📜 Synq Privacy Policy

Last Updated: September 29, 2025

This Privacy Policy explains how Synq ("we," "our," or "us") collects, uses, and protects your personal information when you use our mobile application and related services (the "Services").

By creating an account or using Synq, you agree to this Policy.

1. Information We Collect

We only collect information necessary to operate Synq safely and effectively:

• Account Data: Name, email, password, profile photo, and optional details (age, interests, tags).
• Authentication Data: If you sign up with Google or Apple, we receive only identifiers required for authentication (name, email, token). We do not access your contacts.
• Profile & Content: Information you share in your profile, events you create or join, chats, polls, and Moments.
• Location Data (optional): If enabled, used only to suggest nearby events and users. We do not continuously track your movements.
• Device & Usage Data: Device type, OS, IP address, crash logs, app version, and activity data (e.g., events joined, features used).
• Verification Data (optional): If you choose to verify your profile with photo/face matching, images are processed only to confirm your identity and deleted immediately after verification.

We do not collect biometric templates, health data, or contact book data.

2. How We Use Your Information

We use your data only for these purposes:

• Core Services (Contractual necessity): Account creation, profile management, event participation, chats, Moments, polls, and processing payments.
• Safety & Enforcement (Legitimate interest / Legal obligation): Detect and prevent fraud, spam, harassment, or Terms violations. May include account suspension.
• Personalization (Consent): Suggest events or connections based on your profile and location. You may disable this at any time.
• Communications:
  • Service/security updates (necessary for your account).
  • Marketing messages (only if you explicitly opt in, as required by CASL/GDPR).
• Verification (Consent): Optional identity verification using face/photo data, deleted after verification.
• Legal Compliance (Legal obligation): Keep records for tax/accounting, respond to lawful requests.

We do not sell your personal data, use it for targeted advertising, or allow unrelated third-party use.

3. How We Share Your Information

We share information only when necessary:

• With other users: Your profile information (name, photo, age, interests, tags, availability) is visible in events, chats, and Moments. Contact details and payment info are never shared.
• With service providers: Hosting, analytics, moderation/safety, verification, and payments (processed by Apple and Google). These providers are contractually bound to use your data only for Synq purposes.
• With law enforcement/regulators: Only when legally required by a valid court order, subpoena, or to prevent imminent harm.
• In case of reports/violations: If you are reported, we may inform the reporting user whether action was taken.
• Business transfers: If Synq is sold, merged, or acquired, your information may transfer with the business, subject to this Policy.
• International transfers: If data is moved outside Canada, we use safeguards such as Standard Contractual Clauses (SCCs) to ensure equivalent protection.

We never share your data with advertisers or for independent third-party marketing.

4. Data Retention

We keep your information only as long as required:

• Account data: Deleted on account closure, with a 90-day grace period for recovery.
• Chats, events, Moments: Deleted or anonymized within 30 days of account closure. Content shared by others about you remains in their accounts.
• Verification data: Deleted immediately after identity check.
• Payments: Basic transaction records (e.g., receipts from Apple/Google) may be retained up to 7 years as required by tax and accounting laws.
• Fraud/safety bans: Limited identifiers (e.g., email, device ID) may be kept up to 3 years to prevent re-registration.
• Legal holds: Retained as long as necessary to comply with legal obligations or resolve disputes.
• Backups: Removed on a rolling basis within 6 months.

After these periods, data is deleted or anonymized so it cannot be linked back to you.

5. Your Rights

We respect user rights globally, including under GDPR and PIPEDA:

• Access: Request a copy of your data.
• Correction: Update inaccurate information.
• Deletion: Close your account and request erasure.
• Portability: Receive your data in CSV or JSON format.
• Restriction & Objection: Limit or stop certain uses (e.g., profiling, marketing).
• Consent withdrawal: Withdraw consent for location, marketing, or verification at any time.
• Opt-out of marketing (CASL): Use settings or unsubscribe links in messages.
• Complaints: Contact us; EU users may also contact their Data Protection Authority; Canadian users may contact the Office of the Privacy Commissioner.

We verify identity before fulfilling requests. We respond within 30 days unless law requires more time.

6. Security

We use industry-standard measures to protect your data, including:

• Encryption in transit (TLS) and at rest.
• Access controls and monitoring.
• Payments handled directly by Apple/Google.
• Regular audits and vulnerability testing.

No system is 100% secure. You are responsible for keeping your login credentials safe.

7. Children's Privacy

Synq is for users 18 and older. We do not knowingly collect data from minors. If such data is discovered, it will be deleted.

8. International Transfers

Your data may be processed outside your country. When transferred internationally, we use safeguards such as Standard Contractual Clauses (SCCs) or other lawful mechanisms.

9. Policy Changes

We may update this Privacy Policy. If changes are material, we will notify you in-app or by email before they take effect. Continued use after notice means acceptance.

10. Contact Us

Synq Privacy Team
📧 Email: synq.app.contact@gmail.com
📍 Location: Montreal, Canada