Privacy, Terms & Security

Firmologist is operated by UpCapital Global FZCO (the “data controller”). Headquarters: Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates. We also have offices in Vancouver, BC, Canada.

Privacy enquiries and data-rights requests: privacy@firmologist.com. Security: security@firmologist.com.

What we collect. Your account email and (optionally) name; the company profile and operational vitals you enter or connect; anonymous team-pulse responses; and, with your consent, product-usage analytics. We do not sell personal data.

Legal basis (GDPR Art. 6). Performance of a contract (operating your account and the service); legitimate interests (securing and improving the product); and consent for optional analytics cookies and marketing email. You can withdraw consent at any time.

How vitals are used. Your raw vitals build your organism — your Health Card, Pulse, MRI, and longitudinal baselines. They are visible only to members of your organization.

The network corpus. When you mark a prescription as taken and its outcome is measured, that event is anonymized and aggregated into the Firmologist Commons. Outcome events carry a random installation identifier — never your email or company name — and the personal-identity store and the telemetry store are never joined. No cohort statistic is published with fewer than 50 organisms.

Cookies & analytics. We set one strictly-necessary cookie to keep you signed in (exempt from consent). Optional first-party analytics (a random installation id + a few funnel events) run only after you opt in via the cookie banner; choose “Essential only” and no analytics are collected.

Retention. Account and company data are kept while your account is active and deleted within 30 days of account closure. Anonymous, aggregated statistics already contributed to the Commons are irreversibly de-identified and retained.

International transfers. Data is processed by our sub-processors in the United States and other regions. Where required, transfers rely on Standard Contractual Clauses and equivalent safeguards.

Sub-processors. Neon (database hosting), Vercel (application hosting), and Resend (transactional & product email). Each is engaged under a data-processing agreement.

Your rights (GDPR Art. 15–21). Access, rectification, erasure (“right to be forgotten”), portability, restriction, and objection. To exercise any of these, email privacy@firmologist.com; we respond within 30 days. You may also lodge a complaint with your local supervisory authority. Deleting your account removes your personal data and your company's raw telemetry; already-aggregated anonymous statistics persist (the same posture as fitness platforms like WHOOP or Strava).

Data ownership. A company's raw vitals belong to the company. Firmologist's asset is the aggregated, anonymized outcome corpus derived across all organisms. By using the service you grant Firmologist a license to use anonymized, aggregated data to operate and improve the health models and the Commons.

Not financial or investment advice. Firmologist expresses operational-health signals and model estimates — not audited financial statements, legal advice, or investment advice. Hidden-risk probabilities are early-warning signals calibrated on the network, not guarantees.

Acceptable use. Don't upload data you don't have the right to use, and don't attempt to de-anonymize other organisms in the Commons.

Plans. Pulse is free. Clinic is US$149/month. Health System is custom-priced. During our early-access period, Clinic features are provided free of charge; we will give clear, advance notice by email before any paid billing begins.

Auto-renewal. Paid subscriptions renew automatically each billing period (monthly) until cancelled. By subscribing you authorize UpCapital Global FZCO, via our payment processor Stripe, to charge your payment method on each renewal date at the then-current price. We will notify you in advance of any price change.

Cancellation. You can cancel anytime from Billing → Manage billing (the Stripe Customer Portal). Cancellation takes effect at the end of the current paid period; you keep access until then and are not charged again.

Refunds. Payments are generally non-refundable except where required by law. If you believe you were charged in error, contact billing@firmologist.com within 14 days and we'll review it in good faith.

Invoices & taxes. Invoices and receipts are available in the Customer Portal. Prices are exclusive of any applicable taxes, which may be added at checkout based on your location.

Authentication. Passwords are hashed with scrypt and a per-user salt; sessions are HMAC-signed, httpOnly cookies. We never store plaintext passwords.

Tenant isolation. Every data read is scoped to your organization through membership checks; one organization can never see another's vitals.

Transport & storage. All traffic is served over TLS. Data is stored in a managed Postgres database with encryption at rest. API read endpoints expose aggregates only — never raw events or email addresses.

Responsible disclosure. Found an issue? Email security@firmologist.app and we'll respond promptly.