Privacy Policy

Last updated: June 1, 2023

1. Introduction

Sync, Inc. ("Sync," "we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and services (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

We collect several types of information from and about users of our Services:

2.1. Personal Data

Personal Data refers to information that can be used to identify you directly or indirectly. We may collect the following Personal Data:

  • Identity Information: Name, email address, job title, and company.
  • Account Information: Username, password (encrypted), and account preferences.
  • Contact Information: Email address, telephone number, and physical address.
  • Billing Information: Payment method details, billing address, and transaction history.
  • Profile Information: Profile picture, user biography, and social media handles.

2.2. Usage Data

We automatically collect certain information about how you interact with our Services:

  • Log Data: IP address, browser type, operating system, referring web page, pages visited, date/time stamp, and clickstream data.
  • Device Information: Device type, operating system, and browser information.
  • Performance Data: Page load times, crashes, and other usage statistics.
  • Feature Usage: Information about how you use specific features of our Services, such as workflow executions, AI interactions, and voice commands.

2.3. Content Data

We collect and store content that you create, upload, or receive while using our Services, including:

  • Workflow Data: The configuration, structure, and content of workflows you create.
  • Voice Data: Audio recordings and transcripts from voice interactions with our Services.
  • Integration Data: Data from third-party services you connect to Sync, such as Pipedream connections.
  • Communications: Messages, comments, and other communications within our platform.

3. How We Collect Information

3.1. Direct Collection

We collect information directly from you when you:

  • Register for an account or create a profile.
  • Fill out forms or surveys within our Services.
  • Communicate with us via email, chat, or other means.
  • Subscribe to our newsletter or marketing communications.
  • Participate in promotions, contests, or events.
  • Report problems or request support.

3.2. Automated Collection

We use automated technologies to collect information, including:

  • Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies to collect information about your browsing behavior, preferences, and device characteristics. For more information, please see our Cookie Policy.
  • Analytics Tools: We use analytics tools to measure and analyze usage patterns, feature adoption, and performance metrics.
  • Application Data: Our Services automatically record certain information about your actions while using them.

3.3. Third-Party Sources

We may receive information about you from third parties, including:

  • Business partners, such as integration providers and resellers.
  • Authentication services when you sign in using third-party login providers (e.g., Google, GitHub).
  • Publicly available sources, like company websites or professional networking sites.
  • Service providers, including payment processors and customer support tools.

4. How We Use Your Information

We use the information we collect for the following purposes:

4.1. Providing and Improving the Services

  • To create and maintain your account.
  • To deliver the features and functionality you request.
  • To personalize your experience and customize content.
  • To develop new products, services, and features.
  • To analyze and improve the performance and functionality of our Services.
  • To process and complete transactions.

4.2. Communications

  • To communicate with you about your account or our Services.
  • To respond to your inquiries, comments, or questions.
  • To send administrative information, such as updates to our terms or privacy policies.
  • To send marketing communications, newsletters, and promotional materials.
  • To provide support and assistance.

4.3. Research and Analytics

  • To conduct research and analytics to understand how users interact with our Services.
  • To generate anonymous, aggregated statistics about our user base.
  • To evaluate the effectiveness of our marketing campaigns.
  • To improve our AI models and voice recognition capabilities.

4.4. Legal and Security Purposes

  • To enforce our Terms of Service and other legal rights.
  • To protect the security and integrity of our Services.
  • To detect, prevent, and address fraud, abuse, security risks, and technical issues.
  • To comply with applicable laws, regulations, and legal processes.
  • To respond to lawful requests from public authorities.

5. Legal Basis for Processing (for EEA/UK Users)

If you are in the European Economic Area (EEA) or the United Kingdom (UK), we collect and process your Personal Data only when we have a legal basis for doing so under applicable law, including:

  • Contractual Necessity: To perform the contract we have with you, such as our Terms of Service, or to take steps at your request before entering into such a contract.
  • Legitimate Interests: To pursue our legitimate interests, provided that our interests are not overridden by your data protection interests or fundamental rights and freedoms.
  • Consent: When you have given us specific consent to process your data for a specific purpose.
  • Legal Obligation: When we need to comply with a legal obligation.
  • Vital Interests: To protect your vital interests or those of another person.

6. Data Sharing and Disclosure

We may share your information with the following third parties:

6.1. Service Providers

We share information with third-party vendors, consultants, and other service providers who need access to your information to help us provide the Services, including:

  • Cloud hosting and infrastructure providers.
  • Payment processors and billing services.
  • Customer support and communication tools.
  • Analytics and monitoring services.
  • AI and machine learning providers (e.g., for our LLM services).
  • Voice recognition and text-to-speech services (e.g., ElevenLabs).
  • Integration platforms (e.g., Pipedream).

6.2. Integrations and Third-Party Services

When you choose to use third-party integrations or connect our Services to third-party services, we may share information with those third parties. The information shared will be governed by the privacy policies of those third-party services.

6.3. Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your Personal Data.

6.4. Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We may also disclose your information to:

  • Enforce our rights, privacy policy, and other legal agreements.
  • Protect against legal liability.
  • Prevent or investigate possible wrongdoing in connection with the Services.
  • Protect the rights, property, or safety of Sync, our users, or others.

6.5. With Your Consent

We may share your information with third parties when you have given us your consent to do so.

7. International Data Transfers

We are based in the United States and process data globally. If you are accessing our Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers maintain facilities.

If you are in the EEA, UK, or Switzerland, we ensure that such transfers comply with applicable data protection laws, including by implementing appropriate safeguards such as standard contractual clauses approved by the European Commission or other lawful transfer mechanisms.

8. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of your information. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your information, the transmission of information to and from our Services is at your own risk. You should only access the Services within a secure environment.

Our security measures include:

  • Encryption of sensitive data in transit and at rest.
  • Regular security assessments and penetration testing.
  • Access controls and authentication mechanisms.
  • Monitoring for suspicious activities and unauthorized access attempts.
  • Regular security training for our employees.
  • Secure development practices and code reviews.

9. Data Retention

We retain your Personal Data for as long as necessary to fulfill the purposes for which we collected it, including to provide you with the Services, comply with legal obligations, resolve disputes, and enforce our legal agreements.

When determining the retention period, we consider:

  • The amount, nature, and sensitivity of the information.
  • The potential risk of harm from unauthorized use or disclosure.
  • The purposes for which we process the information.
  • Whether we can achieve those purposes through other means.
  • Applicable legal, regulatory, or contractual requirements.

In some circumstances, we may anonymize your Personal Data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

10. Your Data Protection Rights

Depending on your location, you may have certain rights regarding your Personal Data:

10.1. Rights for All Users

  • Access: You can request copies of your Personal Data.
  • Correction: You can request that we correct inaccurate information about you.
  • Deletion: You can request that we delete your Personal Data in certain circumstances.
  • Opt-out of Communications: You can opt out of marketing communications at any time.

10.2. Additional Rights for EEA/UK/California Residents

If you are located in the EEA, UK, California, or other jurisdictions with similar laws, you may have additional rights:

  • Data Portability: You can request a copy of your Personal Data in a structured, commonly used, machine-readable format.
  • Restriction of Processing: You can request that we restrict the processing of your Personal Data under certain circumstances.
  • Objection to Processing: You can object to our processing of your Personal Data based on our legitimate interests.
  • Automated Decision-Making: You can request not to be subject to automated decision-making, including profiling, that has legal or significant effects on you.
  • Withdraw Consent: You can withdraw consent at any time where we rely on consent to process your Personal Data.
  • Do Not Sell: California residents can request that we do not sell their Personal Data.

10.3. How to Exercise Your Rights

To exercise your rights, please contact us at privacy@sync.com. We will respond to your request within the timeframe required by applicable law.

For your protection, we may need to verify your identity before implementing your request. We will not discriminate against you for exercising any of your data protection rights.

11. Children's Privacy

Our Services are not intended for children under the age of 16. We do not knowingly collect Personal Data from children under 16. If you are a parent or guardian and you believe your child has provided us with Personal Data, please contact us at privacy@sync.com, and we will take steps to delete such information.

12. Voice Data Processing

When you use our voice features, we collect and process voice data:

  • Voice Recordings: We collect audio recordings when you use voice commands or interact with our voice assistant features.
  • Transcriptions: We convert voice recordings to text to understand and process your requests.
  • Voice Synthesis: When generating voice responses, we may use voice synthesis technology.

We use voice data to:

  • Process and respond to your voice commands.
  • Improve our voice recognition and processing capabilities.
  • Develop and enhance our voice features.
  • Troubleshoot and fix issues with voice functionality.

We may share voice data with third-party service providers that help us provide voice functionality, such as speech recognition and voice synthesis providers. These providers are bound by contractual obligations to protect your data.

13. Changes to Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For material changes, we will provide additional notice, such as sending an email or displaying a prominent notice within our Services.

We encourage you to review this Privacy Policy periodically to stay informed about our data practices.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Sync, Inc.

Attn: Privacy Officer

1234 Innovation Way

San Francisco, CA 94107

privacy@sync.com

For users in the EEA, UK, or Switzerland, Sync, Inc. is the data controller responsible for your Personal Data. If you are not satisfied with our response, you may have the right to lodge a complaint with a supervisory authority in the country where you reside, work, or where you believe an infringement has occurred.