Privacy Policy

• Privacy Policy
  • 1. Introduction
  • 2. Information We Collect
    • 2.1 Personal Information
    • 2.2 Business Information
    • 2.3 Technical Information
    • 2.4 Cookies and Tracking
  • 3. How We Use Your Information
    • 3.1 Service Provision
    • 3.2 OAuth and API Services
    • 3.3 Business Operations
    • 3.4 Communications
  • 4. Information Sharing and Disclosure
    • 4.1 With Your Consent
    • 4.2 Service Providers
    • 4.3 Business Transfers
    • 4.4 Legal Requirements
    • 4.5 Multi-Tenant Architecture
  • 5. Data Security
    • 5.1 Security Measures
    • 5.2 OAuth and API Security
    • 5.3 Employee Access
  • 6. Data Retention
    • 6.1 Retention Periods
    • 6.2 Data Deletion
  • 7. Your Privacy Rights
    • 7.1 Access and Portability
    • 7.2 Correction and Updates
    • 7.3 Deletion and Restriction
    • 7.4 OAuth Client Management
  • 8. International Data Transfers
  • 9. Children’s Privacy
  • 10. Third-Party Links
  • 11. Changes to This Privacy Policy
  • 12. Contact Information
  • 13. Regulatory Compliance

Privacy Policy

Effective Date: July 22, 2025
Last Updated: July 22, 2025

1. Introduction

SynControl (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our quality control and inspection management platform.

2. Information We Collect

2.1 Personal Information

We collect information you provide directly to us:

• Account Information: Name, email address, phone number, company details
• Profile Information: Job title, role, preferences, profile photo
• Communication Data: Messages, support requests, feedback

2.2 Business Information

For our quality control services:

• Inspection Data: Booking details, inspection reports, quality metrics
• Document Information: Uploaded files, technical specifications, certificates
• Workflow Data: Process steps, approvals, audit trails

2.3 Technical Information

We automatically collect certain technical data:

• Usage Data: Pages visited, features used, time spent on platform
• Device Information: IP address, browser type, operating system
• API Usage: OAuth client information, token usage, API calls

2.4 Cookies and Tracking

We use cookies and similar technologies to:

• Maintain user sessions and authentication
• Improve service performance and user experience
• Analyze usage patterns and service optimization

3. How We Use Your Information

3.1 Service Provision

• Process inspection bookings and scheduling
• Generate quality control reports and analytics
• Facilitate communication between stakeholders
• Provide customer support and technical assistance

3.2 OAuth and API Services

• Authenticate API access and manage OAuth tokens
• Process dynamic client registrations
• Monitor API usage and enforce rate limits
• Ensure security and prevent abuse

3.3 Business Operations

• Improve our services and develop new features
• Conduct research and analytics for service enhancement
• Comply with legal and regulatory requirements
• Protect against fraud and unauthorized access

3.4 Communications

• Send service-related notifications and updates
• Provide technical support and customer service
• Share important platform announcements
• Respond to your inquiries and requests

4. Information Sharing and Disclosure

4.1 With Your Consent

We may share your information when you explicitly consent or direct us to do so.

4.2 Service Providers

We work with trusted third-party service providers who assist with:

• Cloud hosting and infrastructure (AWS, Azure)
• Email delivery and communications
• Analytics and performance monitoring
• Payment processing and billing

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4.4 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes and government requests
• Protect our rights, property, and safety
• Prevent fraud and unauthorized access
• Enforce our Terms of Service

4.5 Multi-Tenant Architecture

Our platform uses multi-tenant architecture with data isolation:

• Each tenant’s data is logically separated
• Cross-tenant access is prevented by design
• Administrative access is strictly controlled

5. Data Security

5.1 Security Measures

We implement comprehensive security measures:

• Encryption: Data in transit and at rest
• Access Controls: Role-based permissions and authentication
• Infrastructure: Secure cloud hosting with monitoring
• OAuth Security: Industry-standard token management

5.2 OAuth and API Security

For OAuth clients and API access:

• Secure client credential management
• Token encryption and secure storage
• Rate limiting and abuse prevention
• Regular security audits and updates

5.3 Employee Access

• Limited access on a need-to-know basis
• Regular security training and awareness
• Background checks for personnel with data access
• Audit logging of administrative activities

6. Data Retention

6.1 Retention Periods

• Account Data: Retained while your account is active
• Inspection Data: Retained according to business requirements and legal obligations
• API Logs: Retained for 12 months for security and troubleshooting
• OAuth Tokens: Retained according to token expiration settings

6.2 Data Deletion

You may request deletion of your personal data, subject to:

• Legal and regulatory retention requirements
• Legitimate business needs (e.g., completed inspections)
• Technical limitations of our systems

7. Your Privacy Rights

7.1 Access and Portability

• Request access to your personal information
• Obtain copies of your data in a structured format
• Download your inspection reports and documents

7.2 Correction and Updates

• Update your account information and preferences
• Correct inaccurate or outdated information
• Modify privacy settings and communications preferences

7.3 Deletion and Restriction

• Request deletion of your personal data
• Restrict processing of your information
• Object to certain types of data processing

7.4 OAuth Client Management

• View and manage your registered OAuth clients
• Revoke client access tokens and permissions
• Update client metadata and configuration

8. International Data Transfers

If you are located outside the country where our servers are hosted, your information may be transferred internationally. We ensure appropriate safeguards are in place for such transfers.

9. Children’s Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13.

10. Third-Party Links

Our service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will:

• Notify you of material changes via email or platform notification
• Post the updated policy on our website
• Indicate the effective date of changes

12. Contact Information

If you have questions about this Privacy Policy or our privacy practices:

Email: privacy@syncontrol.com
Data Protection Officer: dpo@syncontrol.com
Address: [Your Business Address]
Website: https://docs.syncontrol.net/contact/

13. Regulatory Compliance

We comply with applicable privacy regulations including:

• General Data Protection Regulation (GDPR) for EU users
• California Consumer Privacy Act (CCPA) for California residents
• Other applicable local privacy laws

---

This Privacy Policy is part of SynControl’s commitment to data protection and user privacy.