Synaptic Privacy Policy

Introduction

CyberG7 Technologies LLP ("CyberG7", "we", "us") operates the Synaptic platform, an all-in-one AI productivity service with multiple intelligent agents. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use Synaptic. It also outlines your rights regarding your data. By using Synaptic, you agree to the collection and use of information as described in this policy.

Information We Collect

We collect several categories of information to provide and improve the Synaptic platform:

Account Information

When you create an account, we collect personal information such as your name (if provided), email address, and a hashed password. We also store subscription plan details and account settings.

User-Generated Content

We store content you input or create on Synaptic (e.g. text prompts, documents, notes, images, audio, or other files you upload or generate using the platform's AI agents). This content may include personal data if you choose to include it.

Payment Information

If you purchase a paid subscription, payment details (e.g. credit card number, billing address) are processed via our third-party payment processor (Stripe) and not stored on our servers. We may retain basic transaction records (e.g. the amount paid and transaction dates) for accounting and subscription management.

Usage Data

We automatically collect information about how you interact with Synaptic. This may include:

• Log Data: Technical information such as your IP address, browser type, device type, unique device identifiers, pages or features accessed, and the dates/times of access.
• Cookies and Similar Technologies: We use cookies or similar tracking technologies to manage your login sessions, remember preferences, and gather analytic information about platform usage. (See Cookies & Tracking below for more details.)

Communications

If you contact us for support or respond to surveys or emails, we collect the information you provide (such as the content of your message and contact details) and keep records of our correspondence.

How We Use Your Information

We use the collected information for purposes consistent with providing and enhancing the Synaptic service, including:

Providing the Service

We use your account data to authenticate you and enable access to Synaptic. Your user-generated content (including prompts and uploaded files) is used to operate the AI features (e.g. generating responses, creating images or transcriptions) and to display results back to you within the platform.

Personalization and Improvement

We may use your usage data and content to personalize your experience (for example, remembering your preferences or frequently used agents) and to improve Synaptic's features. This includes analyzing usage trends to refine our AI models or user interface, and fixing bugs or usability issues.

Subscriptions and Payments

We use account and payment-related information to manage subscriptions, process payments (via Stripe), send billing receipts or confirmations, and handle plan upgrades or changes.

Communications

We may use your email address to send important account or service-related communications, such as registration confirmations, password reset emails, subscription notices, or significant updates to the platform or policies. If you have opted in to receive marketing communications, we might occasionally send newsletters or offers; you can opt out at any time.

Security and Abuse Prevention

Information (especially usage and log data) is used to monitor for fraudulent, suspicious, or unauthorized activities. This helps us protect the security of user accounts, detect and prevent misuse of the platform (such as violations of our Terms or acceptable use policies), and ensure the integrity of our integrations with third-party services.

Legal Compliance

We may process and disclose personal data as required to comply with applicable laws and regulations, respond to lawful requests (e.g. court orders or government inquiries), or to enforce our Terms and legal rights (including the investigation of potential violations).

Cookies & Tracking Technologies

Synaptic uses cookies and similar technologies to enhance user experience:

Session Cookies

We use cookies to keep you logged in as you navigate the platform and to remember settings like your language or interface preferences.

Analytics Cookies

We may use cookies or third-party analytics tools to collect aggregated usage data about how users interact with Synaptic. This information helps us understand user behavior and improve functionality. (For example, we might track which features are most used or measure engagement metrics.)

Cookie Choices

You can control or delete cookies through your browser settings. Note that if you disable cookies, some features (like staying logged in) may not function properly. By using Synaptic with cookies enabled in your browser, you consent to our use of cookies as described.

We do not use cookies for third-party advertising purposes on the Synaptic platform. All tracking is primarily for functionality and internal analytics.

Disclosure of Your Information

We do not sell your personal information. However, we do share certain data with trusted third parties in order to provide the Synaptic service and run our business:

Service Providers

We utilize reputable third-party services to power core aspects of Synaptic. These providers only receive the information necessary for their function and are contractually obligated to protect it. Key service providers include:

AI Processing Partners

Synaptic integrates with external AI and machine learning APIs to deliver its features:

• OpenAI and Anthropic: for natural language understanding and generation (your text prompts and related context may be sent to these providers' servers to generate AI responses).
• Replicate: for running various machine learning models (text, image, or other outputs) on your behalf.
• Astria AI: for custom image generation and fine-tuning (if you use image generation features or provide images for model training, those images are processed by Astria's service).
• Eleven Labs: for text-to-speech and voice synthesis features (text you submit for voice generation and any voice samples you provide are sent to Eleven Labs for processing).
• Deepgram: for speech-to-text transcription (audio you upload for transcription is processed by Deepgram's API to return text results).

Infrastructure and Database

• Google Cloud Platform (GCP): for cloud hosting and storage of the Synaptic platform (your data may be stored on servers or databases hosted in GCP data centers).
• Supabase: for our application database, user authentication, and storage needs. Your account information and content are stored in our Supabase-managed database (hosted on cloud infrastructure).

Payment Processor

Stripe: for secure payment processing. If you subscribe to a paid plan, you will provide payment details (credit card, etc.) directly to Stripe via Synaptic's interface. Stripe processes your payment transactions and may store your payment details. We do not receive or store full credit card numbers; we only receive confirmation of payment and basic billing info. Stripe's handling of your data is covered by their own privacy policy.

Business Partners

In some cases, we might partner with other companies or contractors for services like customer support, email distribution, or additional analytics. They will access your data only to perform tasks on our behalf and in compliance with this Privacy Policy.

Legal Compliance and Protection

We may disclose personal information if we believe in good faith that such action is necessary to:

• Comply with a legal obligation or respond to valid legal process (e.g. subpoenas, court orders, or government demands).
• Protect the rights, property, or safety of CyberG7, our users, or the public. This includes exchanging information with other companies and organizations for fraud prevention or investigating security concerns.

Corporate Transactions

If CyberG7 or the Synaptic platform is involved in a merger, acquisition, investment, reorganization, bankruptcy, or sale of all or part of its assets, your information may be transferred to the succeeding entity as part of that transaction. We will ensure any such entity is bound to respect your personal data in line with this policy.

International Data Transfers

By using Synaptic, you acknowledge that your information may be transferred to and processed in countries other than your own. Our primary operations are based in Singapore and Malaysia, but many of our third-party service providers are located in the United States and other countries.

Transfers and Safeguards

When we transfer personal data out of Singapore or your country, we take steps to ensure that adequate safeguards are in place. For example, transfers of data from Singapore comply with the Personal Data Protection Act (PDPA) requirements. If we transfer data from the European Economic Area (EEA) or United Kingdom to outside those regions, we rely on approved mechanisms such as Standard Contractual Clauses or your consent where applicable to ensure your data is protected.

Different Data Protection Laws

Different countries may have data protection laws that vary in strictness. In all cases, we will handle your personal information as described in this Privacy Policy and in accordance with applicable law.

Third-Party Providers' Locations

The third-party AI providers (OpenAI, Anthropic, etc.) and infrastructure services (GCP, Supabase, Stripe) may process and store data in various jurisdictions (for example, the United States or EU data centers). By using Synaptic, you consent to the transfer of your data to these parties in their relevant jurisdictions, understanding that while those countries may have different data protection standards, we contractually obligate our providers to uphold privacy protections consistent with this policy.

Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law:

Account Information

We keep your account registration data (like email, subscription info) for as long as your account is active. If you delete your account or it's terminated, we will remove or anonymize personal information within a reasonable timeframe, except to the extent it's necessary to retain it for legal obligations or legitimate business interests (e.g. retaining transaction records for financial reporting, or logs for security purposes).

User-Generated Content

Content you create on Synaptic is stored until you delete it or delete your account. If you remove specific content (for example, deleting a document or image within the platform), we will delete it from active systems. However, residual copies may persist temporarily in backups. Any cached data held by our integrated AI providers may also be retained by them for a short period for processing and monitoring purposes (refer to the respective provider's policy for specifics).

Usage Data

We generally retain usage logs and analytics data for a reasonable period to support auditing, analysis, and security efforts. Typically, this data is aggregated or anonymized over time so it no longer identifies individual users.

When we no longer have a legitimate need to retain your personal information, we will securely delete or anonymize it. If deletion (or anonymization) is not immediately feasible (for example, because data is stored in backup archives), we will securely store the information and isolate it from further use until deletion is possible.

Data Security

We take the security of your data seriously and implement a variety of technical and organizational measures to protect it:

Encryption

We use encryption to protect sensitive data. For example, our databases use encryption at rest, and data transmissions (between your browser/app and our servers, or between our servers and third-party services) are protected via HTTPS/TLS encryption.

Access Controls

We limit access to personal data to authorized personnel who need it to operate or improve the Synaptic platform. Our team members and contractors are bound by confidentiality obligations.

Security Practices

We regularly review our information collection, storage, and processing practices to guard against unauthorized access or alteration. We utilize firewalls, access logging, and, where possible, automated threat detection systems to prevent and detect unauthorized access to our systems.

No Guarantee

Despite our efforts, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security of your data. Users are also responsible for maintaining the security of their account password and for restricting access to their Synaptic account.

If you have reason to believe that your interaction with Synaptic or your account is no longer secure (for example, if you suspect your account has been compromised), please contact us immediately so we can assist.

Your Rights and Choices

You have certain rights and choices regarding your personal information:

Access and Correction

You may access and update certain account information by logging into your Synaptic account (for instance, you can change your email or password in your profile settings). If any personal data we hold about you is inaccurate or incomplete, you have the right to request correction.

Data Portability

Where applicable law (such as GDPR) provides, you may request a copy of personal data you have provided to us in a common machine-readable format.

Deletion

You can request deletion of your personal data. You may directly delete some information (e.g. remove content you've created or close your account via the account settings). For any data not removable by you, contact us to request deletion. We will honor deletion requests to the extent required by applicable law, but note that we may retain certain information as described in Data Retention above (e.g. for legal compliance or internal record-keeping).

Withdrawal of Consent

When our processing of your personal information is based on consent, you have the right to withdraw consent at any time. For example, you can opt out of marketing emails by clicking the "unsubscribe" link in those emails, or you can disable any optional data sharing through your account settings (if available) or by contacting us. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

Objection and Restriction

You may have the right to object to or request that we restrict certain processing (for instance, if you believe data is inaccurate or our processing is unlawful). In certain cases, you can also object to processing of your data for direct marketing or where we rely on a legitimate interest as our legal basis (if applicable).

California Privacy Rights

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) including the right to know what personal information we collect, to access it, and to request deletion of your information. We do not sell personal information. California users can exercise their rights by contacting us as described below. (Note: The scope of these rights is subject to certain exemptions under CCPA.)

Submitting Requests

To exercise any of your rights, please contact us at the contact information provided in the Contact Us section below. We will respond to legitimate requests within the timeframe required by law (for example, within 30 days for many requests under PDPA or GDPR) and will inform you if we need additional information to verify your identity. If we cannot fulfill a request, in whole or in part, we will provide an explanation.

Please note that exercising certain rights (like deletion or objection) may impact your ability to use the Synaptic service. For instance, if you request deletion of essential information or withdraw consent for processing necessary to provide the service, we might not be able to continue providing your account.

Children's Privacy

Synaptic is intended for use by adults and we do not knowingly collect personal data from children:

Minimum Age

You must be at least 18 years old to create a Synaptic account. If you are between 13 and 17 years old, you may use Synaptic only with the involvement and consent of a parent or legal guardian.

We do not knowingly solicit or collect personal information from children under 13 (or under the relevant age of consent in your jurisdiction). If you are under such age, please do not use Synaptic or submit any personal data to us.

If we learn that we have inadvertently collected personal information from a child under 13 without appropriate consent, we will take steps to delete that information as soon as possible. If you believe a child under 13 (or under the applicable minimum age) has provided us with personal data, please contact us so we can take appropriate action.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

When we make changes, we will update the "Last updated" date at the top of this policy. For significant changes, we may also provide a more prominent notice (such as by emailing registered users or placing a notice on our website or in the Synaptic app).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of Synaptic after any update to this Privacy Policy will constitute your acceptance of the changes (to the extent permitted by law).

If you do not agree with any changes to this Privacy Policy, you should discontinue use of the platform and may request that we delete your data as described above.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

We will do our best to address your inquiry in a timely and effective manner. If you are not satisfied with our response, you may have the right to lodge a complaint with the privacy or data protection regulatory authority in your country (for example, the Personal Data Protection Commission in Singapore, or a Data Protection Authority in the EU).