Privacy Policy
Effective date: 2026-05-17 Last updated: 2026-05-19
This Privacy Policy describes how MALENTI LLC (“we,” “us,” or “our”) collects, uses, and shares information when you use the Heliobios mobile application (“Heliobios” or the “App”).
Heliobios is a wellness application. Heliobios is not a medical device, does not diagnose or treat any condition, and is provided for general wellness and informational purposes only.
Disclaimer: Heliobios is operated by MALENTI LLC. For privacy questions, contact privacy@heliobios.com. For legal matters, contact legal@heliobios.com.
1. Information we collect
Privacy by architecture
Heliobios is built so that raw biometric measurements never leave your iPhone. Your heart rate beat by beat, your sleep stages minute by minute, your every step — all of it is processed entirely on your device. The only health-derived data our servers ever see are the wellness scores and aggregated statistics computed locally on your device.
If our servers were compromised tomorrow, an attacker would find no individual heart-rate traces, no sleep timelines, no raw biometrics from any user — because we never had them.
This is the foundational design choice of Heliobios. Everything else in this Policy is downstream of that decision.
We collect only what’s needed to provide the App. We do not sell your personal information, and we do not use it for advertising.
1.1 Health and biometric data — raw vs. derived
With your authorization, the App reads health and biometric data from:
- Apple HealthKit — read on your device only
- Oura Ring (optional) — read via OAuth when you connect it
What stays on your phone vs. what reaches our servers:
| Layer | Examples | Where it lives |
|---|---|---|
| Raw measurements (sensor data) | Heart-rate time series, sleep timeline, respiratory rate, body temperature, every individual reading | On your iPhone only. Never transmitted. |
| Derived wellness summaries (algorithmic outputs) | Daily wellness scores (0–100), summary statistics, score trends | Transmitted to our servers (under encryption) to enable sync, forecast, and personalization across sessions |
| Anonymized aggregates (population-level) | Cohort distributions, model-training statistics — no individual identifiable | May be derived from your summaries and retained for product improvement and research (see §2.1) |
This three-layer design means an attacker who breached our database would never find raw biometric values — because those values have already been processed and discarded by the time anything reaches us.
1.2 Account information
- Email address (provided by you or by Apple Sign-In)
- Authentication tokens
- Sign-in provider (Apple ID or email + password)
1.3 Optional demographics
Collected only if you provide them:
- Biological sex
- Birth year
1.4 Location
Approximate location (latitude/longitude) used to apply regional environmental adjustments. Stored at the precision necessary for that calculation only — not continuously tracked.
1.5 App usage and diagnostics
- Login and sync timestamps
- Notification interactions (tap, dismiss, snooze)
- Anonymized event names and aggregated buckets — never per-user-event content
- Crash reports via Apple’s MetricKit framework (Apple’s design excludes health, location, and email)
1.6 User-entered content
- Notification preferences
- Optional manual logs you choose to submit
- Optional bug-report submissions
1.7 What we do not collect
- We do not store raw HealthKit or Oura values on our servers
- Inside the App, we do not use tracking identifiers for advertising — Apple’s App Tracking Transparency confirms this: the App does not track. (Our public marketing site at heliobios.com uses cookie-based ad-attribution tools — see §10 for details and how to opt out.)
- We do not access your contacts, calendar, photos, microphone, or camera
- We do not access your browsing history outside the App
- We do not collect precise GPS location continuously
2. How we use information
We use information for the following specific purposes. Each purpose lists the data it relies on and, for users in the European Union or United Kingdom, the lawful basis under GDPR Article 6 (and Article 9 where applicable to special-category health data).
| # | Purpose | What it relies on | EU/UK lawful basis |
|---|---|---|---|
| 2.1 | Provide the App. Compute wellness scores from your on-device biometrics, sync those summaries to our servers, and display them back to you in the App and on the Cloud dashboard. | §1.1 derived wellness summaries; §1.2 account information; §1.4 approximate location | Contract (Art. 6(1)(b)); explicit consent for health data (Art. 9(2)(a)) |
| 2.2 | Personalize your experience. Build your own Personal Sensitivity Profile from patterns in your own data — what space weather conditions move which of your scores, and by how much. | §1.1 derived summaries (your own only); §1.3 optional demographics | Contract; explicit consent for health data |
| 2.3 | Deliver notifications you’ve enabled. Morning briefings, bedtime forecasts, storm alerts, anticipation alerts — only the ones you’ve opted in to. | §1.6 your notification preferences; §1.1 derived summaries; §1.4 approximate location | Consent (Art. 6(1)(a)) for notifications; legitimate interest for transactional/account messages |
| 2.4 | Operate the service. Authentication, data sync, push notification delivery, crash reporting. | §1.2 account information; §1.5 app usage and diagnostics | Contract; legitimate interest (Art. 6(1)(f)) |
| 2.5 | Improve the App (anonymized only). Refine our scoring engine, forecast models, and alert thresholds using anonymized aggregate statistics across many users — never per-individual data. | Anonymized aggregates derived from §1.1 (see §2.1 below) | Legitimate interest, with anonymization as the privacy safeguard; falls outside GDPR once truly anonymized (Recital 26) |
| 2.6 | Contribute to public heliobiology research. Publish population-level findings on how the broader user community responds to space weather, advancing the scientific field. | Anonymized aggregates only — never individual records | Legitimate interest; outside GDPR scope once anonymized |
| 2.7 | Customer support. Respond to your inquiries, troubleshoot your account, fix bugs you report. | §1.2 account information; §1.6 your support content; §1.5 diagnostic context you choose to share | Contract; legitimate interest |
| 2.8 | Legal compliance and fraud prevention. Comply with tax, accounting, regulatory, and lawful-process requirements. Detect and prevent fraudulent account use. | Minimum necessary across the categories above | Legal obligation (Art. 6(1)(c)); legitimate interest |
We do not use your information for advertising, marketing profiling, behavioral ad targeting, or sale to third parties.
2.1 Anonymized aggregate analysis and heliobiology research
A core part of our work is improving how the App models the relationship between space weather and human physiology, and contributing what we learn back to public science. To do that, we use anonymized aggregate data — data from which individuals cannot be re-identified — for the purposes listed in §2.5 and §2.6 above.
Under EU/UK GDPR (Recital 26) and the California Consumer Privacy Act, anonymized aggregate data is no longer personal data and falls outside those laws. To qualify, the aggregation must make re-identification practically impossible — for example, by removing all direct identifiers, generalizing quasi-identifiers (such as exact age and precise location) into broad bands, and reporting only statistics across many users rather than individual records.
3. How we share information
3.1 Infrastructure providers (not data partners)
To operate our service, we use cloud infrastructure providers that store and transmit data on our direction only. They do not analyze your data, do not share it with anyone else, do not use it for their own purposes, and have no rights to it beyond what’s necessary to fulfill the technical function we’ve assigned them.
| Provider | Function | What they receive |
|---|---|---|
| Supabase (AWS, US East) | Backend hosting, database, authentication, edge functions | The derived wellness summaries, account information, and other data described in §1 — under our direction only |
| Apple Push Notification Service | Push notification delivery | Your device push token + non-PII notification body and category |
| Resend | Transactional and operational email delivery | Recipient email + email body content |
| Oura (optional, only if you connect) | Read-only OAuth access | OAuth tokens exchanged on device; data flows from Oura to the App, never the reverse |
About Oura’s own data practices. When you use the Oura integration, Oura Health Oy may collect certain technical information related to your use of the Oura API — for example, authentication events, API request patterns, and platform diagnostics — for the operation, improvement, and support of the Oura platform. That collection is independent of Heliobios and is governed by Oura’s own Privacy Policy, not by us. To review or revoke your Oura authorization directly, sign in to your Oura account at cloud.ouraring.com/account.
We use no other data processors. We have no analytics SaaS, no machine-learning vendors, no marketing-data partners, no data brokers — none. Apart from the infrastructure providers above, no third party receives any of your data from us under any circumstances.
Vendor due diligence. Before granting any provider access to user data, we assess their security and privacy practices and require them by contract to meet at least the same standards we set for ourselves: encryption in transit and at rest, per-user access controls, no use of data for their own purposes, and deletion when we instruct.
Our accountability. We remain responsible to you for how our infrastructure providers handle your data on our behalf.
3.2 We do not sell or share for advertising
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We do not transfer your information to data brokers.
In the past 12 months, we have not sold any personal information. We have no plans to start. If our practices ever change, we will notify all users in advance and provide an opt-out before any change takes effect.
3.3 Legal disclosures
We may disclose information when required by valid legal process — for example, a subpoena, court order, or lawful government request — and only when necessary to enforce our Terms of Service, investigate fraud, or protect the rights, safety, or property of MALENTI LLC, our users, or the public.
We will resist law-enforcement requests that lack a valid legal basis, and we will challenge overly broad or improper requests in court when we believe they violate user rights. We do not provide bulk access to user data, and we do not participate in voluntary government surveillance programs.
4. International data transfers
The App’s backend is hosted in the United States. If you use the App from outside the United States, your information is transferred to and processed in the United States, where data protection laws may differ from those in your country.
Safeguards for EU/UK/EEA transfers. Transfers of personal data from the European Union, United Kingdom, or European Economic Area to the United States are protected by the EU–U.S. Data Privacy Framework (and its UK Extension and Swiss–U.S. Data Privacy Framework counterparts), under which our processor is certified, and by Standard Contractual Clauses where the Framework does not apply. You may request a copy of the relevant safeguards by emailing privacy@heliobios.com.
Where this Policy conflicts with the Data Privacy Framework principles, the Framework principles control. Compliance with the EU–U.S. Data Privacy Framework, the UK Extension, and the Swiss–U.S. Data Privacy Framework is subject to investigation and enforcement by the United States Federal Trade Commission.
Lawful basis (GDPR / UK GDPR). Specific lawful bases for each processing purpose are listed in the table in §2. In summary:
- Health data (special category under GDPR Article 9) — processed under your explicit consent, granted when you authorize Apple HealthKit and/or Oura connection and confirm the in-app wellness disclaimer.
- Account, authentication, and service-operation data — processed under legitimate interest and contract.
- Anonymized analytics and research — processed under legitimate interest, balanced against your privacy through aggregation; falls outside GDPR once truly anonymized.
You may withdraw any consent at any time by (a) disconnecting Apple HealthKit (iOS Settings → Health → Data Access & Devices → Heliobios), (b) disconnecting Oura in the App’s Settings, or (c) deleting your account. Withdrawal does not affect the lawfulness of processing before the withdrawal.
5. Data retention
- Active users: data is retained while your account is active.
- Inactive accounts: data is retained for 90 days after your last login, then anonymized or deleted.
- Deleted accounts: when you delete your account, all user-keyed server data is deleted within 30 days. On-device data is wiped immediately when you confirm deletion. We retain a one-way hash of the deleted identifier for up to 12 months for fraud-prevention and audit purposes only.
Anonymized aggregates may be retained. Before identifiable data is deleted, the wellness scores and statistical summaries we derived during your time as a user may be transformed into anonymized aggregate datasets — with all direct identifiers removed and quasi-identifiers generalized so that no individual can be re-identified — and retained indefinitely for the purposes described in §2.1 (anonymized analysis and heliobiology research). Once data has been properly anonymized, it is no longer personal data under GDPR (Recital 26) or CCPA, and deletion of the underlying account does not remove the anonymized aggregates.
6. Your rights
6.1 All users
- Access — request a copy of your data by emailing privacy@heliobios.com. We will provide it in a portable, machine-readable format (JSON or CSV) within 30 days of your request.
- Deletion — Settings → Account → Delete Account in the App, or visit https://heliobios.com/account-delete, or email privacy@heliobios.com.
- Correction — most data is user-input or HealthKit-derived; correct it in the source (Apple Health app or Oura app). Email privacy@heliobios.com for help with anything else.
- Restriction — disable background sync in iOS Settings → Heliobios → Background App Refresh.
- Object — disable specific data uses in the App’s Settings.
- Portability — covered by Access above; format is JSON or CSV, your choice.
No retaliation. We will not retaliate against you for exercising any of these rights. Your service quality, pricing, and access will not change because you requested data, deletion, or correction.
6.2 California residents (CCPA / CPRA)
You have the right to know what personal information we collect, the right to delete, the right to correct, the right to opt out of sale or sharing (we do not sell or share for advertising), and the right to non-discrimination for exercising these rights. Contact privacy@heliobios.com to exercise these rights.
6.3 European Union / UK residents (GDPR / UK GDPR)
You have the rights of access, rectification, erasure, restriction, portability, and objection. You may also lodge a complaint with your local supervisory authority. The data controller is MALENTI LLC. Contact privacy@heliobios.com for data subject requests; we respond within 30 days.
6.4 Children
The App is not directed at children. The minimum age to create an account is 16 in the European Union, United Kingdom, and European Economic Area (per GDPR Article 8) and 13 in the United States and elsewhere (per COPPA). We do not knowingly collect information from anyone below the applicable minimum age. If a parent or guardian believes their child has provided information, contact privacy@heliobios.com and we will delete the account and associated data.
6.5 Your controls — at a glance
Every privacy control surfaced through this Policy, in one reference table:
| What you can do | Where |
|---|---|
| Disconnect Apple HealthKit (stop new health-data reads) | iOS Settings → Health → Data Access & Devices → Heliobios |
| Disconnect Oura (stop new wearable reads) | In the App: Settings → Connections → Oura → Disconnect — or revoke directly at Oura: cloud.ouraring.com/account |
| Disable push notifications | iOS Settings → Notifications → Heliobios, or In the App: Settings → Notifications |
| Pause background sync | iOS Settings → Heliobios → Background App Refresh → Off |
| Opt out of optional emails (welcome series, digest) | Unsubscribe link in any optional email, or In the App: Settings → Notifications |
| Delete your account + all server data | In the App: Settings → Account → Delete Account, or https://heliobios.com/account-delete, or email privacy@heliobios.com |
| Request a copy of your data (JSON or CSV) | Email privacy@heliobios.com — we respond within 30 days |
| Change marketing-cookie preferences (heliobios.com only) | “Cookie preferences” link in the site footer |
| Opt out of arbitration (Terms §12.6) | Within 30 days of first acceptance: email legal@heliobios.com |
| Withdraw consent for health-data processing | Same as “Disconnect Apple HealthKit” / “Disconnect Oura” above; or delete your account |
| Lodge a complaint (EU/UK users) | Your national data-protection authority |
7. Health data — additional disclosures (Apple HealthKit)
Apple HealthKit data is governed by Apple’s HealthKit privacy framework in addition to this Privacy Policy. Specifically:
- Health data is read on your device only. The raw HealthKit data never leaves your iPhone.
- We do not use your health data for advertising or marketing.
- We do not share your health data with third parties for their marketing or advertising purposes.
- We use your health data solely to provide the App’s wellness features described in this Policy.
8. Security
We use industry-standard safeguards to protect your information, including encryption in transit and at rest, per-user access controls, secure credential storage on device, and periodic security review.
Personnel access is restricted. Backend systems and any aggregated data are accessible only to authorized personnel who have received privacy training and signed confidentiality obligations. Access is logged and reviewed.
No system is perfectly secure. If we discover a security incident affecting your data, we will notify you in accordance with applicable law.
9. Subscriptions
The App offers auto-renewable subscriptions. All payments are processed by Apple through the App Store. We do not collect or store your payment card information; Apple handles all billing, refunds, and subscription management.
- View, manage, or cancel your subscription: iOS Settings → [Your Apple ID] → Subscriptions
- Refund requests: https://reportaproblem.apple.com (handled by Apple)
Subscription terms are described in our Terms of Use.
10. Cookies, analytics, and tracking — by surface
Heliobios operates three distinct surfaces with very different tracking policies. We are explicit about which is which:
10.1 The iOS App — no third-party tracking
The Heliobios iOS App does not use third-party advertising or analytics SDKs that identify you. Apple’s App Tracking Transparency prompt confirms this: the App does not track. The only third-party services the App communicates with are the infrastructure providers listed in §3.1, all under our direction.
10.2 The Cloud dashboard (cloud.heliobios.com) — essential only
The logged-in web dashboard at cloud.heliobios.com uses essential cookies only, for authentication (session management) and preferences (theme selection). It does not use advertising cookies, third-party trackers, or behavioral analytics. The same provider list in §3.1 applies.
10.3 The marketing site (heliobios.com) — measured, with consent
The public marketing site at heliobios.com (which is where you are now if you’re reading this in a browser without logging in) uses standard marketing-attribution tools so we can measure which advertising channels actually bring new users:
| Tool | Purpose | When loaded |
|---|---|---|
| Google Analytics 4 | Aggregate site usage analytics, audience reporting, conversion measurement | Only after you accept analytics cookies |
| Meta (Facebook/Instagram) Pixel | Conversion tracking for ads we run on Meta platforms; ad audience building | Only after you accept marketing cookies |
| Google Ads conversion tag | Conversion tracking for ads we run on Google Search and YouTube | Only after you accept marketing cookies |
Cookie consent. Visitors from the European Union, United Kingdom, European Economic Area, and California see a cookie consent banner on first visit. Analytics and marketing cookies (Google Analytics, Meta Pixel, Google Ads) are loaded only after you accept. If you decline, no analytics tracking runs on the site — your visit is not counted, identified, or attributed. You can change your preferences at any time using the Cookie preferences link in the site footer.
What these tools do not see. Google Analytics, Meta Pixel, and Google Ads on heliobios.com see your visit to public marketing pages and (if applicable) your click to the App Store. They do not see anything inside the App — no health data, no biometrics, no scores, no notifications, nothing. The App and the marketing site are separate environments.
Why we use them. Honestly: because we run ads, and these tools are how the ad platforms tell us which ads worked. We could go without and instead rely on Apple’s privacy-preserving SKAdNetwork alone, but the trade-off is worse attribution and weaker growth. We disclose the trade-off here rather than hide it.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through an in-app banner and update the Last updated date above. Continued use of the App after the effective date constitutes acceptance.
12. Contact
MALENTI LLC Privacy contact: privacy@heliobios.com General contact: support@heliobios.com 30 N Gould St, Ste N, Sheridan, WY 82801, United States
We respond to data subject requests within 30 days.