SynaplyAI ("we", "our", or "us") is committed to protecting your privacy and handling your data responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, or services (collectively, the "Services").
By accessing or using our Services, you agree to the collection and use of information in accordance with this policy. We encourage you to read this Privacy Policy carefully and contact us if you have any questions.
2. Data We Collect
We may collect the following types of information:
2.1 Personal Information
Identity information (name, username, company name)
Contact information (email address, phone number, mailing address)
Account credentials (password and security questions)
Professional information (job title, department, industry)
Profile information (preferences, feedback, survey responses)
2.2 Content and Usage Data
AI-generated content and prompts submitted to our Services
Files, documents, and media uploaded to our platform
Collaboration data (comments, edits, shared content)
Usage patterns and feature interaction data
Performance metrics and analytics related to your use of our Services
2.3 Technical Information
Device information (device type, operating system, browser type)
Connection data (IP address, access times, browser settings)
Cookies and similar tracking technologies
Location data (if enabled on your device)
Log data (error reports, performance data, hardware settings)
3. How We Use Your Data
We use the collected data for various purposes, including:
3.1 Service Provision and Enhancement
To provide, maintain, and improve our Services
To enable features such as collaborative editing and real-time synchronization
To authenticate users and secure account access
To personalize your experience based on preferences and usage patterns
To develop new features and functionality based on user feedback
To ensure compatibility with various devices and browsers
3.2 Communication and Support
To respond to inquiries, support requests, and feedback
To send service-related notifications and updates
To deliver information about new features, services, and promotions
To solicit feedback and conduct user research
To provide technical support and troubleshooting assistance
3.3 Analytics and Improvement
To analyze usage patterns and trends across our platform
To measure the effectiveness of features and user interfaces
To detect and prevent technical issues, errors, and bugs
To improve AI model performance and accuracy through training
To generate anonymized and aggregated insights about content creation
To optimize system performance and resource allocation
4. Data Sharing and Third Parties
We take your privacy seriously and limit data sharing to specific circumstances:
4.1 Service Providers
AI processing partners (OpenAI, Anthropic) for content generation
Cloud hosting providers (AWS, Google Cloud) for infrastructure
Payment processors (Stripe) for subscription and billing management
Analytics services (Google Analytics) for usage monitoring
Customer support platforms for issue resolution
4.2 Legal and Business Transfers
In response to a legal request or court order
To comply with applicable laws and regulations
To protect our rights, privacy, safety, or property
In connection with a merger, acquisition, or business transfer
To enforce our terms of service and prevent misuse
4.3 With Your Consent
We may share information with third parties when you have given explicit consent to do so. You can withdraw this consent at any time.
Our Commitment:
We do not sell your personal data to third parties for marketing or advertising purposes.
5. Data Retention and Deletion
5.1 Retention Periods
Account information: Retained for the duration of your account plus 30 days after deletion
Content data: Stored according to your subscription plan terms
Payment information: Kept in accordance with financial regulations (typically 7 years)
Usage analytics: Retained in anonymized form for up to 24 months
Communication records: Stored for up to 36 months for support purposes
5.2 Data Deletion
You may request complete deletion of your data at any time
Account deletion will remove personal information within 30 days
Content data will be permanently deleted from primary systems within 30 days
Backup systems may retain data for up to 90 days for disaster recovery
Some anonymized aggregate data may be retained for analytics purposes
Data required for legal compliance may be retained as required by law
To request data deletion, contact us at privacy@synaplyai.com or through your account settings.
6. User Rights
Depending on your location, you may have certain rights regarding your personal information:
6.1 Access and Portability
Right to access personal data we hold about you
Right to receive your data in a structured, machine-readable format
Right to transfer your data to another service provider
6.2 Rectification and Erasure
Right to correct inaccurate or incomplete personal data
Right to request deletion of your personal data
Right to request restriction of processing your data
6.3 Objection and Consent
Right to object to processing of your personal data
Right to withdraw consent at any time
Right to opt out of marketing communications
Right to not be subject to automated decision-making
To exercise any of these rights, please contact us at privacy@synaplyai.com. We will respond to all legitimate requests within 30 days.
7. Security and Data Protection
7.1 Technical Safeguards
End-to-end encryption for data in transit using TLS 1.3
AES-256 encryption for all data at rest
Regular security patching and vulnerability assessments
Network monitoring and intrusion detection systems
Role-based access control for internal systems
7.2 Organizational Controls
Employee security training and awareness programs
Background checks for all staff with data access
Multi-factor authentication for all internal tools
Regular security audits and penetration testing
Formal incident response and recovery procedures
7.3 Tenant Isolation
Strict logical separation between customer accounts
Isolated database schemas for customer data
Custom encryption keys per tenant
Robust access controls to prevent unauthorized cross-tenant access
8. International Compliance
8.1 Cross-Border Transfers
Our services are operated primarily from the United States. If you access our Services from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States. By using our Services, you consent to the transfer and processing of your information in the United States.
8.2 Compliance Frameworks
GDPR Compliance: For users in the European Economic Area, we serve as a data controller and/or processor under the General Data Protection Regulation.
CCPA/CPRA Compliance: We honor the rights of California residents under the California Consumer Privacy Act and California Privacy Rights Act.
HIPAA Compliance: For customers in healthcare, we can sign Business Associate Agreements and maintain HIPAA-compliant environments.
SOC 2 Type II: Our systems and processes are regularly audited for security, availability, processing integrity, confidentiality, and privacy.
For specific inquiries about our compliance with particular regulations or standards, please contact our compliance team at compliance@synaplyai.com.
9. Breach Notification Policy
9.1 Detection and Response
We maintain a 24/7 security operations center
Automated alerts for suspicious activity or unauthorized access
Dedicated incident response team ready to address potential breaches
Detailed forensic investigation protocols for security incidents
9.2 Notification Process
In the event of a confirmed data breach affecting personal information, we will:
Notify affected users within 72 hours of confirmation
Provide details about what information was affected
Explain actions taken to contain and remediate the breach
Offer guidance on steps users can take to protect themselves
Notify relevant regulatory authorities as required by law
10. Changes to Privacy Policy
SynaplyAI may update this Privacy Policy periodically to reflect changes in our practices or for legal reasons.
We will provide notice of any material changes 30 days before they become effective.
Updates will be posted on our website and notification will be sent to registered users.
Your continued use of our Services after the effective date constitutes acceptance of the updated Privacy Policy.
Previous versions of this policy will remain accessible in our policy archive.
Questions or Concerns? If you have any questions about this Privacy Policy or our data practices, please contact us at: