Privacy Policy

SynctUp LLC

PRIVACY POLICY

Effective Date: June 12, 2024

‍

This Privacy Notice explains how SynctUp LLC (“SynctUp LLC”, “we”, “us” or “our”) collects, uses, discloses, and otherwise processes Personal Information (as defined below) in connection with our website (the “Site”) and the related content, platform, services, mobile and web applications, product demonstrations, and other functionality offered on or through the online services (collectively, the “Services”). It does not address our privacy practices relating to SynctUp LLC job applicants, employees and other personnel.

‍

What is Personal Information?

When we use the term “Personal Information” in this Privacy Notice, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. It does not include aggregated or deidentified information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual.

‍

Our Collection of Personal Information

Sometimes we collect Personal Information automatically when an individual interacts with our Services and sometimes we collect Personal Information directly from an individual. At times, we may collect Personal Information about an individual from other sources and third parties, even before our first direct interaction.

‍

Personal Information Collected from Individuals Directly

We collect the following Personal Information submitted to us by visitors to our Site, by individuals through our product demonstrations and by account holders:

‍

Contact Information, including name, email address, country/region, phone number and communication preferences.

Demographic Information, including age.

Account Information, including name, company name, employer, job title, job promotion status, email address, phone number, business address, website, username and password, profile information, profile image, address book information, team information, department information, payment and purchase history information, and any other information you provide to us, such as your interests and education history. Please note we utilize a third-party provider to process payments on our behalf and do not accept payment directly through our Services.

Interaction Notes Information, including subject matter of the interaction, date of the interaction, location of the interaction, quotes, call details, meeting notes, and other information you provide in the notes of an interaction.

Inquiry Information, including information provided in custom messages sent through the forms or contact information provided on our Site.

Demonstration and Networking Information, including contact information, job title, company name, number of employees at your company, and video conferencing details.

Survey Information, including information provided in any questions submitted through surveys, or content of any testimonials.

Subscription Information, including your subscriber ID, account contact information and transaction-related information.

‍

Personal Information Automatically Collected

As is true of most digital platforms, we and our third-party providers may also collect Personal Information from an individual’s device, browsing actions and site usage patterns automatically when visiting or interacting with our Services, which may include log data (such as internet protocol (IP) address, operating system, browser type, browser id, the URL entered and the referring page/campaign, date/time of visit, the time spent on our Services and any errors that may occur during the visit to our Services), analytics data (such as the electronic path taken to our Services, through our Services and when exiting our Services, as well as usage and activity on our Services) and location data (such as general geographic location based on the log data we or our third-party providers collect).

‍

We and our third-party providers may use (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such as web beacons, pixels, embedded scripts, location-identifying technologies and logging technologies (collectively, “cookies”) to automatically collect this Personal Information. For example, our Services uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”), to collect and view reports about the traffic on our Services. More information about the use of Google Analytics for these analytical and non-advertising purposes can be obtained by visiting Google’s privacy policy here and Google’s currently available opt-out options are available here.

‍

To manage cookies, an individual may change their browser settings to: (i) notify them when they receive a cookie, so the individual can choose whether to accept it; (ii) disable existing cookies; or (iii) automatically reject cookies. Please note that doing so may negatively impact an individual’s experience using our Services, as some features and offerings may not work properly or at all. Depending on an individual’s device and operating system, the individual may not be able to delete or block all cookies. In addition, if an individual wants to reject cookies across all browsers and devices, the individual will need to do so on each browser on each device they actively use. An individual may also set their email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether they have accessed our email and performed certain functions with it.

‍

Personal Information from Third Parties

We also obtain Personal Information from third parties; which we often combine with Personal Information we collect either automatically or directly from an individual.

‍

We may receive the same categories of Personal Information as described above from the following third parties:

‍

Your Employer / Company: If your employer or company (including representatives of your employer and/or company and administrator account holders) engages in our Services, we may receive your information from them. If another user has been provided access to your account through the delegate or assistant mode, we may receive your information from them. We also may receive your information from your company team members and department colleagues.
Other Users of our Services: If you share your information with a user of our Services, such as through a QR code, SynctUp LLC-generated link or physical business card, we may receive your information from them. We also may receive your information from a user of our Services who manually enters your information into the Services, including any information entered or shared in interaction notes, or who connects their address book.
Third Party Platforms: When an individual connects a third-party platform account to our Services, we may receive some information about individuals that they permit the third-party platform to share with third parties. For example, if you or the administrator account holder connects your Google, Outlook or Salesforce account to our Services, we may receive your information such as contact information, employment information, meeting data, your address book and calendar data.
Social Media: When an individual interacts with our Services through various social media networks, such as when someone “Likes” us on Facebook or follows us or shares our content on Google, Facebook, Twitter, or other social networks, we may receive some information about individuals that they permit the social network to share with third parties. The data we receive is dependent upon an individual’s privacy settings with the social network. Individuals should always review and, if necessary, adjust their privacy settings on third-party websites and social media networks and services before sharing information and/or linking or connecting them to other services.
Service Providers: Our service providers that perform services solely on our behalf, such as survey and marketing providers, collect Personal Information and often share some or all of this information with us.
Information Providers: We may from time to time obtain information from third-party information providers to correct or supplement Personal Information we collect. For example, we may obtain updated contact information from third-party information providers to reconnect with an individual.

‍

Data Storage and Security

We prioritize the security and safe storage of your personal information. Our robust measures include physical, administrative, and technical safeguards to prevent unauthorized access, theft, loss, or misuse of your data. Your information is securely stored on restricted-access servers and transmitted with encryption for enhanced protection. Our security practices undergo regular review to align with the latest standards. It's important to note that while we make every effort to safeguard your data, no method of transmission or storage over the internet can guarantee absolute security.

‍

SYNCTUP LLC securely stores your data in Amazon Web Services and we make sure to apply all security standards and available tools to keep your data secure.

‍

Data transport: All data is encrypted on transit with encryption keys managed via Amazon KMS, no data is transferred using insecure protocols.
Data storage: Database instances are encrypted at rest and in transit as well, so data is always secure. All our backups and static data is encrypted, and databases are segregated and not accessible from the outside. Machines are also behind an Amazon ALB so they are not directly exposed as well and another layer of access security gets added.
Data retention: Once data is released by a customer, data becomes immediately unavailable upon deletion, and completely wiped out after the 7 day backup window period. You may delete your account and the data it contains at any point.
Other Data Protection: We have put in place state-of-the-art measures to ensure the confidentiality and integrity of the data (including backups, archives, possible replicas). We encrypt personal data and data classified as confidential. Personal data is anonymized in development, integration, testing, acceptance, and pre-production cloud environments. Additionally, we have daily backups of all our databases that get encrypted and stored securely on a different zone than the database one so both can’t suffer a failure at the same time.

‍

Our Use of Personal Information

We use Personal Information we collect to:

‍

Fulfill or meet the reason the information was provided, such as to fulfill our contractual obligations, to deliver the Services you have requested and to process transactions;
Manage our organization and its day-to-day operations (i.e.: onboarding clients, business development, managing existing customer base, customer service, sending product updates)
Communicate with individuals, including via email, text message, social media and/or telephone calls for purposes such as the ones stated in the prior point;
Request individuals to complete surveys about our organization, organizations we partner with, and Services;
Facilitate and provide our Services and product demonstrations (i.e.: providing digital business cards to the users and companies that use or pay for our services, managing our Customers’ contact management services, delivering appropriate customer service…)
Market our Services to individuals, including through email, direct mail, phone or text message, especially when delivering new product updates we believe users should be aware of;
Administer, improve and personalize our Services, including by recognizing an individual and remembering their information when they return to our Services (for example, we require to know when individuals have completed our onboarding tutorial);
Process payment for our Services;
Facilitate client benefits and services, including customer support through our command center services;
Identify and analyze how individuals use our Site and Services;
Conduct research and analytics on our client base and our Services;
Improve and customize our Services to address the needs and interests of our client base and other individuals we interact with;
Test, enhance, update and monitor the Services, or diagnose or fix technology problems;
Help maintain the safety, security and integrity of our property and Services, technology assets and business;
Defend, protect or enforce our rights or applicable contracts and agreements;
Prevent, investigate or provide notice of fraud or unlawful or criminal activity; and
Comply with legal obligations.

‍

Where an individual chooses to contact us, we may need additional information to fulfill the request or respond to inquiries. We may provide additional privacy disclosures where the scope of the inquiry/request and/or Personal Information we require fall outside the scope of this Privacy Notice. In that case, the additional privacy disclosures will govern how we may process the information provided at that time.

‍

Legal Basis for Processing Personal Information (EEA and UK visitors only)

If you are a website visitor located in the European Economic Area ("EEA") or United Kingdom ("UK"), SYNCTUP can be contacted by emailing us on the email given on our website www.synctup.com.

As a company, we are dedicated to safeguarding the personal data of our customers and employees. In accordance with this commitment, we comply with the principles of the General Data Protection Regulation (GDPR) when collecting, utilizing, and handling personal data. This includes adherence to principles of legality, fairness, and transparency; limiting data collection to specific purposes; minimizing the amount of data collected; ensuring accuracy; limiting data storage; maintaining integrity and confidentiality; and being accountable for data protection.

Our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it. However, we will normally collect Personal Information from you only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Information from you.

If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your Personal Information). Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

‍

Our Disclosure of Personal Information

We disclose Personal Information in the following ways:

‍

Affiliates. We may share Personal Information with other companies owned or controlled by SynctUp LLC, and other companies owned by or under common ownership as SynctUp LLC, which also includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns, particularly when we collaborate in providing the Services.
Other Users of our Services: If you share your information with a user of our Services, such as through a contact share, QR code, SynctUp LLC-generated link or physical business card, we may disclose your information to them. We also may disclose your information to a user of our Services who is provided your information from other users of the Services, such as any information entered or shared in interaction notes.
Survey Providers: We share Personal Information with third parties who assist us in delivering our survey offerings and processing the responses.
Marketing Providers: We coordinate and share Personal Information with our marketing providers in order to communicate with individuals about the Services we make available.
Customer Service and Communication Providers: We share Personal Information with third parties who assist us in providing our customer services and facilitating our communications with individuals that submit inquiries.
Other Service Providers: In addition to the third parties identified above, we engage other third-party service providers that perform business or operational services for us or on our behalf, such as website hosting, infrastructure provisioning, IT services, analytics services, administrative services.
Other Business As Needed To Provide Services: We may share Personal Information with third parties that an individual engages with through our Services or as needed to fulfill a request or transaction including, for example, payment processing services.
Business Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose Personal Information to a third party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal Information may also be disclosed in the event of insolvency, bankruptcy or receivership.
Legal Obligations and Rights: We may disclose Personal Information to third parties, such as legal advisors and law enforcement:

in connection with the establishment, exercise, or defense of legal claims;
to comply with laws or to respond to lawful requests and legal process;
to protect our rights and property and the rights and property of others, including to enforce our agreements and policies;
to detect, suppress, or prevent fraud;
to protect the health and safety of us and others; or
as otherwise required by applicable law.

Otherwise With Consent or Direction: We may disclose Personal Information about an individual to certain other third parties or publicly with their consent or direction. For example, with an individual’s consent or direction we may post their testimonial on our Site or service-related publications.

‍

If you are a resident of the State of Nevada, Chapter 603A of the Nevada Revised Statutes permits a Nevada resident to opt out of future sales of certain covered information that a website operator has collected or will collect about the resident. Although we do not currently sell covered information, please contact us at privacy-us@SynctUp.com to submit such a request.

‍

How We Transfer Data We Collect Internationally

‍

International Transfers Within SYNCTUP LLC

To facilitate our global operations, we may transfer information to other SYNCTUP LLC Affiliates where we have operations for the purposes described in this policy.

‍

This Privacy Policy will apply even if we transfer Personal Data to other countries. We have taken appropriate safeguards to require that your Personal Data will remain protected wherever it is transferred. When we share Personal Data of individuals in the European Economic Area ("EEA"), Switzerland or the United Kingdom ("UK"), we make use of the Standard Contractual Clauses (which have been approved by the European Commission) and the UK Addendum (as defined within our Data Processing Agreement) as well as additional safeguards where appropriate.

‍

Children’s Personal Information

The Children's Online Privacy Protection Act ("COPPA") protects the online privacy of children under 13 years of age. We do not knowingly collect or maintain Personally-Identifying Information from anyone under the age of 13, unless or except as permitted by law. Any person who provides Personally-Identifying Information through the Website represents to us that he or she is 13 years of age or older. If we learn that Personally-Identifying Information has been collected from a user under 13 years of age on or through the Website, then we will take the appropriate steps to cause this information to be deleted.

‍

If you are the parent or legal guardian of a child under 13 who has become a member of the Website or has otherwise transferred Personally-Identifying Information to the Website, please contact the Company using our contact information below to have that child's account terminated and information deleted.

‍

How to Access and Control your Personal Information

‍

Reviewing, Correcting and Removing your Personal information

If you are a customer, prospect, or otherwise interact with a SYNCTUP LLC customer that uses our Subscription Service and would like to access, correct, amend or delete your data controlled by the customer, please contact the relevant customer directly. SYNCTUP LLC acts as a processor for our customers and will work with our customers to fulfill these requests when applicable.

‍

California Privacy Rights

‍

Applicability

This section applies only to California consumers. For purposes of this section "Personal Information" has the meaning given in the California Consumer Privacy Act (“CCPA”). It describes how we collect, use, and share California consumers' Personal Information in our role as a business, and the rights applicable to such residents. The California Consumer Privacy Act ("CCPA") requires businesses to disclose whether they sell Personal Information. SYNCTUP LLC is a business and does not sell Personal Information. We may share Personal Information with third parties if those third parties are authorized service providers or business partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such Personal Information.

‍

How we Collect, Use and Share Personal Information

We have collected the following statutory categories of Personal Information in the past twelve (12) months:

‍

Identifiers and contact information, such as name, e-mail address, mailing address, phone number, website and employment history. We collect this information directly from you or from third party sources.
Account information, such as subscription records. We collect this information directly from you. This includes name, company name, employer, job title, job promotion status, email address, phone number, business address, website, username and password, profile information, profile image, address book information, team information, department information, payment and purchase history information, and any other information you provide to us, such as your interests and education history. Please note we utilize a third-party provider to process payments on our behalf and do not accept payment directly through our Services.
Interaction Notes Information, including subject matter of the interaction, date of the interaction, location of the interaction, quotes, call details, meeting notes, and other information you provide in the notes of an interaction.
Inquiry Information, including information provided in custom messages sent through the forms or contact information provided on our Site.
Demonstration and Networking Information, including contact information, job title, company name, number of employees at your company, and video conferencing details.
Internet or network information, such as browsing and search history. We collect this information directly from your device.
Geolocation data, such as IP address. We currently do not collect this information from your device.
Other Personal Information, in instances when you interact with us online, by phone or mail in the context of receiving help through our help desks or other support channels; participation in customer surveys or contests; or in providing the Subscription Service.

‍

The business and commercial purposes for which we collect this information are described in the Section called “Our Use of Personal Information” of this Privacy Policy. The categories of third parties to whom we "disclose" this information for a business purpose are described in Section “Our Disclosure of Personal Information” of this Privacy Policy.

‍

Your California Rights

You have certain rights regarding the Personal Information we collect or maintain about you. Please note these rights are not absolute, and there may be cases when we decline your request as permitted by law.

‍

The right of access means that you have the right to request that we disclose what Personal Information we have collected, used and disclosed about you in the past 12 months.

‍

The right of deletion means that you have the right to request that we delete Personal Information collected or maintained by us, subject to certain exceptions.

‍

The right to non-discrimination means that you will not receive any discriminatory treatment when you exercise one of your privacy rights.

‍

SYNCTUP LLC does not sell Personal Information to third parties (pursuant to California Civil Code §§ 1798.100–1798.199, also known as the California Consumer Privacy Act of 2018).

‍

How to Exercise your California Rights

You can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent's identity to protect your Personal Information.

‍

Links to Third-Party Websites or Services

Our Site and Services may include links to third-party websites, plug-ins and applications. Except where we post, link to or expressly adopt or refer to this Privacy Notice, this Privacy Notice does not apply to, and we are not responsible for, any Personal Information practices of third-party websites and online services or the practices of other third parties. To learn about the Personal Information practices of third parties, please visit their respective privacy notices.

‍

Updates to This Privacy Notice

We will update this Privacy Notice from time to time. When we make changes to this Privacy Notice, we will change the date at the beginning of this Privacy Notice. If we make material changes to this Privacy Notice, we will notify individuals by email to their registered email address, by prominent posting on this Site or our Services, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.

‍

Contact Us

If you have any questions or requests in connection with this Privacy Notice or other privacy-related matters, please send an email to privacy@synctup.com.

‍

Appendix D - GDPR Breach Procedures for Personally

‍

Identifiable Information (PII) of EU Residents

‍

Notification to Data Subjects

In the event that a personal data breach is likely to result in a high risk to the rights and

freedoms of natural persons, SynctUp LLC, as Data Controller, shall communicate the

personal data breach to the data subject without undue delay.

‍

The communication to the data subject shall describe in clear and plain language the nature of

the personal data breach and contain at least the following information:

(a) communicate the name and contact details of the data protection officer or other contact

point where more information can be obtained;

(b) describe the likely consequences of the personal data breach;

personal data breach, including, where appropriate, measures to mitigate its possible adverse

effects.

‍

Notification to Supervisory Authorities

In the case of a personal data breach, SynctUp LLC, as Data Controller, shall without

undue delay and, where feasible, not later than 72 hours after having become aware of it, notify

the personal data breach to the Supervisory Authority, unless the personal data breach is

unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification

to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for

the delay.

‍

Notification to Data Controllers (i.e. Customers)

SynctUp LLC as a Data Processor shall notify the customer, as Data Controller, without

undue delay after becoming aware of a personal data breach. The notification shall:

(a) describe the nature of the personal data breach including where possible, the categories and

approximate number of data subjects concerned and the categories and approximate number of

personal data records concerned;

(b) communicate the name and contact details of the data protection officer or other contact

point where more information can be obtained;

(d) describe the measures taken or proposed to be taken by the controller to address the

personal data breach, including, where appropriate, measures to mitigate its possible adverse

effects.

Where, and in so far as, it is not possible to provide the information at the same time, the

information may be provided in phases without undue further delay.

SynctUp LLC shall document any personal data breaches, comprising the facts relating to

the personal data breach, its effects and the remedial action taken.

‍

Exceptions to the Breach Reporting Requirements

Communication to the data subject shall not be required if any of the following conditions are

met:

(a) technical controls, such as encryption, render the personal data unintelligible to any person

who is not authorized to access it

(b) the breach will not result in a high risk to the rights and freedoms of data subjects

communication or similar measure whereby the data subjects are informed in an equally

effective manner representative.

‍