Privacy Policy (App)

Last updated: March 10, 2025

This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use Our application ("Service") and informs You about Your privacy rights and how the law protects You.

We collect and use various types of data to provide and improve the Service. By using the Service, You agree to the collection and use of data in accordance with this Privacy Policy.

1. Interpretation and Definitions

1.1 Interpretation

Words whose initial letters are capitalized have meanings defined under the following conditions. These definitions have the same meaning regardless of whether they appear in singular or in plural.

1.2 Definitions

For the purposes of this Privacy Policy:

• Account: A unique account created for You to access parts of Our Service.

• Application: Refers to SYN-FX, the software program provided by the Company.

• Business (For CCPA/CPRA): Refers to the Company that collects personal information, determines the purposes for data processing, and does business in California.

• CalOPPA (California Online Privacy Protection Act): A California state law that requires commercial websites and online services to post a privacy policy.

• CCPA/CPRA: Refer to the California Consumer Privacy Act and California Privacy Rights Act, respectively, providing California residents with certain rights regarding their personal information.

• Company (referred to as "We", "Us", or "Our" in this Agreement): SYN-FX LP, located at 501 Silverside Road, STE 105-167, Wilmington, DE 19809. For the purpose of the GDPR, the Company is the Data Controller.

• Consumer (For CCPA/CPRA): A natural person who is a California resident.

• COPPA: The Children's Online Privacy Protection Act, protecting personal information of children under 13 in the US.

• Country: Refers to Delaware, United States.

• Data Controller (For GDPR): The Company, which alone or jointly with others, determines the purposes and means of personal data processing.

• Device: Any device that can access the Service such as a smartphone or a tablet.

• Do Not Track (DNT): A concept promoted by US regulatory authorities for an internet mechanism that allows users to control online activity tracking.

• GDPR: The EU General Data Protection Regulation.

• Personal Data: Any information related to an identified or identifiable individual (under GDPR and other privacy laws), such as name, identification number, location data, or online identifiers.

• Service: The Application.

• Service Provider: Any natural or legal person who processes data on behalf of the Company.

• Usage Data: Data collected automatically, generated by the use of the Service.

• You: The individual accessing or using the Service or the legal entity on behalf of which such individual is accessing or using the Service.

2. Collecting and Using Your Data

2.1 Types of Data Collected

2.1.1 Personal Data

While using Our Service, we do not collect personally identifiable information such as your name or email address automatically. However, if You contact us via email or through the in-app contact button for support, We may store and use this voluntarily provided data (e.g., your email address and the content of your message) to respond to your inquiries and provide support.

2.1.2 Usage Data

Usage Data is collected automatically when using the Service and typically includes:

• Pseudonymous User Identifiers: We assign unique identifiers to users that allow us to track events and behavior within the application across multiple sessions. These identifiers enable us to analyze user interactions over time without revealing your real identity.

• Events and Interactions: Data about how You use the Application (e.g., pages visited, actions taken, time spent) to understand and improve the user experience.

• Device and Technical Information: Non-personal information such as device model, operating system type and version, and app version to ensure optimal performance and for debugging purposes.

• Diagnostics and Performance Data: In case of crashes or errors, we may collect diagnostic information to identify and fix issues promptly.

• Location Information: We do not collect any precise location data. We only collect country-level location information to help us understand general user distribution and improve the Service.

2.1.3 Media

• We do not upload or store your photos or videos. All media created or edited with our Service remains exclusively and securely on your device.

2.2 Use of Your Data

The Company uses collected data for the following purposes:

• To Provide and Maintain Our Service: Ensuring it runs efficiently and reliably.

• To Improve and Personalize the Service: Analyzing usage patterns to enhance user experience and develop new features.

• For Internal Research and Analytics: Understanding how the Service is used helps us refine the product, correct issues, and make data-driven decisions for ongoing improvements.

• To Monitor the Usage of Our Service: Tracking which features are most popular and how different user segments engage with the app.

• To Comply with Legal Obligations: Responding to law enforcement or other governmental agency requests, where necessary.

• To Communicate with You: If You contact us for support, we may use your voluntarily provided email address and the content of your request to assist you.

2.3 Retention of Your Data

We retain usage data as long as necessary for the purposes outlined in this Privacy Policy. Since pseudonymous and aggregated data does not directly identify you personally, it may be retained indefinitely for analysis and improvement of the Service, unless a specific retention period is mandated by applicable laws.

Data provided voluntarily through support inquiries will be retained for as long as necessary to address and resolve the request and to comply with legal obligations.

2.4 Transfer of Your Data

Your pseudonymous usage data is processed at the Company’s operating offices and in locations where the parties involved in processing are situated. It may be transferred to and stored on servers located outside of your state, country, or jurisdiction. We ensure appropriate safeguards to protect your data consistent with this Privacy Policy and applicable privacy laws.

2.5 Delete or Access Your Data

We do not collect Personally Identifiable Information automatically. If you have concerns about any data associated with your pseudonymous identifier or information you voluntarily provided via email, you can contact us using the details provided in the "Contact Us" section. We will promptly address any requests related to data handling in compliance with applicable laws.

2.6 Disclosure of Your Data

We may disclose pseudonymous usage data only if:

• We are Legally Required to Do So: Complying with a legal obligation or responding to valid requests by public authorities.

• To Protect the Rights and Safety of the Company: Investigating and preventing wrongdoing connected to the Service, or protecting the safety of Service users or the public.

2.7 Security of Your Data

We are committed to securing your data. We use commercially acceptable means to protect your pseudonymous usage data. However, no method of electronic data transmission or storage is 100% secure, and we cannot guarantee absolute security. We continually implement and update physical, technical, and organizational security measures to protect your data from unauthorized access and to maintain data accuracy.

3. Service Providers

3.1 General

We employ third-party companies and individuals (Service Providers) to operate and maintain the Service on Our behalf, to perform service-related tasks, or to assist us in analyzing how the Service is used. These Service Providers have access only to data necessary to perform these tasks and are obligated not to use it for any other purpose.

3.2 Analytics

We use third-party Service Providers to monitor and analyze the use of our Service:

Amplitude:

• Purpose: Analyze user engagement by tracking user events within the Service to help us understand user behavior and improve user experience.

• Data: Configured to collect data using pseudonymous user identifiers that persist across sessions. With COPPA controls enabled, Amplitude’s data collection adjusts to safeguard children's privacy (under 13) and does not track any device identifiers (e.g. I.P Address, IDFA or IDFV values).

• Privacy Policy: More details can be found in Amplitude’s Privacy Policy.

Mixpanel:

• Purpose: Tracks user events, interactions, and usage patterns within the Service to help us improve the user experience.

• Data: Configured to collect data while operating in anonymous mode, collecting aggregated data without any identifiers that link back to individual users.

• Privacy Policy: More details can be found in Mixpanel’s Privacy Policy.

3.3 Payments

We may provide paid services within the Service:

Apple Store In-App Payments

• Process: When you make an in-app purchase through Apple’s payment processing system, financial and billing information is handled directly by Apple. We do not store or process this payment information.

• Privacy Policy: Payment details are subject to Apple’s Privacy Policy.

4. GDPR Privacy (For European Economic Area Users)

4.1 Data Protection Rights

If You are located in the European Economic Area (EEA) and data protection laws like the GDPR apply, You have certain rights:

• Access and Correction: Request access to and correction of any personal data we hold that may identify you.

• Objection to Processing: Object to our processing of your personal data under certain circumstances.

• Data Portability: Request a copy of your personal data in a structured, machine-readable format.

• Withdraw Consent: Withdraw your consent at any time if processing is based on consent.

Even though we cannot directly identify you through the pseudonymous data, we are committed to respecting your rights under GDPR. If you believe that any of the data we process can be considered personal data, please contact us to exercise your rights.

4.2 Legal Basis for Processing Data

We rely on the following legal bases for processing data under GDPR:

• Legitimate Interests: For analyzing usage data to improve performance, user experience, and the functionality of our Service.

• Legal Obligations: If required to comply with applicable laws or in response to lawful requests from public authorities.

We do not process special categories of personal data, nor do we profile users in a way that produces legal effects concerning them.

5. CCPA/CPRA Privacy Notice (For California Residents)

5.1 Categories of Information Collected

In the past 12 months, we have collected the following categories of information from California residents:

• Identifiers and Usage Data: Unique pseudonymous user identifiers that persist across sessions, user engagement data, and technical information about the device used.

• Commercial Information: If paid services are used, we may have records related to your purchase history or subscription details through Apple In-App Payments.

We do not collect personal information that can directly identify individuals, nor do we collect sensitive information or sell personal data under the CCPA definitions.

5.2 Rights Under CCPA/CPRA

If You are a resident of California, You have the following rights:

• Right to Know: What personal information is collected, used, disclosed, or sold.

• Right to Delete: Request the deletion of certain personal information collected from you.

• Right to Opt-Out: Direct a business not to sell your personal information.

• Right to Non-Discrimination: Not to be discriminated against for exercising your rights under these acts.

While the data we collect may not directly identify you, we respect and uphold the privacy rights of California residents under the CCPA/CPRA. If you have any concerns or requests regarding your personal information, please contact us.

5.3 How to Exercise These Rights

To exercise any of these rights or for further inquiries:

• Contact Us: Email us at privacy@syn-fx.com or visit our website’s privacy page as listed in the "Contact Us" section.

We will respond promptly and in accordance with applicable laws.

6. COPPA Compliance (Children’s Privacy)

Our Service is intended for users aged 12 and older. We comply with the Children's Online Privacy Protection Act (COPPA) to safeguard children's privacy for users under 13:

• Data Collection: We have enabled COPPA controls in our analytics services (like Amplitude) to ensure they do not collect personal information from children under 13.

• Parental Consent: If a parent or guardian becomes aware that their child under 13 has provided us with personal data, they should contact us at privacy@syn-fx.com. We will promptly delete such information from our systems.

7. CalOPPA Compliance (California Online Privacy Protection Act)

7.1 What is CalOPPA?

CalOPPA is a California state law that requires commercial websites and online services to post a privacy policy. The policy must state:

• The categories of personally identifiable information that the website collects.

• How the website responds to "Do Not Track" signals.

• How users can review and make changes to their personal information.

7.2 Do Not Track Signals

Our Service does not currently respond to Do Not Track (DNT) signals. DNT is a privacy preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting your web browser's settings or preferences.

7.3 Changes to Personal Information

If you have provided personal information through support contact, you may review or make changes to this information by emailing us at privacy@syn-fx.com. We will respond to requests to update or delete such personal data as required by CalOPPA within a reasonable timeframe.

7.4 Effective Dates and Updates

This Privacy Policy:

• Can change over time, and we will update the "Last updated" date and provide you with a new version if significant changes occur.

• Is posted on our Service and accessible via a conspicuous link.

8. Links to Other Websites and Social Media

Our Service may contain links to external websites or social media platforms (e.g., Instagram) not operated by us:

• Disclaimer: We are not responsible for the content, privacy policies, or practices of third-party websites or services.

• Recommendation: We strongly advise reviewing the Privacy Policy of every third-party site or service you visit.

9. Changes to this Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Any changes will be posted on this page, and the "Last updated" date at the top will be updated accordingly. We will also notify you of any significant changes via email or a prominent notice on the Service.

We recommend that you review this Privacy Policy periodically to stay informed about how we handle your data.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data collection practices, please contact us:

• By email: privacy@syn-fx.com

• By visiting this page on our website: https://www.syn-fx.com/app-privacy

We will respond to your inquiries promptly and address your concerns with the utmost care.