Skip to main contentSkip to navigation
Synapstash logoSynapstash

Privacy Policy

Privacy Policy for Synapstash

Effective Date: June 6, 2025
Last Updated: June 6, 2025

Introduction

Synapstash ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our personal knowledge management application and related services (collectively, the "Service").

By using Synapstash, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information We Collect

1.1 Personal Information You Provide

Account Information:

  • Email address (required for account creation)
  • Full name (optional, from Google OAuth or manual entry)
  • Profile picture (optional, from Google OAuth or manual upload)
  • Password (if using email/password authentication)

Content Data:

  • Articles, documents, PDFs, and other content you save to Synapstash
  • URLs and web page content you bookmark or import
  • Text notes and annotations you create
  • Tags and organizational labels you assign
  • Search queries and browsing history within the app

Communications:

  • Messages you send to our support team
  • Feedback and survey responses
  • Comments or reviews you provide

1.2 Information Collected Automatically

Usage Data:

  • Pages visited and features used within the application
  • Time spent using the Service
  • Click patterns and user interactions
  • Session duration and frequency of use
  • Content viewing and search patterns

Technical Information:

  • IP address and geolocation data (city/region level)
  • Device type, operating system, and browser information
  • Screen resolution and device capabilities
  • Referral sources and exit pages
  • Cookies and similar tracking technologies

Performance Data:

  • Error logs and crash reports
  • Application performance metrics
  • Feature usage statistics

1.3 Information from Third-Party Services

Google OAuth Data:

  • Google account email address
  • Public profile information (name, profile picture)
  • Google account unique identifier

AI Processing Data:

  • Content summaries and analysis generated by AI services
  • Embedding vectors for semantic search
  • Content categorization and tagging suggestions

2. How We Use Your Information

2.1 Primary Service Functions

Content Management:

  • Store and organize your saved content
  • Generate AI-powered summaries and insights
  • Enable search and discovery across your content library
  • Provide content recommendations and connections

Account Management:

  • Create and maintain your user account
  • Authenticate your access to the Service
  • Manage your preferences and settings
  • Process subscription payments (if applicable)

Communication:

  • Send important service updates and notifications
  • Provide customer support and respond to inquiries
  • Send weekly digest emails (if enabled)
  • Notify you of new features and improvements

2.2 Service Improvement

Analytics and Research:

  • Analyze usage patterns to improve the Service
  • Conduct research on user behavior and preferences
  • Test new features and functionality
  • Monitor and maintain service performance

Security and Compliance:

  • Detect and prevent fraudulent or unauthorized access
  • Ensure compliance with legal obligations
  • Protect against spam, abuse, and security threats
  • Maintain data integrity and system security

3. Information Sharing and Disclosure

3.1 Third-Party Service Providers

We share limited information with trusted third-party providers who assist us in operating the Service:

Infrastructure and Hosting:

  • Supabase: Database hosting, authentication, and file storage
  • Vercel/Netlify: Web application hosting and content delivery
  • Cloud Storage Providers: Secure file and data storage

AI and Content Processing:

  • OpenAI: Content analysis, summarization, and AI features
  • Anthropic: Alternative AI processing (when available)
  • Vector Database Providers: Semantic search capabilities

Analytics and Monitoring:

  • Privacy-focused analytics providers: Usage statistics and performance monitoring
  • Error tracking services: Application stability and bug reporting

Communication Services:

  • Email service providers: Transactional emails and notifications
  • Customer support platforms: Help desk and user assistance

3.2 Legal Requirements

We may disclose your information when required by law or in good faith belief that such disclosure is necessary to:

  • Comply with legal processes, court orders, or government requests
  • Protect our rights, property, or safety, or that of our users
  • Investigate potential violations of our Terms of Service
  • Respond to claims of illegal activity or infringement

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change in ownership or control of your personal information.

3.4 Consent-Based Sharing

We may share your information with your explicit consent for specific purposes not covered in this policy.

4. Data Storage and Security

4.1 Data Storage

Location: Your data is primarily stored in secure data centers located in the United States and European Union, with redundant backups for reliability.

Retention: We retain your personal information for as long as your account is active or as needed to provide the Service. Content data is retained until you delete it or close your account.

4.2 Security Measures

Technical Safeguards:

  • End-to-end encryption for data transmission
  • Encryption at rest for stored data
  • Secure authentication protocols (OAuth 2.0, JWT)
  • Regular security audits and vulnerability assessments

Administrative Safeguards:

  • Limited access to personal information on a need-to-know basis
  • Employee training on data protection and privacy
  • Incident response procedures for security breaches
  • Regular backup and disaster recovery procedures

Physical Safeguards:

  • Secure data center facilities with restricted access
  • Environmental controls and monitoring
  • Redundant power and network infrastructure

5. Your Rights and Choices

5.1 Access and Control

Account Management:

  • View and update your profile information
  • Change your email address and password
  • Manage notification preferences
  • Download your data in portable formats

Content Control:

  • Edit, delete, or export your saved content
  • Manage tags and organizational structures
  • Control sharing and privacy settings
  • Bulk operations for content management

5.2 Data Protection Rights (GDPR)

If you are located in the European Economic Area, you have the following rights:

Right of Access: Request copies of your personal data Right to Rectification: Request correction of inaccurate information Right to Erasure: Request deletion of your personal data Right to Restrict Processing: Limit how we process your data Right to Data Portability: Receive your data in a structured, machine-readable format Right to Object: Object to processing based on legitimate interests Right to Withdraw Consent: Withdraw consent for consent-based processing

5.3 California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it's used
  • Request deletion of your personal information
  • Opt-out of the sale of personal information (we do not sell personal information)
  • Non-discrimination for exercising your privacy rights

5.4 Exercising Your Rights

To exercise any of these rights, contact us at:

  • Email: privacy@synapstash.com
  • In-App: Use the "Data & Privacy" section in your account settings
  • Response Time: We will respond to your request within 30 days

6. Cookies and Tracking Technologies

6.1 Types of Cookies Used

Essential Cookies:

  • Authentication and session management
  • Security and fraud prevention
  • Basic application functionality

Functional Cookies:

  • User preferences and settings
  • Language and accessibility options
  • Remember me functionality

Performance Cookies:

  • Usage analytics (anonymized)
  • Error tracking and diagnostics
  • Service performance monitoring

Marketing Cookies (if applicable):

  • Ad personalization (with consent)
  • Campaign effectiveness tracking
  • Third-party advertising network integration

6.2 Managing Cookies

You can manage your cookie preferences through:

  • Browser settings (disable or delete cookies)
  • Our cookie consent banner/tool
  • Opt-out links for third-party analytics

Disabling essential cookies may affect Service functionality.

7. Children's Privacy

Synapstash is not intended for use by children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States. We ensure appropriate safeguards are in place for such transfers, such as Standard Contractual Clauses (SCCs) for EU data.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and, if applicable, through email or in-app notifications. Your continued use of the Service after changes constitutes acceptance.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Thank you for trusting Synapstash with your personal knowledge.