At Syncovate LLC, we are committed to safeguarding your privacy. Where applicable, this policy is governed by the EU General Data Protection Regulation (GDPR). We process personal data to provide and improve our Snapshot and Diagnostic tools, deliver services to you, maintain and secure our systems, and meet our legal obligations. For details on how long we retain information, see the Data Retention section below, and for information about exercising your rights under the GDPR — including access, rectification, erasure, restriction, and data portability — see the Users' Rights section. For California residents, see the CCPA Rights section.
We collect the following categories of personal information to provide and improve our services:
We process personal information on lawful bases including consent, performance of a contract, compliance with legal obligations, and our legitimate interests (such as improving services and ensuring security). For information on how long we retain each category of information, please see the Data Retention section below.
We process your information for the following purposes.
Retention periods for each processing purpose are described in the Data Retention section of this privacy notice.
We do not sell your personal information. We may share personal data with specific categories of recipients including service providers (for example, hosting, secure data storage, email delivery, and payment processors), analytics and advertising providers, affiliates, and legal or regulatory authorities when required to comply with law.
The legal bases for sharing personal data include performance of a contract with you, compliance with legal obligations, our legitimate interests (such as fraud prevention, ensuring security, and improving services), and where applicable, your consent. We require that any third parties accessing personal data do so only on a lawful basis consistent with these purposes.
When we engage processors (service providers) to handle personal data on our behalf, we put in place written data processing agreements that require confidentiality, appropriate security measures, and restrictions on use. Any transfer to other recipients is governed by contractual or legal safeguards.
Retention of any data that we share follows the Data Retention section of this policy and applicable safeguards — for example, access controls, encryption, and anonymization where appropriate — and we retain shared data only as long as necessary for the purposes described or as required by law.
Technology platforms (Taft Systems — website/CRM; ScoreApp — assessments; Google Workspace — communications) and service providers (Stripe — payment processors; Google Analytics — analytics) assist us as contracted processors. These providers are contractually obligated to protect your data and use it only for the purposes we specify.
We implement a comprehensive set of technical and organizational measures to protect your information. These measures include strong encryption in transit (TLS) and at rest, firewalls and network segmentation, intrusion detection and prevention, regular vulnerability scanning and patch management, secure monitored servers, and strict access controls.
Organizationally, we enforce role‑based access control, multi‑factor authentication for administrative accounts, least‑privilege principles, regular staff training on data protection, documented security policies, and independent audits. Access to personal data is limited to authorized personnel and is subject to logging, monitoring, and periodic access reviews. We retain data as described in the Data Retention section and securely delete or irreversibly anonymize data when it is no longer required.
We respect your rights under applicable privacy laws such as GDPR and CCPA.
If you are a California resident, you have specific rights under the CCPA including access, deletion, and opt-out rights.
We retain personal information only as long as necessary to fulfill the purposes described, such as providing our services, complying with legal obligations, resolving disputes, and enforcing our agreements. Retention periods vary by data type and legal requirements; when information is no longer needed, we securely delete or anonymize it.
We use cookies and similar technologies to improve site functionality and analytics. You can manage cookie preferences through your browser settings or the site cookie controls. Third-party analytics and advertising providers may also place cookies; consult this policy for details.
Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected a child’s information, contact us to request deletion or to provide parental consent information.
Questions or concerns about your privacy may be directed to the contact details below. To submit a request, please email our Data Protection Officer or privacy team with your name, contact information, and a clear description of your question or concern. We will respond as soon as possible.
Email: [email protected]
Phone: (574) 532-3178
If you are not satisfied with our response, you may lodge a complaint with a competent supervisory authority.