Synap endeavors to comply with the EU Data Protection Directives through adherence to the principles and best practices of the Privacy Shield Framework.
This policy describes how Synap treats your information, not how other organizations treat your information. If you are using Synap in a workplace or on a device or account issued to you by your employer or another organization, that company or organization likely has its own policies regarding storage, access, modification, deletion, and retention of communications and content which may apply to your use of Synap. Content that would otherwise be considered private to you or to a limited group of people may, in some cases, be accessible by your team administrator. Please check with your employer, or administrator about the policies it has in place regarding your communications and related content on Synap.
In this policy we talk about various roles within a Synap team and the privileges that come with each. It is helpful to understand these roles and the relationships between them. Administrative Users have the most control over their team’s settings on Synap. The person who establishes the Synap team is considered the Administrative User with the most control over the team. Teams can have more than one Administrative User. Administrative rights can be transferred to another member after the team is created. Administrative Users are also considered team members.
We collect different kinds of information. Some of it is personally identifiable and some is non-identifying or aggregated. Here are the types of information we collect or receive:
Team information. When you create a team on Synap, we collect your email address (as the Administrative User), your team name, Synap domain (ex: your-team-name.getsynap.com), your user name that appears in your Synap team, and certain tokens required to authenticate your credentials with third party services you connect to through Synap. Optionally, you can provide an email domain to allow people on that domain to sign up for your team without an invitation or individually add email addresses for people you would like to invite to your team.
Account and profile information. The only information we require to create your Synap account is an email address and security credential (either a password or an OAuth authorization from a trusted authentication source, depending on your settings). Optional information you can enter into your profile includes information such as your first and last name, your role, and your phone number. Any information you add to your profile is visible to other people on your team as described on your profile management page.
Billing information. We collect billing address and credit card information if you purchase a paid version of Synap. Credit card information is securely passed to our payment processing partner and is not stored at Synap.
Log data. When you use Synap, our servers automatically record information, including information that your browser sends whenever you visit a website or your mobile app sends when you’re using it. In accordance with GDPR and other data protection laws, we store only minimal and anonymized data in our logs, sufficient to diagnose issues with the Synap service. Logs are retained only for a limited time.
Device information. In addition to log data, we may also collect information about the device you’re using Synap on, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you’re using and its settings.
Geo-location information. We do not collect GPS data from mobile devices. WiFi and IP addresses received from your browser or device may be used to determine approximate location.
Synap usage information. This is information about which features, content, and links you interact with within Synap and what integrations with related services you use.
Email. Synap uses your email to populate activity feeds and identify people and companies you interact with.
Shared email from G Suite or Microsoft.If your Synap team is configured to permit email sharing, andyou have granted consent to Synap to access your messages, Synap downloads those messages and stores them for a period of time in case you choose to "share" those messages with your team. This message information is never otherwise accessible and is automatically purged after a short time window. You can revoke your consent at any time, which stops Synap from downloading any new messages to share.
Service integrations. If you integrate with any third party services on Synap we will connect that service to ours. Depending on your settings, team members may be able to add integrations to Synap. Those integrations are viewable and editable by the Administrative Users. Synap does not receive or store your passwords for any of these services. You can remove an integration at any time which unbinds that integration from that point forward. Doing so does not, however, delete the content that was received from them and indexed within Synap. That content must be deleted manually.
Content that you create within Synap. This includes notes, files, tasks, workflows, uploaded documents, comments, field values, and other artifacts as well as when content was created and shared, and by whom, when or if they were seen by you, and where you received them.
Information from partners or other 3rd parties. Synap may receive information from partners or others that we could use to make our own information better or more useful. This might be aggregate level information about which IP addresses go with which zip codes or it might be more specific information about how well an online marketing or email campaign performed.
Synap sets and accesses our own cookies on our company-owned domains. In addition, we use 3rd parties like Google Analytics and Mixpanel for website analytics. You may opt-out of third party cookies from Google Analytics and Mixpanel on their respective websites. We do not currently recognize or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance.
We use your information for the following:
Providing the Synap service. We use information you provide to authenticate you and share and deliver email messages and other content from integrations to you and from you.
Understanding and improving our products. To make the product better we have to understand how users are using it. We collect data about usage and we intend to use it in many different ways to improve our products, including research. This policy is not intended to place any limits on what we do with usage data that is aggregated or de-identified so it is no longer tied to a Synap user.
Investigating and preventing bad things from happening. We work hard to keep Synap secure and to prevent abuse and fraud.
In compliance with the Privacy Shield Principles, Synap commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Synap at: email@example.com
Synap has further committed to refer unresolved Privacy Shield complaints to EU Data Protection Authorities (DPAs), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit EU Data Protection Authorities (DPAs) (http://www.uscib.org/privacy-shield/) for more information or to file a complaint. The services of EU Data Protection Authorities (DPAs) are provided at no cost to you.
Solving your problems and responding to your requests. If you contact us with a problem or question, we will use your information to respond to that request and address your problems or concerns.
In-product communications. We may use the information you provide to contact you through in-product messaging tools.
Email messages. We may send you service and administrative emails, such as when we notice that you are nearing a message limit. We may also contact you to inform you about changes in our services, or our service offerings. These messages are considered part of the service and you may not opt-out of them. In addition, we sometimes send emails to Synap users about new product features or other news about Synap. You can opt-out of these at any time.
When you use Synap, you have control over a number of things with respect to your own privacy and choices about how your content is visible to others or not. If you are a Synap Administrative User, you have additional choices that impact your team’s privacy. Some users will not have access to all of the same options that their administrator(s) does(do). That is because Synap is set up to be team-oriented, and to provide Administrative Users with the maximum ability to control their teams.
If you are a member of a team, you may deactivate your account. Deactivation of an account disables your access to the Synap team associated with that account but does not delete your profile, content which you have created within Synap, or messages you have shared with your Synap team, which are considered part of your team’s data.
Whether you can delete your message content depends on your team’s settings. In addition, a record of edits and deletions may be retained by your team, depending on the service level of your team and your team’s settings.
Administrative Users have the ability to manage and change most of the team settings, including retention settings, and can modify whether or when team members can edit or delete messages. Administrative Users can also deactivate team member accounts for their team. Only an Administrative User can deactivate or delete a team.
The browser you use may provide you with the ability to control cookies or other types of local data storage.
Your mobile device may provide you with choices around how and whether location or other data is shared with us.
There are times when communications and related content and other user information may be shared by Synap. This section discusses only how Synap may share user information. Organizations that use Synap may have their own policies for sharing and disclosure of information they can access through Synap.
With consent, to comply with legal process, or to protect Synap and our users. When we have your consent or if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or Synap; or to detect, prevent, or otherwise address fraud, security or technical issues. If we receive a law enforcement or other third party request for information we will provide prior notice to the subject of the request where we are legally permitted to do so. For more information on Synap’s policies for responding to requests for user data, please see our User Data Request Policy.
About you with your organization or Administrative User(s). We may share your email address and team name with your organization. If the email address under which you've registered your account belongs to or is controlled by an organization we may disclose that email address and associated team names to that organization in order to help it understand who associated with that organization uses Synap, and to assist the organization with its enterprise accounts. Please do not use a work email address for our services unless you are authorized to do so, and are therefore comfortable with this kind of sharing.
In addition, there may be times when you contact Synap to help resolve an issue specific to a team you are a member of. In order to help resolve the issue, we may need to share your concern with your Administrative User(s).
That is aggregated and non-identifiable. We may also share aggregated or non-personally identifiable information with our partners or others for business or research purposes. For example, we may tell a prospective Synap customer the average number of messages tracked within a Synap team or may partner with a research firm or academics to explore interesting questions about workplace communications. Again, this policy is not intended to prohibit the disclosure and use of aggregated or de-identified data.
Upon request, we will provide you with reasonable access to the personal information we collect about you. Because personal information—for example, your email address—is required to use Synap, we retain personal information as long as your account is active. You will have the opportunity to correct, update, modify or delete this information updating your information in Synap.
Please note that some information may remain in our records even after you request deletion of your information as permitted by the Privacy Shield principles. Additionally, there may be limits to the amount of information we can practically provide. For example, we may limit an individual's access to personal information where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy or where doing so would violate others' rights.
Because we adhere to the Privacy Shield Principles, we are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), and shoulder liability in certain cases of onward transfers to third parties.
If you have any concerns or complaints about how you think we've handled your personal information, please contact firstname.lastname@example.org or at our address below. We will work hard to investigate and resolve any complaints you might have.
We hope it won't ever come to this, but if you've already contacted us and feel that your complaint cannot be resolved between the two of us, we have agreed to participate in the dispute resolution procedures established in the Privacy Shield Principles regarding personal information received from the EEA. For such escalated disputes, you can contact your local Data Protection Authority (DPA).
Synap takes reasonable steps to protect information you provide to us as part of your use of the Synap service from loss, misuse, and unauthorized access or disclosure. All communication with the Synap service is encrypted with secure socket layer technology (SSL). We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no electronic or email transmission or digital storage mechanism is ever fully secure or error free.
To learn more about current practices and policies regarding security and confidentiality, please see our Security Policy.
Synap is not directed to children under 13. If you learn that a minor child has provided us with personal information without your consent, please contact us immediately.
We may change this policy from time to time, and if we do we will post any changes on this page. If you continue to use Synap after those changes are in effect, you agree to the revised policy. If the changes are material, we may provide more prominent notice or seek your consent to the new policy.
Imagineer Technology Group
Attn: Jeremie Bacon
20 N. Wacker Drive, 12th Floor
Chicago, Illinois 60606