Privacy Policy

1. Introduction

Synqlink ("we," "our," or "us") is a group and event management mobile application that helps you organize and coordinate activities with friends and family. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our mobile application and services (the "Service").

This policy applies to users in the United Kingdom and complies with the UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018.

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

• Name (required for your profile)
• Email address (for Firebase authentication and account access)
• Phone number (used only for finding contacts who also use Synqlink)

Group and Event Content:

• Group names, descriptions, and settings you create
• Event details, schedules, and information you add
• Your responses to group events (attending, not attending, etc.)

Chat Messages:

• Text content of messages you send in group chats
• Your display name and user ID attached to each message
• Timestamp of each message
• Read receipts: a record of which group members have read each message, visible to all participants in that chat

2.2 Information We Collect Automatically

Technical Data:

• Device information (type, operating system, app version)
• Usage analytics (features used, time spent in app)
• Error logs and crash reports for app improvement
• Firebase Authentication tokens and session data

Contact Access (Optional):

• Device contact list (only with your explicit permission)
• Used solely to help you find friends who already use Synqlink
• We do not store or backup your complete contact list on our servers

2.3 Information We Do NOT Collect

We want to be clear about what we don't collect:

• Precise location data or GPS coordinates
• Payment or financial information
• Social media account data
• Web browsing history
• Audio or video recordings
• Data from other apps on your device

3. How We Use Your Information

3.1 Core App Functionality

• Create and manage your user account
• Enable you to create, join, and manage groups
• Facilitate event planning and coordination within groups
• Send push notifications about group activities (with your permission)
• Help you find contacts who use Synqlink (with contact permission)
• Enable calling and messaging through your device's native apps

3.2 App Improvement and Security

• Analyze app usage to improve features and performance
• Fix bugs and resolve technical issues
• Prevent fraud, abuse, and unauthorized access
• Ensure compliance with our Terms of Service

3.3 Communication

• Send essential service notifications (account verification, security alerts)
• Respond to your support inquiries and feedback
• Notify you of important policy changes

4. Legal Basis for Processing

Under UK GDPR, we process your personal data based on:

• Contract Performance: To provide the Synqlink services you've requested
• Legitimate Interests: To improve our app, ensure security, and provide customer support
• Consent: For optional features like contact access and push notifications
• Legal Obligation: To comply with applicable UK laws and regulations

You can withdraw consent at any time through your device settings or by contacting us.

5. How We Share Your Information

5.1 Within Synqlink Groups

• Your name and profile information are visible to members of groups you join
• Event information you create or respond to is shared with group members

5.2 Service Providers

We share limited data with trusted service providers who help us operate Synqlink:

• Google Firebase/Firestore: For secure data storage and user authentication
• Push notification services: To deliver app notifications
• All service providers are bound by strict confidentiality agreements

5.3 Legal Requirements

We may disclose information when legally required to:

• Comply with valid legal processes (court orders, subpoenas)
• Protect the rights and safety of Synqlink users
• Investigate potential violations of our Terms of Service
• Meet regulatory obligations

5.4 We Do NOT Sell Your Data

Synqlink does not sell, rent, or trade your personal information to third parties for marketing or advertising purposes.

6. Data Security and Firebase Protection

6.1 Firebase Security Infrastructure

Your data is stored using Google Firebase/Firestore services, which provide enterprise-grade security:

Data Isolation: Your information is logically separated from other users' data in Firebase's secure, multi-tenant environment.

Encryption: All data is encrypted both in transit (using HTTPS) and at rest on Google's servers.

Access Controls: Firebase implements strict internal security controls with multi-factor authentication and limited employee access to systems containing personal data.

Compliance Standards: Firebase maintains certifications including ISO 27001, SOC 1, 2, and 3 for security and privacy standards.

6.2 Our Additional Security Measures

• Secure development practices and code reviews
• Data minimization - we only collect what's necessary for app functionality

6.3 Data Retention

• We retain your account information while your account is active
• Group and event data is retained as long as the group exists
• Chat messages are retained for the lifetime of the group and remain accessible to all chat members until the group is deleted
• Technical logs are automatically deleted after 90 days
• When you delete your account, we remove your personal data within 30 days
• Some information may be retained longer for legal or security purposes as required by law

7. Your Privacy Rights

7.1 Universal Rights (All Users)

• Access: Request a copy of the personal information we have about you
• Correction: Update or correct inaccurate information in your account settings
• Deletion: Request deletion of your account and associated data
• Data Portability: Export your data in a machine-readable format

7.2 Additional Rights (UK Users)

• Right to Object: Object to processing based on legitimate interests
• Right to Restrict Processing: Limit how we process your data in certain circumstances
• Right to Withdraw Consent: For consent-based processing (contacts, notifications)
• Right to Lodge Complaints: File complaints with the Information Commissioner's Office (ICO)

7.3 How to Exercise Your Rights

• Contact us at syncit.mobileapp@gmail.com for data requests
• We respond to all valid requests within 30 days as required by UK GDPR

8. Third-Party Services and Integrations

8.1 Firebase Services

Synqlink uses Google Firebase for authentication and data storage. Google's privacy practices are governed by their Privacy Policy at https://policies.google.com/privacy.

8.2 Device Integration

• Contacts: Only accessed with permission to help you find friends on Synqlink
• Phone/Messaging: We facilitate using your device's native calling and messaging apps
• Notifications: Push notifications are sent through your device's notification system
• Third-party links: The app may include buttons or links that open third-party applications. We are not responsible for the privacy practices of those third-party services and their own privacy policies apply from that point

8.3 No Third-Party Analytics

Synqlink does not use third-party analytics or advertising services that track users across apps.

9. International Data Transfers

9.1 Firebase Global Infrastructure

Your data may be processed and stored in Google data centres outside the United Kingdom. Firebase ensures appropriate safeguards for international transfers in accordance with UK GDPR requirements.

9.2 UK Transfer Protections

International data transfers are protected by:

• Google's compliance with UK adequacy decisions where applicable
• Standard contractual clauses approved by the UK Information Commissioner's Office (ICO)

10. Children's Privacy

Synqlink is not intended for children under 13 years old. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will delete it promptly. Parents who believe their child has provided information to us should contact syncit.mobileapp@gmail.com immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. When we make significant changes:

• We'll provide 30 days advance notice through the app or by email
• Users will receive specific notice of changes affecting their rights
• The updated policy will show the new effective date
• Continued use of Synqlink after changes constitutes acceptance of the updated policy

12. Data Protection Contacts

12.1 General Privacy Questions

Email: syncit.mobileapp@gmail.com
Subject Line: "Privacy Policy Question"

12.2 Data Protection Officer

As a small-scale service, Synqlink is not required to appoint a Data Protection Officer under UK GDPR. For all data protection queries, please contact us directly using the details in section 13.

12.3 Supervisory Authority

You may lodge complaints with the Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Phone: 0303 123 1113

13. Contact Information

For all privacy-related questions, concerns, or requests, please contact us at:

Email: syncit.mobileapp@gmail.com
Subject: Privacy Policy Inquiry

13.1 Business Information

Operated by: Boris Semanco
Address: 65 Whitebeam drive, Maidstone, ME174QY, Kent, United Kingdom

---