Privacy, Security & Trust

Privacy Policy

SynapseDx builds governed AI products for regulated industries. Safeguarding personal information is foundational to how we design, operate, and support those products.

Effective date: 20 January 2025

Scope

This policy covers how SynapseDx Ltd. (“SynapseDx”, “we”, “us”) collects, uses, and shares personal information across our websites, demos, proofs of concept, and customer engagements. Separate agreements govern production deployments; those controls build on top of the commitments described here.

Operational Information

Details you share when requesting demos or support, including name, role, company, and communication preferences.

Usage & Diagnostics

Technical telemetry about how our sites and products are used (device, browser, IP address, feature adoption) captured to improve reliability and performance.

Communication Records

Email threads, meeting notes, and support tickets that help us respond to requests and maintain service history.

Regulatory Context

Industry, compliance requirements, and environment details you voluntarily provide so we can configure governed deployments appropriately.

How we use personal information

We only process personal information when there is a legitimate business or legal reason to do so. In practice, that means:

  • Delivering, maintaining, and securing SynapseDx products and services.
  • Responding to demo, partnership, and support requests with relevant materials.
  • Monitoring platform health, detecting abuse, and troubleshooting incidents.
  • Improving product experience through aggregated analytics and customer feedback.
  • Meeting legal, regulatory, and risk management obligations in the jurisdictions we operate.

Legal bases for processing

When required by privacy laws like GDPR or UK GDPR, we rely on the following bases to process information:

  • Performance of a contract when we process information to deliver subscribed services or trials.
  • Legitimate interests such as securing our systems, communicating with prospective customers, and developing new capabilities.
  • Consent when we send marketing communications or rely on optional cookies/tools.
  • Compliance with legal obligations, including responding to lawful requests from regulators or authorities.

Sharing and disclosures

We do not sell personal information. We share it only with:

  • Service providers that support hosting, security monitoring, analytics, or communications under data processing agreements.
  • Professional advisors such as auditors or legal counsel as needed to operate responsibly.
  • Authorities when required to comply with law, defend legal claims, or protect against security threats.

Whenever information leaves its original jurisdiction, we apply contractual and technical safeguards aligned with GDPR, UK GDPR, and applicable sector regulations.

Security, retention, and transfers

  • Security. SynapseDx applies layered technical and organizational controls, including zero-trust network design, encryption in transit and at rest, access reviews, and incident response playbooks validated through tabletop exercises.
  • Retention. We keep personal information only as long as necessary for the purposes described above, accounting for contract duration, statutory requirements, and audit obligations. When data is no longer needed, it is securely deleted or anonymized.
  • International transfers. We host services in regions requested by customers. If data moves to countries without equivalent protections, we rely on approved transfer mechanisms such as Standard Contractual Clauses and apply supplemental safeguards.

Your choices

We honor privacy rights granted by applicable laws. Depending on your location, you can exercise:

  • Access – obtain a copy of the personal information we hold about you.
  • Correction – request updates to inaccurate or incomplete records.
  • Deletion – ask us to erase information where we have no overriding lawful basis to keep it.
  • Restriction – limit how we use your information in specific circumstances.
  • Portability – receive certain information in a structured, commonly used format.
  • Objection – opt out of processing based on legitimate interests or direct marketing at any time.

Submit requests by emailing privacy@synapsedx.co.uk. We will verify your identity and respond within the timelines required by law. You may designate an authorized agent where permitted.

Cookies & analytics

Our websites may use essential cookies to enable core functionality and optional analytics to understand aggregate engagement. Where required, we request consent before setting non-essential cookies. You can adjust browser settings or cookie banners at any time to manage preferences.

Children's privacy

SynapseDx services are designed for business and professional users. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, contact us and we will take appropriate steps to delete it.

Policy updates

We will update this policy when our practices change or to comply with new regulations. Material updates will be communicated on this page and, when relevant, directly to affected customers or partners. Continued use of our services after an update constitutes acceptance of the revised policy.

Contact

If you have questions about this policy, data protection, or would like to exercise your rights, reach out to our privacy team at privacy@synapsedx.co.uk or mail SynapseDx Ltd., 85 Great Portland Street, First Floor, London, W1W 7LT, United Kingdom.

If you are based in the European Union or United Kingdom, you may also raise concerns with your local data protection authority.

Need something else? Visit our Technology or Team pages for more information about SynapseDx.