Privacy Policy
Please read these terms and conditions carefully before using our services.
1. Introduction
Synthetiq Labs Inc. (“Synthetiq,” “we,” “us,” or “our”) provides a desktop application and related services that enable users to build and deploy applications on their own infrastructure. This Privacy Policy explains how we collect, use, store, disclose, and protect personal information when you use our website (synthetiq.com), download or use the Synthetiq desktop application, or create an account (collectively, the “Services”).
By accessing or using our Services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, please do not use our Services.
This Privacy Policy does not apply to any data that you create, process, or store using the Synthetiq application, including any data exchanged with third-party services you configure (such as AI or LLM providers). That data resides entirely on your own machine or infrastructure and is never accessible to Synthetiq. You are solely responsible for the privacy practices of your own applications.
2. Information We Collect
We practice data minimization by design and collect only what is strictly necessary to authenticate you and manage your software license.
2.1 Information You Provide
Account information: Name and email address, provided when you create your account.
Communications: If you contact us for support, we collect the content of your communications and any information you voluntarily provide.
2.2 Information Generated Automatically
License and subscription data: Your license type, subscription status, and entitlements.
Authentication event data: Login timestamps and session tokens necessary for platform security.
2.3 Information We Do Not Collect
Application data, databases, files, or content created using the Synthetiq application
AI or LLM API keys, prompts, responses, or any data sent to or received from third-party services you configure
Usage analytics, behavioral data, or telemetry
Sensitive personal information such as biometric data, precise geolocation, or financial information
3. How We Use Your Information
We use your personal information exclusively for the following purposes:
Authentication and access: To verify your identity, manage your account, and provide secure access to the application.
License management: To validate your software license and subscription entitlements.
Service metadata: To maintain records related to your use of the platform.
Security: To detect and prevent unauthorized access, fraud, and security incidents.
Service communications: To send service-related notifications such as security alerts and updates. We do not send marketing emails unless you explicitly opt in.
Support: To respond to your inquiries and provide technical assistance.
Legal compliance: To comply with applicable laws, regulations, and legal processes.
We do not use your personal information for profiling, automated decision-making, targeted advertising, or any purpose beyond those listed above.
4. Legal Basis for Processing
We process your personal information on the following legal grounds:
Performance of contract: Processing necessary to provide the services you signed up for, including authentication and license management.
Legitimate interest: Processing necessary for platform security and fraud prevention, provided these interests do not override your rights and freedoms.
Legal obligation: Processing necessary to comply with applicable legal or regulatory requirements.
Consent: Where required by law, we process your data based on your consent, which you may withdraw at any time.
5. How We Share Your Information
We do not sell, rent, or trade your personal information. We do not share personal data with advertisers, analytics providers, or data brokers.
We may share personal information in the following limited circumstances:
5.1 Service Providers
We engage a limited number of third-party service providers to help us operate our Services, including infrastructure hosting and authentication services. These providers process personal information only on our behalf and in accordance with our instructions. A current list of sub-processors is available at synthetiq.com/legal/subprocessors.
5.2 Legal and Regulatory Disclosures
We may disclose your personal information if required by law, regulation, legal process, or governmental request, or when necessary to protect our rights, your safety, or the safety of others.
5.3 Business Transfers
In the event of a merger, acquisition, or similar transaction, your personal information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.
6. Data Storage and Security
We implement appropriate technical and organizational measures to protect your personal information, including:
Encryption at rest (AES-256) and in transit (TLS 1.2 or higher) for all account data
Cryptographic hashing of passwords (never stored in plaintext)
Role-based access controls and multi-factor authentication (MFA) for administrative access
Row-level security policies at the database level for data isolation between users
Logging and auditing of all administrative access
Account data is stored on infrastructure located in the United States.
No method of transmission over the internet or electronic storage is 100% secure. While we use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.
7. Data Retention
We retain personal information only as long as necessary to fulfill the purposes for which it was collected.
| Data Type | Retention Period | Disposal Method |
|---|---|---|
| Account information | Duration of active account | Secure deletion within 30 days of closure or deletion request |
| License and subscription data | Duration of active account | Deleted with account data |
| Authentication logs | 90 days | Automatic expiration via log rotation |
| Backup archives | 7 to 30 days | Automatic expiration per provider retention policy |
We do not retain data indefinitely. All retention periods serve a defined business or legal purpose.
8. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
Right to access: Request the categories and specific pieces of personal information we have collected about you.
Right to correction: Request that we correct inaccurate or incomplete personal information.
Right to deletion: Request deletion of your personal information. We will delete your data from active systems within 30 days of a verified request. Backup copies expire per our retention schedule.
Right to portability: Request a copy of your personal information in a structured, machine-readable format.
Right to restrict processing: Request that we limit processing under certain circumstances.
Right to object: Object to processing based on our legitimate interests.
Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing.
Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise any of these rights, contact us at security@synthetiq.com. We will verify your identity and respond within 30 days (or sooner if required by applicable law).
9. California Residents (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
We do not sell your personal information and have not done so in the preceding 12 months.
We do not share your personal information for cross-context behavioral advertising.
We do not use or disclose sensitive personal information for purposes beyond those permitted under the CCPA.
You may designate an authorized agent to submit requests on your behalf with written authorization.
Categories of personal information collected, purposes of collection, and categories of recipients are described in Sections 2, 3, and 5.
10. Other U.S. State Privacy Laws
Residents of states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Indiana, Iowa, Tennessee, Delaware, New Hampshire, New Jersey, Nebraska, Kentucky, Maryland, Minnesota, Rhode Island, and others as enacted) have similar rights to those described in Section 8. We honor verified requests from residents of all U.S. states with applicable privacy legislation.
To appeal a decision regarding your privacy rights request, contact us at security@synthetiq.com with the subject line “Privacy Rights Appeal.”
11. European Economic Area, United Kingdom, and Switzerland
If you are located in the EEA, UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) and equivalent local laws, including those described in Section 8. Additionally:
Data controller: Synthetiq Labs Inc. is the data controller for the personal information described in this Privacy Policy.
Right to lodge a complaint: You may lodge a complaint with your local data protection supervisory authority.
Your data is stored and processed in the United States. We rely on Standard Contractual Clauses (SCCs) and Data Processing Addendums with our service providers to lawfully transfer data.
12. Do Not Track and Global Privacy Control
Synthetiq does not track users across third-party websites and does not collect behavioral data. Do Not Track (DNT) and Global Privacy Control (GPC) signals do not materially change our data practices. We respect these signals as an expression of user privacy preferences.
13. Cookies
Our website uses only essential cookies strictly necessary for session management and authentication. We do not use analytics, advertising, or third-party tracking cookies. The Synthetiq desktop application does not use cookies.
14. Children’s Privacy
Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we learn we have collected such information, we will delete it promptly. Contact us at security@synthetiq.com if you believe we may have collected information from a child.
15. Third-Party Services
Our Services may contain links to or integrations with third-party services not operated by Synthetiq. Your interactions with third-party services are governed by their own privacy policies. We encourage you to review those policies before providing personal information.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last Updated” date and, where appropriate, notify you via email or through the application. Continued use of our Services after changes constitutes acceptance of the updated policy.
17. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:
Synthetiq Labs Inc.
Email: security@synthetiq.com
Website: synthetiq.com
For data subject rights requests, email security@synthetiq.com with the subject line “Privacy Rights Request.” We will respond within 30 days.
EU/EEA residents may also lodge a complaint with their local data protection supervisory authority.
Ready to Transform Your Enterprise?
Join the companies building the future with Synthetiq. Our team is ready to help you get started.
Contact Sales