No
Education information	Student records	No
Inferences	Profiles of preferences or behavior	No
Sensitive personal information	Health data, racial origins	Yes (App only, PHI under HIPAA)

We do not sell or share your personal information for targeted advertising.

How Long Do We Keep Your Information?

We keep your information only as long as necessary for the purposes described in this notice, or as required by law:

Account and sensor data: Retained for the life of your account plus up to 10 years, to support ongoing care and comply with legal requirements.
Chatbot transcripts: Kept for 180 days to assist with customer support and service improvement.
Uploaded content (for example, photos, videos): Retained until you request deletion; removed from backups within 30 days of deletion.

Retention periods may be adjusted based on legal, business, or security needs, such as HIPAA or other requirements.

What Are Your Privacy Rights and Choices?

You have options to manage your information, depending on the platform and applicable laws:

Website visitors:
- Marketing opt-out: You may unsubscribe from promotional emails using the link in any email we send.
- Cookie preferences: You can manage cookies via the cookie consent preferences (Accept All, Customize, Reject All).
- Access or delete data: You can submit a request to review or delete your data (for example, contact form submissions) using the contact methods below.
App users:
- Login methods: You can update or manage login options (phone, email, Apple/Google ID) in your account settings, though the primary login method cannot be deleted.
- Optional data: You can refuse to provide SMS reading (Android only), survey responses, or photos/videos. Other data (for example, device usage, network performance) is required for App functionality.
- Delete uploaded content: You can request deletion of photos, videos, or other uploaded content by contacting us (see below). We will verify your identity before processing any such request.
- Withdraw consent: If we rely on your consent to process your information (for example, optional survey responses), you can withdraw consent by contacting us. This will not affect any processing done before withdrawal.

To exercise your rights, see How Can You Contact Us About This Notice? below. Before processing your request, we will verify your identity (for example, by confirming your account details).

Do We Respond to Do-Not-Track Browser Signals?

We do not currently respond to Do-Not-Track (DNT) browser signals, as there is no uniform standard for implementing them. Similarly, we are evaluating support for Global Privacy Control (GPC) signals, which some laws like California’s CCPA require, and we will update our practices as needed. In the meantime, you can manage cookies on our Site using the cookie consent preferences (see Cookies and Similar Technologies).

HIPAA Notice of Privacy Practices

Some App data, like device usage, movement data, photos, surveys, and chatbot messages, is considered Protected Health Information (PHI) under HIPAA because it relates to your health and can identify you. Under HIPAA, we may use and share your PHI for:

Treatment: Supporting your therapy with the Felix™ NeuroAI™ wristband (for example, adjusting stimulation settings).
Payment: Billing through our affiliate FMS (for example, submitting claims to Medicare).
Healthcare operations: Improving our services (for example, analyzing device usage for quality control).

A full HIPAA Notice of Privacy Practices (NPP) with more details on your rights is provided during App setup or device onboarding.

How Do We Keep Your Information Secure?

We use industry-standard measures to protect your information, including encryption for data in transit and at rest, access controls to limit who can view your data, and regular audits. Our service providers, like Google Cloud and Zendesk, are certified under standards like SOC 2 and ISO 27001. While we take these steps, no system is 100 percent secure, so we encourage you to keep your login credentials safe.

Children’s Privacy

Our Site and App are not intended for individuals under 18. We do not knowingly collect personal information from children, and we encourage parents to contact us if they believe their child has provided data.

Changes to This Notice

We will update this Privacy Notice to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you via a banner on our Site, an email, or an App alert. The updated notice will be posted with a new “Last Updated” date at the top.

How Can You Contact Us About This Notice?

If you have questions or want to exercise your privacy rights, please reach out to us:

Email: privacy@Fasikl.com
Phone: 800-324-5359
Chat: Use the App’s chatbot to connect with us
Mail:
Fasikl, Inc.
8500 Normandale Lake Blvd

Suite 400A

Bloomington, MN 55437

For HIPAA-related questions, see our Notice of Privacy Practices. You can also contact our designated Privacy Officer at the email address above.