Legal

Privacy Policy

Last updated: February 2026

At Synkonic ("we," "us," or "our"), we are committed to protecting your privacy and safeguarding the data you entrust to us. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Synkonic platform, website, and related services (collectively, the "Service").

By accessing or using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please discontinue use of the Service immediately.

1. Information We Collect

1.1 Account Information

When you create an account, we collect information such as your name, email address, company name, job title, and billing information. This information is necessary to provide you with the Service and to communicate with you about your account.

1.2 Usage Data

We automatically collect information about how you interact with the Service, including:

  • IP address and approximate geographic location
  • Browser type, device type, and operating system
  • Pages visited, features used, and time spent on the Service
  • Backup job status, schedules, and configuration settings
  • Error logs and performance metrics

1.3 Backup Data

Synkonic processes and stores the data you choose to back up from connected third-party services such as Zendesk, Dotloop, DocuSign, and Google Workspace. This may include tickets, contacts, documents, transactions, files, and other records from those platforms. We treat all backup data as confidential and process it solely on your behalf.

1.4 Integration Credentials

To connect to your third-party services, we may store OAuth tokens, API keys, or similar credentials. These credentials are encrypted at rest and are used exclusively to perform authorized backup and restore operations.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: To perform backups, restorations, and related operations on your behalf.
  • Account Management: To manage your account, process payments, and provide customer support.
  • Service Improvement: To analyze usage patterns, diagnose issues, and improve the performance and reliability of our platform.
  • Communications: To send you service-related notifications, backup status updates, security alerts, and, with your consent, marketing communications.
  • Security and Fraud Prevention: To detect, prevent, and respond to security incidents and fraudulent activity.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Data Storage and Security

We take the security of your data seriously. All backup data and sensitive credentials are encrypted using AES-256 encryption at rest and TLS 1.2+ encryption in transit. Our infrastructure is hosted in SOC 2 Type II certified data centers with physical security controls, including biometric access, 24/7 monitoring, and redundant power systems.

Additional security measures include:

  • Per-account encryption key management
  • Role-based access controls with least-privilege principles
  • Regular vulnerability assessments and penetration testing
  • Automated intrusion detection and monitoring
  • Encrypted database backups with geographic redundancy
  • Employee access controls with multi-factor authentication required

4. Third-Party Services

We integrate with third-party services to provide our backup functionality. These services include, but are not limited to, Zendesk, Dotloop, DocuSign, and Google Workspace. We access your data on these platforms only through authorized APIs and only to the extent necessary to perform backup and restore operations.

We may also use third-party service providers for:

  • Cloud infrastructure and data storage
  • Payment processing (we do not store full credit card numbers)
  • Analytics and usage monitoring
  • Email delivery for transactional and marketing communications
  • Customer support tooling

All third-party processors are subject to contractual data protection obligations and are selected based on their security practices.

5. Data Retention

We retain your backup data for as long as your account is active or as needed to provide you with the Service. You may configure custom retention policies within your account settings to control how long backup snapshots are retained.

Upon account termination, we will delete your backup data within 30 days unless a longer retention period is required by law or you request an extension. Account information (such as your name and email) may be retained for an additional period to comply with legal obligations, resolve disputes, and enforce our agreements.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Deletion: You may request that we delete your personal data, subject to legal retention obligations.
  • Right to Export: You may request a machine-readable export of your data at any time through your account dashboard.
  • Right to Correction: You may request correction of inaccurate personal data.
  • Right to Restrict Processing: You may request that we limit the processing of your data in certain circumstances.
  • Right to Object: You may object to the processing of your personal data for direct marketing purposes.
  • Right to Data Portability: You may request your data in a structured, commonly used format.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

7. GDPR Compliance

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal data in compliance with the General Data Protection Regulation (GDPR). Our legal bases for processing include:

  • Contractual Necessity: Processing is necessary to perform our contract with you (i.e., providing the backup service).
  • Legitimate Interests: Processing is necessary for our legitimate interests, such as improving the Service, preventing fraud, and ensuring security.
  • Consent: Where required, we obtain your explicit consent for specific processing activities, such as marketing communications.
  • Legal Obligation: Processing is necessary to comply with a legal obligation.

Where we transfer data outside the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission or other lawful transfer mechanisms to ensure adequate protection. You may request a copy of our SCCs by contacting us.

If you believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

8. CCPA Compliance

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you specific rights regarding your personal information:

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You have the right to request deletion of personal information we have collected from you.
  • Right to Opt-Out: You have the right to opt out of the sale of your personal information. Synkonic does not sell personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

We do not sell, rent, or share your personal information with third parties for their direct marketing purposes. To exercise your CCPA rights, please contact us at [email protected].

9. Cookies

We use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and deliver targeted communications. The types of cookies we use include:

  • Essential Cookies: Required for the Service to function properly, including authentication and session management.
  • Analytics Cookies: Help us understand how visitors interact with our website and Service, allowing us to improve the user experience.
  • Preference Cookies: Remember your settings and preferences for a more personalized experience.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of the Service.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by sending you an email notification. The "Last updated" date at the top of this page indicates when the most recent revisions were made.

Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: