Synapser Holdings Privacy Policy
Version Date: August 2024

A. Privacy Statement

At Synapser, we set out to create a suite of products that not only lays the foundation for a SelfSovereign Identity-based ecosystem but also prioritises your data security and trust. Our vision goes beyond creating an empowered digital landscape; it ensures your data remains yours and protected. With our suite, you can enhance your data security while actively contributing to digital inclusion efforts, creating a secure and empowering environment for your business. We firmly believe that your digital identity should be in your hands, secure and trusted, as we bridge the digital divide and foster a more inclusive digital landscape. In addition, Synapser partners with providers of a blockchain-based Services that allows its users to consent to the use of their information for various purposes, including targeted advertising and recruiting (the “Services”).

This Privacy Policy (“Privacy Policy”) describes the types of information, including Personal Data, that Synapser (“we,” “our,” “us”) gathers from You when You use our Services, as well as Your choices regarding use and disclosure of Your Personal Data.

As used in this Privacy Policy, the term “Personal Data” means information that identifies You directly or indirectly, by reference to identifier(s) such as Your name. Personal Data includes the types of personal information encompassed by applicable law.

By accessing our Services, You agree to be bound by this Privacy Policy. If You do not agree to the terms of this Privacy Policy, please do not use our Services. Each time You use our Services, the current version of the Privacy Policy will apply. Accordingly, whenever You use our Services, You should check the date of this Privacy Policy (which appears at the top) and review any changes since the last version. This Privacy Policy is applicable to all Services visitors, registered users, and all other users of our Services.

Further, You acknowledge that this Privacy Policy is part of our Terms of Services located in the Settings menu of the mobile application, which is incorporated by reference, and by accessing or using our Services, You agree to be bound by the Terms of Services. If You do not agree to our Terms of Services, do not access or use our Services.

If You have any questions about our privacy practices, please refer to the end of this Privacy Policy for information on how to contact us.

B. Personal Data Collected by Synapser

When You use our Services, Synapser collects information

(i) that You knowingly and voluntarily provide when You use our Services (such as through forms, profile screens and our validation process) including registration and account setup information, and

(ii) that we are able to collect through Your mobile device including its settings, cookies, and other similar technologies. The following sections and the matrix set forth in Appendix A provide a summary of the types of data generated by the application through your use of the services, Your use of the Services and how that data will be stored and used.

1. Personal Data that You Knowingly and Willingly Provide

Synapser collects the information that You knowingly and willingly provide when You use our Services, including account setup information, profile details, and payment information. We primarily use this information to provide our Services to You. You can choose not to provide us with certain Personal Data, but then You may not be able to take advantage of our Services or other available features we offer. The information that we collect, and use may include the following kinds of Personal Data:

Health Information. We may provide opportunities for You to store health information in partnership with a third-party Services. Synapser will not directly store Your health information and may access and use only anonymized versions of Your health information.

2. Personal Data that we collect from You

Synapser collects information that is sent to us automatically by Your mobile device. Synapser may use this information to generate aggregate statistics about users to our Services. This information typically includes details about Your:

 

Synapser may use non-Personal Data for various business purposes such as providing customer Services, fraud prevention, market research, and improving our Services. The information we receive depends on the settings on Your mobile device. Please check Your device if You want to learn what information You transmit or how to change Your settings.

Aggregate Information. We may aggregate and/or anonymize and/or pseudonymize all information that we collect from You, including Personal Data. This may be done for the purpose of market research and improving our Services.

3. Personal Data Collected by Cookies, Web Beacons and Other Technologies

We do not obtain information about You through the use of "cookies" on Your devices. We will notify You in the future prior to installing and using cookies for data collection purposes.

C. How Is Your Personal Data Used?

We will only process Your Personal Data, including sharing it with third parties, where

(1) You have provided Your consent,

(2) the processing is necessary to provide You with the Services,

(3) we are required by law, or

(4) processing is required to protect Your vital interests or those of another person.

We may use Personal Data we collect about You on its own or combine it with other information we have about You to:

FOR INDIVIDUALS WITHIN THE EUROPEAN UNION. With Your consent, we may automatically process Your Personal Data for our Services. Under the European General Data Protection Regulation 2016/679 (“GDPR”), You have certain rights when Your data is processed by automated means. Please see Section K (Your Rights) for information about how to exercise Your rights.

We may also disclose Your Personal Data as otherwise set forth in this Privacy Policy, as permitted by law, or with Your consent.

D. Who Can Access the Personal Data We Collect?

We will only transfer Your Personal Data to trusted third parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures. Such transfer will occur only after being explicitly requested or approved by You.

Where third parties are processing Personal Data on our behalf, they will be required to agree, by contractual means or otherwise, to process the Personal Data in accordance with the applicable law. This contract will stipulate, amongst other things, that the third party and its representative shall act only on our instructions, or as permitted by law. Synapser may disclose Your Personal Data to the following:

Third Parties You Consent. We will share access to Your Personal Data to third parties to whom You expressly consent to share Your Personal Data.

Agents and Authorized Services Providers. We employ other companies and individuals to perform functions on our behalf. Examples of such functions include performing identify verifications, banking related functions and assessments, providing technical support, providing marketing assistance, processing credit card payments, and providing customer Service. We share our users’ Personal Data with these agents as we deem necessary for such third parties to perform their functions, only after receiving Your approval.

Employees. Only authorized employees have access to Your Personal Data and only during the initial identity verification process.

Affiliates and Subsidiaries. Synapser may share Personal Data with our corporate subsidiaries and affiliates for uses consistent with this Privacy Policy.

To Comply with Legal Process, Protect Synapser, or Enforce our Rights. We may release Your Personal Data when it is necessary to

(i) conform to legal requirements or comply with legal process;

(ii) enforce or apply our conditions of use and other agreements

(iii) protect the rights, safety or property of Synapser, our affiliates, Service providers, our users or the public, or

(iv) prevent a crime or protect national security (including exchanging information with other companies and organizations for fraud protection and credit risk reduction).

E. Selling of Personal Information

We will not sell access to Your information (including Personal Data) unless You expressly consent to the sale.

F. Minors and Children Privacy

Our Services is not directed to children under the age of 18, if You are not 18 years or older, do not use our Services. We do not knowingly collect Personal Data from children under the age of 13. If we learn that Personal Data of persons less than 13 years-of-age has been collected through our Services, we will take the appropriate steps to delete this information. If You are a parent or guardian and discover that Your child or a minor under the age of 13 has posted, submitted or otherwise communicated Personal Data to our Services without Your consent, then You may alert us using the messaging functionality within the Services so that we may take appropriate action to remove the minor's Personal Data from our systems.

G. Links to Third Party Services

Through our Services You may receive links to third party websites, applications and Services not operated by us. These links are provided as a Services and do not imply any endorsement by Synapser of the activities or content of these sites, applications or Services nor any association with their operators. Synapser is not responsible for the privacy policies or practices of any third party. We encourage You to review the privacy policies of any third party that You access in connection with our Services.

H. Security, Storage, & Retention

1. Security

We take reasonable technical and organizational precautions to protect the confidentiality, security and integrity of Your Personal Data. Although we use security measures to help protect Your Personal Data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the Internet. While we strive to use commercially acceptable means to protect Your Personal Data, there is no guarantee that information may not be accessed, disclosed, altered or destroyed.


2. Storage

The Personal Data that You provide to us is our technology partners servers located in the United States and South Africa. If You are located in another jurisdiction, You should be aware that once Your Personal Data is submitted through our Services, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place.

3. Retention

We will retain Your Personal Data in readable form only for the period necessary to fulfill the authentication process whereby Synapser validates Your authenticity using various forms of identity for the purpose of opening an Account.

I. International Users – Consent to Transfer

Our technology partners are headquartered in the United States of America. Your Personal Data may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or Services providers who are located worldwide. If You are visiting our Services from outside the United States, be aware that Your information may be transferred to, stored, and processed in the United States. As a result, Your information may be subject to legal demands from United States law enforcement or government agencies. By using our Services, You consent to any transfer of this information.

J. Changes to this Privacy Policy

We reserve the right to update or modify this Privacy Policy from time to time. If we make any material changes to this Privacy Policy or the way we use, share or collect Personal Data, we will notify You by revising the “Effective Date” at the top of this Privacy Policy, prominently posting an announcement of the changes on our Services prior to the new policy taking effect. Users are bound by any changes to the Privacy Policy when they use our Services after notice of such changes has been communicated. We encourage You to review this Privacy Policy regularly to ensure that You are familiar with Synapser’s current practices.

K. Your Rights

1. Correction & Removal

If during the period of time following submission of Personal Data and prior to successful verification (after which all Personal Data used for verification will be deleted by Synapser) any of the information that we have about You is incorrect, or You wish to have information (including Personal Data) removed from our records, please contact us using the messaging functionality within the Services. We will respond to such inquiries within fifteen (15) business days.

2. Messages

By consenting to this Privacy Policy, You agree to receive messages from us, including messages relating to new features, new functionality, and potential income earning opportunities.


3. Your European Union Rights

FOR INDIVIDUALS IN THE EUROPEAN UNION. Under GDPR, You have the right to not provide Your authorization for any use of Your Personal Data for marketing purposes. We will always request Your authorization if we intend to use Your Personal Data for such purposes or if we intend to disclose Your information to any third party for such purposes. You can exercise Your right to prevent such processing by withholding Your authorization at any time for any reason. You can also exercise the right by contacting us using the Report an Issue section on our application.

Recognizing that Synapser’s access to and control over Your Personal Data will be very limited by scope and duration (as described elsewhere in this policy), to the extent and for the duration that Synapser has such access, You have the right to:

Where You believe that Synapser has not complied with its obligations under this Privacy Notice or European law, You have the right to make a complaint to an EU Data Protection Authority.

You can exercise any of these rights by contacting us using the Report an Issue section in the mobile application.

L. Your Canadian Rights

FOR INDIVIDUALS IN CANADA. Under Canadian law, You have the right to opt out of the use of Your Personal Data for marketing or similar purposes that are not necessary for the Services to function. We will always request Your authorization if we intend to use Your Personal Data for such purposes or if we intend to disclose Your information to any third party for such purposes. You can exercise Your right to prevent such processing by withholding Your authorization at any time for any reason. You can also exercise the right by contacting us using the Report an Issue section on our application.

Recognizing that Synapser’s access to and control over Your Personal Data will be very limited by scope and duration (as described elsewhere in this policy), to the extent and for the duration that Synapser has such access, You have the right to:

M. Privacy Inquiries

If You have any questions or concerns about this Privacy Policy or our privacy practices, please contact us using the Report an Issue section in the mobile application.

 

For the purposes of GDPR, the Data Controller is Synapser Ltd, registered in United Kingdom: 137 Harbord Street, London, United Kingdom, SW6 6PN.

 

Appendix A


Data Category

Intended Use

Access

Storage Location

Storage Duration

Referral Code

Serves as an anonymous unique identifier for each member

Synapser and Synapser’s Technology Partners, and a member. A member can see their assigned referral code within the mobile application. The referral code is included as part of the copy of an invitation from one member to another, but a member’s referral code is not generally available to other members to view.

MySQL database (on Synapser’s Technology Partners Azure cloud production environment)

Through duration of membership. Once a member’s identity has been verified they will have access to their blockchain secured information.

Private Key Memory Storage (optional Services)

For member convenience (Prevents a member from having to enter a private key more than once within any given session. Members can decide if the convenience is worth the increased risk of storing the key in temporary memory.)

Synapser and Synapser’s Technology Partners

Memory of the member’s mobile device

During active session only, if elected by member

Member Personal Identification Information that can potentially be used individually or in combination with other data to determine the identity of a member

Verify identity of the member during the onboarding process.

 

Additionally, members can elect to sell parts or all of this information on a selective basis. For example, a member may provide their name and email address to a potential employer.

Synapser, member and Synapser’s Technology Partners, and selected 3rd parties outside the Synapser ecosystem if the member has elected to sell access to this information

Blockchain/IPFS (private distributed blockchain in Azure cloud production environment)

 

 

 

Synapser Synapser’s Technology Partners only retains this member information until a member’s TRUST Score exceeds 640.

 

Members permanently retain on the blockchain only accessible by the mobile application when the member provides their private key.

 

3rd parties who have purchased this information from a member have permanent access to it on their 3rd party systems to the extent explicitly agreed to by the member. (However, the 3rd party has no way to cross reference this private information to the member’s referral code)

Member demographic information directly provided by the member that viewed on its own cannot be used to identify a member

For the benefit of the member (financially and otherwise)

Member

 

Synapser - for use with aggregation to identify revenue producing opportunities for the member

MySQL database (on Synapser’s Azure cloud production environment)

Through duration of membership

Public information about a member scraped off social media outlets as requested by a member. A member will have granted Synapser access to these sites by proactively connecting with Synapser.

For the convenience of the member (i.e., allowing the member to populate information on the Services by pulling in information available on a member’s social media accounts)

Member

 

Synapser - for use with aggregation to identify revenue producing opportunities for the member

MySQL database (on Synapser’s Azure cloud production environment)

Through duration of membership

Algorithmically derived or statistically derived information about a member

 

Synapser may use its AI/ML capabilities to make predictions about members based on information provided by the member.

For the benefit of the member (financially and otherwise)

Synapse and/or Synapser’s Technology Partners for use with aggregation to identify revenue producingopportunities for the member

MySQL database (on Synapser’s Azure cloud prod. env.)

Through duration of membership

© 2024 Synapser - All Rights Reserved.