Privacy Policy

 

Information We Collect

Transparency about what data we collect and why

Account Information

Purpose: Account creation, authentication, and personalization

• • Email address

• • Full name

• • Profile picture (optional)

• • Password (encrypted)

Usage Data

Purpose: Service improvement and analytics

• • Feature usage patterns

• • Login history

• • Page views

• • Session duration

Project Data

Purpose: Providing core platform functionality

• • Projects, tasks, and contacts you create

• • Templates you use

• • Integration configurations

Communications

Purpose: Customer support and service communications

• • Messages and conversations

• • Support tickets

• • Email preferences

Your Rights Under GDPR

You have full control over your personal data

Right to Access

Request a copy of all personal data we hold about you

→ Download your data from Settings

Right to Rectification

Correct inaccurate or incomplete personal data

→ Update your profile anytime

Right to Erasure

Request deletion of your personal data ('right to be forgotten')

→ Delete account in Settings

Right to Data Portability

Receive your data in a structured, machine-readable format

→ Export available in Settings

Right to Object

Object to processing of your personal data for specific purposes

→ Contact our Data Protection Officer

Right to Restrict Processing

Request limitation of processing under certain circumstances

→ Contact our Data Protection Officer

How We Use Your Data

Core Service Operations

• • Provide, operate, and maintain our platform

• • Process your projects, tasks, and collaboration features

• • Enable communication features (messages, notifications)

• • Manage your account and preferences

Service Improvement

• • Understand how users interact with our platform

• • Develop new features and improve existing ones

• • Analyze usage patterns to optimize performance

• • Conduct research and analytics

Security and Compliance

• • Detect and prevent fraud and abuse

• • Maintain audit logs for security purposes

• • Comply with legal obligations

• • Enforce our Terms of Service

Communications

• • Send service-related notifications

• • Respond to your requests and support inquiries

• • Send marketing communications (with your consent)

• • Provide important updates about our service

Data Retention Periods

We only keep your data as long as necessary

Account Information

Until account deletion + 30 days

Project and Task Data

Until deletion by user or account closure

Usage Analytics

90 days

Audit Logs

90 days for compliance

Support Communications

2 years

Deleted Account Data

30 days (backup retention)

Note: When you delete your account, we begin a 30-day grace period where your data is marked for deletion but can still be recovered if you change your mind. After 30 days, all data is permanently deleted from our systems.

How We Protect Your Data

Encryption

All data in transit uses TLS 1.3. Sensitive data at rest is encrypted with AES-256.

Access Control

Row-level security and multi-layer authentication protect against unauthorized access.

Monitoring

24/7 automated security monitoring with real-time threat detection and alerting.

Audit Logs

Comprehensive logging of all sensitive operations for security and compliance.

View Our Security Measures

Third-Party Services

We work with trusted partners to provide our services

Infrastructure & Hosting

We use enterprise-grade cloud infrastructure to ensure reliability, security, and performance.

Data is hosted in secure, SOC 2 compliant data centers with redundant backups.

Payment Processing

Stripe handles all payment processing. We never store your full credit card information.

Stripe is PCI DSS Level 1 certified, the highest level of security certification.

Analytics

We use privacy-focused analytics to understand how our platform is used and improve the user experience.

We do not sell or share your personal information with advertisers.

Email Services

Transactional emails (password resets, notifications) are sent through secure email service providers.

You can unsubscribe from marketing emails at any time.

Cookies and Tracking

We use cookies and similar technologies to provide and improve our services. Here's what you need to know:

Essential Cookies

Required for authentication and core functionality. Cannot be disabled.

Functional Cookies

Remember your preferences and settings for a better experience.

Analytics Cookies

Help us understand how you use our platform so we can improve it.

You can control cookies through your browser settings, but disabling certain cookies may affect functionality.

International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country, where data protection laws may differ from those in your jurisdiction.

If you are located in the European Economic Area (EEA), we ensure appropriate safeguards are in place when transferring your data internationally, including:

• • Standard Contractual Clauses approved by the European Commission

• • Ensuring third parties are certified under privacy frameworks

• • Implementing appropriate technical and organizational security measures

Children's Privacy

Our service is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children under these ages.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@syrilai.com, and we will delete such information from our systems.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

When we make material changes, we will:

• • Update the "Last Updated" date at the top of this page

• • Notify you via email or through a prominent notice on our platform

• • Give you the opportunity to review changes before they take effect

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.