This Privacy Policy describes how SYNAPZ AI Ltd ("SYNAPZ Group", "we", "us", or "our"), Company No. 16841481, incorporated in England and Wales, collects and processes personal data in connection with the website synapzgroup.net and any associated applications and services (collectively, the "Services").
We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
The data controller for the Services is:
SYNAPZ AI Ltd
Company No. 16841481
Registered in England & Wales
Email: dev@synapzgroup.net
2. What Data We Collect
2.1 Data you provide directly
- Contact details (name, email address, company name) when you complete our contact form or email us directly.
- Enquiry content and any information you voluntarily include in correspondence.
2.2 Data collected automatically
- Standard server log data: IP address, browser type, operating system, referring URL, pages visited, and timestamps.
- Device and connection information for security and performance purposes.
2.3 Data we do not collect
We do not use tracking cookies for advertising, run behavioural analytics, or sell personal data to third parties. This website does not serve advertisements.
3. How We Use Your Data
We process personal data only for the following lawful purposes:
- Responding to enquiries — to reply to contact form submissions and direct emails (legitimate interest / contractual necessity).
- Security and fraud prevention — to monitor for misuse and protect our infrastructure (legitimate interest).
- Legal compliance — to comply with applicable laws and regulations.
4. Legal Basis for Processing
Under UK GDPR, we rely on the following legal bases:
- Article 6(1)(b) — Processing necessary for performance of a contract or to take steps at your request before entering into a contract.
- Article 6(1)(f) — Legitimate interests, specifically responding to business enquiries and maintaining site security.
- Article 6(1)(c) — Compliance with a legal obligation.
5. Data Sharing
We do not sell, rent, or trade personal data. We may share data with:
- Hosting providers — infrastructure providers (e.g. Cloudflare, Netlify, or DigitalOcean) who process data on our behalf under data processing agreements.
- Legal authorities — if required by law, court order, or to protect our legal rights.
All third-party processors are contractually required to handle data in accordance with applicable data protection law.
6. Data Retention
We retain personal data only for as long as necessary for the purpose for which it was collected:
- Contact enquiry data: up to 24 months from last contact, unless an ongoing relationship exists.
- Server logs: up to 90 days, unless required for an ongoing security investigation.
7. Your Rights
Under UK GDPR you have the following rights, exercisable free of charge:
- Right of access — to request a copy of the personal data we hold about you.
- Right to rectification — to request correction of inaccurate data.
- Right to erasure — to request deletion of your data ("right to be forgotten"), subject to legal retention obligations.
- Right to restriction — to request we restrict processing of your data in certain circumstances.
- Right to data portability — to receive your data in a structured, machine-readable format.
- Right to object — to object to processing based on legitimate interests.
To exercise any of these rights, contact us at dev@synapzgroup.net. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
8. Cookies
This website uses only essential technical cookies required for basic site operation (e.g. security tokens). We do not use advertising cookies, third-party tracking pixels, or analytics cookies that identify you personally. No cookie consent banner is required for strictly necessary cookies under UK PECR.
9. Children's Privacy
Our Services are not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it promptly.
10. International Transfers
Where data is processed outside the UK or EEA (for example, by infrastructure providers with global data centres), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO.
11. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. Our infrastructure follows a least-privilege model with audit logging enabled for all administrative actions.
12. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the date of the most recent revision. Continued use of the Services following any changes constitutes acceptance of the revised policy.
13. Contact
For any privacy-related queries or to exercise your rights:
Email: dev@synapzgroup.net
General: dev@synapzgroup.net
Website: synapzgroup.net/contact