efflux

Privacy Policy

Last Updated: 2 April 2026

At Efflux Bioprocess Simulations's ("Efflux," "we," "us," or "our"), we are committed to protecting your privacy and handling your data with transparency and care. This Privacy Policy explains how we collect, use, share, and protect information when you use our chromatography modeling and simulation platform and services.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Registration: When you request access and create an account, we collect your full name, email address, and password (encrypted).
  • Contact Forms: When you contact us, request a demo, or request access, we collect your name, email address, organization name, and any information you choose to include in your message.
  • Project Data: When using our simulation platform, we store your project configurations, including biomolecule properties, column specifications, experimental data uploads, method parameters, and simulation results.
  • Profile Information: Any additional information you add to your user profile or organization settings.

1.2 Information Collected Automatically

  • Technical Data: IP address, browser type and version, device information, operating system, and referring URLs.
  • Usage Data: Pages visited, features used, time spent on the platform, and interaction patterns.
  • Cookies: We use essential cookies for authentication and session management. See Section 6 for more details.

1.3 Information We Do Not Collect

We do not use third-party advertising networks, marketing pixels, or behavioral tracking tools. We do not sell your personal information to third parties.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To provide, maintain, and improve our chromatography simulation platform and tools.
  • Account Management: To create and manage your user account, authenticate your identity, and provide customer support.
  • Communications: To respond to your inquiries, provide technical support, send product updates, and communicate regarding access requests and licensing.
  • Product Improvement: To analyze usage patterns, develop new features, and enhance platform performance.
  • Security: To detect, prevent, and address technical issues, fraud, and security threats.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Data Sharing and Third Parties

3.1 Business Transfers

If Efflux is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or use of your personal information.

3.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

3.3 What We Don't Share

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We do not share your proprietary project data with other users or third parties without your explicit consent.

4. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: Data is encrypted in transit using HTTPS/TLS and at rest in our database.
  • Authentication: Secure password requirements (minimum 10 characters) and email verification for new accounts.
  • Access Controls: Restricted access to personal data on a need-to-know basis.
  • Regular Monitoring: Continuous monitoring for security threats and vulnerabilities.

For more details on our security practices, see our Security page.

5. Data Retention and Deletion

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

  • Active Accounts: Your account data and projects are retained while your account remains active.
  • Account Deletion: If you request account deletion, we will delete your personal information usually within 24 hours but up to 30 days, except where we are required to retain certain data for legal or regulatory compliance.
  • Backup Systems: Deleted data may persist in backup systems for a limited time but will be rendered inaccessible and will be permanently deleted according to our backup rotation schedule.
  • Contact Requests: Information from contact forms and access requests is retained for 5 years for business purposes.

6. Cookies and Tracking Technologies

6.1 Essential Cookies

We use essential cookies that are necessary for the operation of our platform, specifically for user authentication and session management. These cookies are required for the platform to function properly and cannot be disabled.

6.2 No Advertising or Analytics Cookies

We do not use advertising cookies, third-party analytics cookies (such as Google Analytics), or behavioral tracking technologies.

7. Your Rights and Choices

7.1 GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements).
  • Right to Restrict Processing: Request that we limit how we use your personal data.
  • Right to Data Portability: Request a copy of your data in a structured, machine-readable format.
  • Right to Object: Object to our processing of your personal data for certain purposes.
  • Right to Withdraw Consent: Withdraw consent for processing based on consent at any time.

7.2 CCPA Rights (California Users)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected.
  • Right to Delete: Request deletion of your personal information (subject to certain exceptions).
  • Right to Opt-Out: Opt out of the sale of your personal information (note: we do not sell personal information).
  • Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights.

7.3 Exercising Your Rights

To exercise any of these rights, please contact us at contact@effluxbio.com. We will respond to your request within 30 days. You may also update certain information directly through your account profile settings.

8. International Data Transfers

Efflux is incorporated within the European Union (EU). Our primary database and infrastructure are hosted in the EU. If you access our services from outside the EU, your information will be transferred to and processed in the EU. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.

9. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information promptly.

10. Data Ownership and Processing

We recognize that you retain ownership of your proprietary project data, simulation configurations, and experimental results. We act as a data processor for this information. Data Processing Agreements (DPAs) are available upon request to ensure GDPR compliance and clarify data handling responsibilities.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email (if you have an account) and/or by posting a prominent notice on our website. The "Last Updated" date at the top of this policy indicates when it was most recently revised. Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at contact@effluxbio.com