Legal

Privacy Policy

Effective: April 28, 2026

1. Overview

Syn Design Systems ("SDS", "we", "us") is committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data when you use our website, client portal, and services.

2. Information We Collect

We collect information you provide directly:

  • Account registration data (name, email address, password via Supabase Auth)
  • Billing information (processed by Stripe — SDS never stores raw card data)
  • Service requests and messages sent through the client portal
  • Electronic signatures and service agreement acceptance records
  • Contact form submissions

We collect data automatically:

  • Usage analytics via Google Analytics (page views, session duration, referrers). Analytics are anonymized and do not identify individuals.
  • Server logs (IP address, browser/device type, timestamp) for security monitoring
  • Cookies required for authentication session management

3. How We Use Your Information

We use collected data to:

  • Deliver and manage the services you subscribe to
  • Process payments and manage billing through Stripe
  • Send transactional emails (account confirmation, invoices, support responses)
  • Maintain legally required records of signed service agreements
  • Improve our services and diagnose technical issues
  • Comply with legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Third-Party Processors

SDS shares data with the following trusted processors as necessary to deliver services:

5. Data Retention

We retain your account data for the duration of your subscription plus twelve (12) months after cancellation to fulfill any outstanding obligations. Signed service agreements are retained for seven (7) years as legally required business records. Analytics data is retained per Google Analytics default settings (26 months).

Upon written request, we will delete your personal data after the mandatory retention period, except where retention is required by law.

6. Data Security

We use industry-standard security practices: TLS encryption in transit, encrypted databases, environment-isolated API keys, and access controls limiting data access to authorized personnel only. However, no system is completely secure — please notify us immediately of any suspected breach.

7. Cookies

We use strictly necessary session cookies for authentication. We do not use advertising or tracking cookies. Analytics cookies (Google Analytics) can be opted out via your browser settings or Google's opt-out tools.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to retention requirements)
  • Object to or restrict certain processing
  • Data portability (receive your data in a machine-readable format)

To exercise any of these rights, email hello@syndesignsystems.com. We will respond within thirty (30) days.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us immediately for removal.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email. Continued use of our services after notice constitutes acceptance of the updated policy.

11. Contact

Privacy inquiries: hello@syndesignsystems.com