Synapser Holdings Privacy Policy
Version Date:
August
2024
At Synapser, we set out to create a suite of products that not only lays the foundation for a SelfSovereign Identity-based ecosystem but also prioritises your data security and trust. Our vision goes beyond creating an empowered digital landscape; it ensures your data remains yours and protected. With our suite, you can enhance your data security while actively contributing to digital inclusion efforts, creating a secure and empowering environment for your business. We firmly believe that your digital identity should be in your hands, secure and trusted, as we bridge the digital divide and foster a more inclusive digital landscape. In addition, Synapser partners with providers of a blockchain-based Services that allows its users to consent to the use of their information for various purposes, including targeted advertising and recruiting (the “Services”).
This Privacy Policy (“Privacy Policy”) describes the types of information, including Personal Data, that Synapser (“we,” “our,” “us”) gathers from You when You use our Services, as well as Your choices regarding use and disclosure of Your Personal Data.
As used in this Privacy Policy, the term “Personal Data” means information that identifies You directly or indirectly, by reference to identifier(s) such as Your name. Personal Data includes the types of personal information encompassed by applicable law.
By accessing our Services, You agree to be bound by this Privacy Policy. If You do not agree to the terms of this Privacy Policy, please do not use our Services. Each time You use our Services, the current version of the Privacy Policy will apply. Accordingly, whenever You use our Services, You should check the date of this Privacy Policy (which appears at the top) and review any changes since the last version. This Privacy Policy is applicable to all Services visitors, registered users, and all other users of our Services.
Further, You acknowledge that this Privacy Policy is part of our Terms of Services located in the Settings menu of the mobile application, which is incorporated by reference, and by accessing or using our Services, You agree to be bound by the Terms of Services. If You do not agree to our Terms of Services, do not access or use our Services.
If You have any questions about our privacy practices, please refer to the end of this Privacy Policy for information on how to contact us.
When You use our Services, Synapser
collects information (i) that You knowingly and voluntarily provide when You use our
(ii) that we are able to collect through Your mobile device including its settings, cookies, and other similar technologies. The following sections and the matrix set forth in Appendix A provide a summary of the types of data generated by the application through your use of the services, Your use of the Services and how that data will be stored and used.
Synapser collects the information that You knowingly and willingly provide when You use our Services, including account setup information, profile details, and payment information. We primarily use this information to provide our Services to You. You can choose not to provide us with certain Personal Data, but then You may not be able to take advantage of our Services or other available features we offer. The information that we collect, and use may include the following kinds of Personal Data:
First and Last Name
Email Address
Credit and/or Debit Card Information
Bank Checking and/or Savings account information
Postal Address
Mobile Telephone Number
Login name, screen name, nick name, handle or any other identifier that permits the physical or online contacting of a specific individual
Date of Birth
Driver’s License Number
Passport Number
Protected Health Information (PHI) or other personal health information that You choose to provide in connection with certain health or data Services provided by the Services or third parties
Resume
Employment Information
Information collected from the user’s social media sites provided the user has given permission to Synapser to access these sites
Information collected from surveys completed by the user within the application. Surveys can be created by Synapser or by any 3rd party with access to the BizBase portal
Location information
Health Information. We may provide opportunities for You to store health information in partnership with a third-party Services. Synapser will not directly store Your health information and may access and use only anonymized versions of Your health information.
Synapser collects information that is sent to us automatically by Your mobile device. Synapser may use this information to generate aggregate statistics about users to our Services. This information typically includes details about Your:
Mobile Device
Operating System
Local Time Zone
Date and Time of Each User Visit
Date and time of access to each application page
Synapser may use non-Personal Data for various business purposes such as providing customer Services, fraud prevention, market research, and improving our Services. The information we receive depends on the settings on Your mobile device. Please check Your device if You want to learn what information You transmit or how to change Your settings.
Aggregate Information. We may aggregate and/or anonymize and/or pseudonymize all information that we collect from You, including Personal Data. This may be done for the purpose of market research and improving our Services.
We do not obtain information about You through the use of "cookies" on Your devices. We will notify You in the future prior to installing and using cookies for data collection purposes.
We will only process Your Personal Data, including sharing it with third parties, where
(1) You have provided Your consent,
(2) the processing is necessary to provide You with the Services,
(3) we are required by law, or
(4) processing is required to protect Your vital interests or those of another person.
We may use Personal Data we collect about You on its own or combine it with other information we have about You to:
FOR INDIVIDUALS WITHIN THE EUROPEAN UNION. With Your consent, we may automatically process Your Personal Data for our Services. Under the European General Data Protection Regulation 2016/679 (“GDPR”), You have certain rights when Your data is processed by automated means. Please see Section K (Your Rights) for information about how to exercise Your rights.
We may also disclose Your Personal Data as otherwise set forth in this Privacy Policy, as permitted by law, or with Your consent.
We will only transfer Your Personal Data to trusted third parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures. Such transfer will occur only after being explicitly requested or approved by You.
Where third parties are processing Personal Data on our behalf, they will be required to agree, by contractual means or otherwise, to process the Personal Data in accordance with the applicable law. This contract will stipulate, amongst other things, that the third party and its representative shall act only on our instructions, or as permitted by law. Synapser may disclose Your Personal Data to the following:
Third Parties You Consent. We will share access to Your Personal Data to third parties to whom You expressly consent to share Your Personal Data.
Agents and Authorized Services Providers. We employ other companies and individuals to perform functions on our behalf. Examples of such functions include performing identify verifications, banking related functions and assessments, providing technical support, providing marketing assistance, processing credit card payments, and providing customer Service. We share our users’ Personal Data with these agents as we deem necessary for such third parties to perform their functions, only after receiving Your approval.
Employees. Only authorized employees have access to Your Personal Data and only during the initial identity verification process.
Affiliates and Subsidiaries. Synapser may share Personal Data with our corporate subsidiaries and affiliates for uses consistent with this Privacy Policy.
To Comply with Legal Process, Protect
Synapser, or Enforce our Rights. We may release Your
Personal Data when it is necessary to (i) conform to legal
requirements or comply with legal process;
(ii) enforce or apply our conditions of use and other agreements
(iii) protect the rights, safety or property of Synapser, our affiliates, Service providers, our users or the public, or
(iv) prevent a crime or protect national security (including exchanging information with other companies and organizations for fraud protection and credit risk reduction).
We will not sell access to Your information (including Personal Data) unless You expressly consent to the sale.
Our Services is not directed to children under the age of 18, if You are not 18 years or older, do not use our Services. We do not knowingly collect Personal Data from children under the age of 13. If we learn that Personal Data of persons less than 13 years-of-age has been collected through our Services, we will take the appropriate steps to delete this information. If You are a parent or guardian and discover that Your child or a minor under the age of 13 has posted, submitted or otherwise communicated Personal Data to our Services without Your consent, then You may alert us using the messaging functionality within the Services so that we may take appropriate action to remove the minor's Personal Data from our systems.
Through our Services You may receive links to third party websites, applications and Services not operated by us. These links are provided as a Services and do not imply any endorsement by Synapser of the activities or content of these sites, applications or Services nor any association with their operators. Synapser is not responsible for the privacy policies or practices of any third party. We encourage You to review the privacy policies of any third party that You access in connection with our Services.
We take reasonable technical and organizational precautions to protect the confidentiality, security and integrity of Your Personal Data. Although we use security measures to help protect Your Personal Data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the Internet. While we strive to use commercially acceptable means to protect Your Personal Data, there is no guarantee that information may not be accessed, disclosed, altered or destroyed.
The Personal Data that You provide to us is our technology partners servers located in the United States and South Africa. If You are located in another jurisdiction, You should be aware that once Your Personal Data is submitted through our Services, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place.
We will retain Your Personal Data in readable form only for the period necessary to fulfill the authentication process whereby Synapser validates Your authenticity using various forms of identity for the purpose of opening an Account.
Our technology partners are headquartered in the United States of America. Your Personal Data may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or Services providers who are located worldwide. If You are visiting our Services from outside the United States, be aware that Your information may be transferred to, stored, and processed in the United States. As a result, Your information may be subject to legal demands from United States law enforcement or government agencies. By using our Services, You consent to any transfer of this information.
We reserve the right to update or modify this Privacy Policy from time to time. If we make any material changes to this Privacy Policy or the way we use, share or collect Personal Data, we will notify You by revising the “Effective Date” at the top of this Privacy Policy, prominently posting an announcement of the changes on our Services prior to the new policy taking effect. Users are bound by any changes to the Privacy Policy when they use our Services after notice of such changes has been communicated. We encourage You to review this Privacy Policy regularly to ensure that You are familiar with Synapser’s current practices.
If during the period of time following submission of Personal Data and prior to successful verification (after which all Personal Data used for verification will be deleted by Synapser) any of the information that we have about You is incorrect, or You wish to have information (including Personal Data) removed from our records, please contact us using the messaging functionality within the Services. We will respond to such inquiries within fifteen (15) business days.
By consenting to this Privacy Policy, You agree to receive messages from us, including messages relating to new features, new functionality, and potential income earning opportunities.
FOR INDIVIDUALS IN THE EUROPEAN UNION. Under GDPR, You have the right to not provide Your authorization for any use of Your Personal Data for marketing purposes. We will always request Your authorization if we intend to use Your Personal Data for such purposes or if we intend to disclose Your information to any third party for such purposes. You can exercise Your right to prevent such processing by withholding Your authorization at any time for any reason. You can also exercise the right by contacting us using the Report an Issue section on our application.
Recognizing that Synapser’s access to and control over Your Personal Data will be very limited by scope and duration (as described elsewhere in this policy), to the extent and for the duration that Synapser has such access, You have the right to:
request access to any Personal Data we hold about You as well as related information, including the recipients or categories of recipients to whom the Personal Data has been shared, if any;
obtain without undue delay the completion of any incomplete Personal Data or the rectification of any inaccurate Personal Data we hold about You;
request Personal Data held about You to be deleted provided the Personal Data is not required by Synapser for compliance with a legal obligation under European or Member State law or for the establishment, exercise or defense of a legal claim;
prevent or restrict processing of Your Personal Data, except to the extent processing is required for the establishment, exercise or defense of legal claims; and
request transfer of Personal Data directly to a third party where this is technically feasible.
Where You believe that Synapser has not complied with its obligations under this Privacy Notice or European law, You have the right to make a complaint to an EU Data Protection Authority.
You can exercise any of these rights by contacting us using the Report an Issue section in the mobile application.
FOR INDIVIDUALS IN CANADA. Under Canadian law, You have the right to opt out of the use of Your Personal Data for marketing or similar purposes that are not necessary for the Services to function. We will always request Your authorization if we intend to use Your Personal Data for such purposes or if we intend to disclose Your information to any third party for such purposes. You can exercise Your right to prevent such processing by withholding Your authorization at any time for any reason. You can also exercise the right by contacting us using the Report an Issue section on our application.
Recognizing that Synapser’s access to and control over Your Personal Data will be very limited by scope and duration (as described elsewhere in this policy), to the extent and for the duration that Synapser has such access, You have the right to:
If You have any questions or concerns about this Privacy Policy or our privacy practices, please contact us using the Report an Issue section in the mobile application.
For the purposes of GDPR, the Data Controller is Synapser Ltd, registered in United Kingdom: 137 Harbord Street, London, United Kingdom, SW6 6PN.
Appendix A
Data Category |
Intended Use |
Access |
Storage Location |
Storage Duration |
Referral Code |
Serves as an anonymous unique identifier for each member |
Synapser and Synapser’s Technology Partners, and a member. A member can see their assigned referral code within the mobile application. The referral code is included as part of the copy of an invitation from one member to another, but a member’s referral code is not generally available to other members to view. |
MySQL database (on Synapser’s Technology Partners Azure cloud production environment) |
Through duration of membership. Once a member’s identity has been verified they will have access to their blockchain secured information. |
Private Key Memory Storage (optional Services) |
For member convenience (Prevents a member from having to enter a private key more than once within any given session. Members can decide if the convenience is worth the increased risk of storing the key in temporary memory.) |
Synapser and Synapser’s Technology Partners |
Memory of the member’s mobile device |
During active session only, if elected by member |
Member Personal Identification Information that can potentially be used individually or in combination with other data to determine the identity of a member |
Verify identity of the member during the onboarding process.
Additionally, members can elect to sell parts or all of this information on a selective basis. For example, a member may provide their name and email address to a potential employer. |
Synapser, member and Synapser’s Technology Partners, and selected 3rd parties outside the Synapser ecosystem if the member has elected to sell access to this information |
Blockchain/IPFS (private distributed blockchain in Azure cloud production environment)
|
Synapser Synapser’s Technology Partners only retains this member information until a member’s TRUST Score exceeds 640.
Members permanently retain on the blockchain only accessible by the mobile application when the member provides their private key.
3rd parties who have purchased this information from a member have permanent access to it on their 3rd party systems to the extent explicitly agreed to by the member. (However, the 3rd party has no way to cross reference this private information to the member’s referral code) |
Member demographic information directly provided by the member that viewed on its own cannot be used to identify a member |
For the benefit of the member (financially and otherwise) |
Member
Synapser - for use with aggregation to identify revenue producing opportunities for the member |
MySQL database (on Synapser’s Azure cloud production environment) |
Through duration of membership |
Public information about a member scraped off social media outlets as requested by a member. A member will have granted Synapser access to these sites by proactively connecting with Synapser. |
For the convenience of the member (i.e., allowing the member to populate information on the Services by pulling in information available on a member’s social media accounts) |
Member
Synapser - for use with aggregation to identify revenue producing opportunities for the member |
MySQL database (on Synapser’s Azure cloud production environment) |
Through duration of membership |
Algorithmically derived or statistically derived information about a member
Synapser may use its AI/ML capabilities to make predictions about members based on information provided by the member. |
For the benefit of the member (financially and otherwise) |
Synapse and/or Synapser’s Technology Partners for use with aggregation to identify revenue producingopportunities for the member |
MySQL database (on Synapser’s Azure cloud prod. env.) |
Through duration of membership |