Privacy Policy

1. Information We Collect

1.1 Information You Provide Directly

Account Registration: Name, email address, phone number, company name, billing information, and credentials (username/password).

Profile & Preferences: Language preferences, time zone, profile photo, and other settings you choose to save.

Communications Content: Any messages, files, or media you send or receive via WhatsApp, SMS/MMS, voice calls, or Collaboration modules.

Support & Feedback: Information you submit when contacting support or providing feedback, including logs, screenshots, and diagnostic data.

1.2 Usage & Technical Data

Device & Browser Information: IP address, device type, operating system, browser type and version.

Service Usage: Pages visited, features accessed, timestamps, session duration, error reports, and performance metrics.

Log Data: Server logs recording system events, API calls, and network diagnostics.

1.3 Cookies & Similar Technologies

Essential Cookies: Required for authentication, session management, and security.

Analytics Cookies: Collect anonymized data to analyze usage patterns (e.g., Google Analytics).

Advertising & Tracking: Only if you opt in, for marketing communications and performance measurement.

2. How We Use Your Information

We process personal information for the following purposes:

Providing & Improving the Service: Authenticate users, deliver messages and calls, power Collaboration features, and enhance user experience.

Billing & Account Management: Process payments, send invoices, and manage subscriptions.

Support & Maintenance: Respond to inquiries, diagnose issues, and perform system updates.

Security & Fraud Prevention: Monitor for suspicious activity, enforce Terms of Service, and safeguard data integrity.

Communications: Send service announcements, marketing emails (where permitted), and in‑Service notifications.

Analytics & Research: Understand usage trends and optimize performance and features.

3. Legal Bases for Processing (EEA Users)

Where applicable under EU law, we rely on the following legal bases to process your information:

Contract Performance: Processing necessary to fulfill our contractual obligations.

Consent: For marketing communications and non‑essential cookies (you may withdraw consent at any time).

Legitimate Interests: For fraud prevention, security, analytics, and service improvement, provided your rights do not override those interests.

Legal Compliance: To comply with court orders, law enforcement requests, or other legal obligations.

4. Disclosure of Information

4.1 Service Providers

We share personal data with third‑party vendors who perform services on our behalf, such as:

Cloud Infrastructure & Hosting: DigitalOcean, Cloudflare, etc.

Telephony & Messaging APIs: Twilio, Telnyx, 3CX, etc.

Analytics & Monitoring: Google Analytics, Sentry, etc.

Payment Processors: Stripe, PayPal, etc.

These providers are contractually bound to use data only to perform services for us and to implement appropriate security measures.

4.2 Legal Requirements

We may disclose information:

To comply with subpoenas, court orders, or other legal processes.

When we believe disclosure is necessary to prevent illegal activities, protect rights, property, or safety.

To law enforcement, government authorities, or other third parties as required or permitted by law.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred to the acquiring entity, provided that entity agrees to uphold this Privacy Policy.

5. Data Retention

We retain personal data only as long as necessary to provide the Service, comply with legal obligations, resolve disputes, enforce our agreements, and pursue legitimate business purposes. When no longer needed, data is securely deleted or anonymized.

6. Data Security

We implement industry‑standard technical and organizational measures to protect personal data, including:

Encryption in transit (TLS) and at rest.

Access controls and multi‑factor authentication for internal systems.

Regular security assessments, vulnerability scanning, and penetration testing.

Data backup and disaster recovery procedures.

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but strive to protect your data.

7. International Data Transfers

Our Service is operated globally. By using the Service, you agree that your data may be transferred to and stored in countries outside your jurisdiction, including the United States. We ensure adequate safeguards (e.g., Standard Contractual Clauses) are in place for international transfers.

8. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access & Portability: Request a copy of your data in a structured format.

Correction: Update or rectify inaccurate or incomplete data.

Deletion ("Right to be Forgotten"): Request deletion of your personal data, subject to legal obligations.

Restrict Processing: Limit how we use your data.

Object to Processing: Object to certain uses, such as direct marketing.

Withdraw Consent: For processing based solely on consent (e.g., marketing emails, cookies).

To exercise these rights, please contact us at privacy@syranaconnect.com. We will respond within applicable legal timeframes.

9. Children's Privacy

Our Service is not directed to individuals under 16. We do not knowingly collect personal data from minors. If you believe we have collected data from a minor, please contact us and we will delete it.

10. Third‑Party Links

The Service may contain links to third‑party websites or services. We are not responsible for their privacy practices. Please review their policies before providing personal information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or in‑Service notice, and update the "Last updated" date. Continued use of the Service after changes indicates acceptance.