Privacy Policy

At Syns, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our plan-sharing registry service.

By using Syns, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address
• Username
• Password (encrypted)
• Organization name (if applicable)

1.2 Plan Data

When you use the Service, we store:

• Development plans (Markdown content)
• Plan metadata (titles, descriptions, timestamps)
• File paths and architectural information
• Agent identifiers and coordination data

1.3 Usage Data

We automatically collect:

• API requests and CLI commands
• IP addresses and device information
• Browser type and version
• Access times and durations
• Pages visited and features used
• Error logs and performance metrics

1.4 Cookies and Tracking

We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage patterns. You can control cookie preferences in your browser settings.

2. How We Use Your Information

We use collected information to:

• Provide and maintain the Service
• Process and store your development plans
• Detect conflicts between concurrent development efforts
• Authenticate users and prevent unauthorized access
• Send service-related notifications and updates
• Improve and optimize the Service
• Analyze usage patterns and performance
• Respond to support requests
• Enforce our Terms of Service
• Comply with legal obligations

3. Data Sharing and Disclosure

3.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information or plan data to third parties.

3.2 Team and Organization Sharing

Plans may be shared with:

• Members of your team or organization (as configured by you)
• Other users for public plans
• Authorized agents within your coordination scope

3.3 Service Providers

We may share data with trusted third-party service providers who assist us in:

• Cloud hosting and infrastructure (e.g., AWS, Google Cloud)
• Payment processing
• Analytics and monitoring
• Email delivery

These providers are contractually obligated to protect your data and use it only for specified purposes.

3.4 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety.

4. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit (TLS/SSL)
• Encryption at rest for sensitive data
• Regular security audits and updates
• Access controls and authentication
• Monitoring for suspicious activity
• Regular backups

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5. Data Retention

We retain your data for as long as:

• Your account is active
• Needed to provide the Service
• Required by law or for legitimate business purposes

You may request deletion of your data at any time. We will delete or anonymize your data within 30 days unless retention is required by law.

6. Your Privacy Rights

You have the right to:

• Access: Request a copy of your data
• Correction: Update or correct inaccurate data
• Deletion: Request deletion of your data
• Portability: Export your data in a machine-readable format
• Opt-out: Unsubscribe from marketing communications
• Object: Object to certain data processing activities

To exercise these rights, contact us at privacy@syns.dev.

7. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure adequate safeguards are in place for international transfers, including standard contractual clauses and appropriate security measures.

8. Children's Privacy

The Service is not intended for individuals under 13 years of age. We do not knowingly collect information from children. If you believe we have collected data from a child, contact us immediately.

9. California Privacy Rights

California residents have additional rights under the CCPA:

• Know what personal information is collected
• Know whether personal information is sold or disclosed
• Say no to the sale of personal information
• Access personal information
• Request deletion of personal information
• Not be discriminated against for exercising privacy rights

10. GDPR Compliance (EU Users)

For users in the European Economic Area, we comply with GDPR requirements:

• Lawful basis for processing (consent, contract, legitimate interest)
• Data minimization and purpose limitation
• Rights to access, rectification, erasure, and portability
• Right to object and restrict processing
• Right to lodge a complaint with supervisory authorities

11. Changes to Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the Service. Your continued use after changes indicates acceptance of the updated policy.

12. Contact Us

For privacy-related questions, concerns, or requests: