Synthalyst

Privacy Policy

Last Updated: April 8, 2025

1. Introduction

Welcome to Synthalyst ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. This Privacy Policy complies with applicable data protection laws, including U.S. federal and state privacy legislation such as the California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and other state privacy laws. We have designed our practices to align with the requirements of comprehensive state privacy laws while respecting your privacy rights regardless of your location.

2. Information We Collect

We may collect the following types of information:

2.1 Personal Information

  • Name, email address, and contact details
  • Account credentials (username and password)
  • Profile information you provide
  • Payment information (processed securely through third-party payment processors)

2.2 Usage Information

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Cookies and similar technologies
  • User content and interactions

2.3 Sensitive Data

We do not collect sensitive personal data (such as racial or ethnic origin, religious beliefs, sexual orientation, health information, or biometric data) unless strictly necessary to provide the services you request. When collection of sensitive data is necessary, we will obtain your explicit consent before collecting and processing such information.

2.4 Authentication Information

We use Firebase Authentication for user authentication. When you sign in using Google authentication, we collect:

  • Your Google email address
  • Your Google profile display name
  • Your Google profile photo URL (if available)
  • Your Google account ID (in an encrypted format)

We only collect this information to provide you with authentication services, remember your login state if requested, and personalize your experience within our application. Our use of this information complies with Google's API Services User Data Policy, including the Limited Use requirements.

3. How We Use Your Information

We use your information for the following purposes:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send administrative messages and updates
  • Respond to your comments, questions, and requests
  • Send marketing communications (with your consent)
  • Monitor and analyze trends, usage, and activities
  • Detect, prevent, and address technical or security issues
  • Comply with legal obligations

3.1 Data Minimization

We adhere to the data minimization principle by collecting only the personal information that is relevant and necessary for the purposes described in this Privacy Policy. We will not collect additional categories of personal information or use the personal information collected for materially different purposes without providing notice.

3.2 Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. We will securely delete or anonymize your personal information when it is no longer needed.

3.3 Google User Data - Limited Use

Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. This means:

  • We only use the data to provide or improve user-facing features that are prominent in our application's interface
  • We do not transfer the data to third parties except in limited circumstances outlined in the policy
  • We do not use or transfer the data for serving advertisements
  • We do not allow humans to read the data unless explicitly permitted by Google's policy
  • We do not use the data for any purpose other than providing our services to you

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • With service providers who perform services on our behalf
  • For legal compliance, fraud prevention, and safety purposes
  • In connection with a business transfer (merger, acquisition, etc.)
  • With your consent or at your direction

We do not sell your personal information as defined by state privacy laws. If this practice changes in the future, we will update this policy and provide appropriate methods for you to opt out.

5. Data Security

We implement appropriate technical and organizational measures to protect the security of your personal information. These measures include encryption, access controls, regular security assessments, and staff training on data protection. We regularly monitor our systems for possible vulnerabilities and attacks and maintain a data breach response plan. However, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our safeguards.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • The right to know what personal information we collect and how it is used
  • The right to access your personal information
  • The right to correct inaccurate personal information
  • The right to delete your personal information
  • The right to data portability (obtaining a copy of your data)
  • The right to opt out of the sale of personal information
  • The right to opt out of targeted advertising
  • The right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects
  • The right to limit the use and disclosure of sensitive personal information
  • The right to non-discrimination for exercising your privacy rights

To exercise your rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within the timeframe specified by applicable law (typically 45 days, with the possibility of a 45-day extension when reasonably necessary). We will verify your identity before fulfilling your request.

7. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will promptly delete that information. For children between the ages of 13-15, we may collect information with the child's consent in some jurisdictions, but where parental consent is required, we will obtain verifiable parental consent before any collection, use, or disclosure of personal information.

If you believe we have collected information from a child under 16, please contact us immediately at hello@synthalyst.com.

8. International Data Transfers

Your information may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. When we transfer your personal information to other countries, we will implement appropriate safeguards and controls to ensure that your information receives an adequate level of protection in the countries to which it is transferred.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date. We will notify you of material changes to this Privacy Policy by posting a notice on our website or by sending you an email notification. We encourage you to review this Privacy Policy frequently to stay informed about how we are protecting your information.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:hello@synthalyst.com