Close

Request Access

I would like to receive email updates from synergist. See Privacy Policy
Request Access

synergist.io Privacy Policy

 

1. What is our ROLE?

We at synergist.io GmbH are committed to safeguarding your privacy. This policy applies to you if you are visiting our website or using our service. In this case, we act in the role of a data controller with respect to your personal data which means that we determine the purposes and means of the processing of your personal data.

If you have been sent a contract via synergist.io by one of our customers without being a registered user of synergist.io yourself, we act in the role of a data processor of the synergist.io customer who sent you the contract. As a data processor, we process your personal data on behalf of our customer in accordance with the instructions given by our customer. In this case, you should check with our customer for information on how your personal data is collected and used.

2. WHAT types of data do we use? HOW and WHY do we use that data?

Usage Data

WHAT: We may process data about your use of our website and services ("Usage Data"). Such Usage Data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.

HOW: We may collect such Usage Data from our analytics tracking system. We use this Usage Data for the purposes of analyzing how our website and services are used, ensuring their security and also their continuous improvement.

WHY: The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.

Account Data

WHAT: We may process your synergist.io account data ("Account Data"). The Account Data may include your name and email address.

HOW: We may collect such Account Data from you. The Account Data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.

WHY: The legal basis for this processing is the consent you gave us, our legitimate interests in the proper administration of our website and services or the performance of the contract between you and us.

Service Data

WHAT: We may process personal data that you provide to us while using our services ("Service Data"). The Service Data encompasses any personal data included in the contracts you negotiate via synergist.io.

HOW: We only process the Service Data that you provide to us while using our services. The Service Data may be processed for the purposes of properly administering our services.

WHY: The legal basis for this processing is the performance of a contract between you and us or our legitimate interests in the proper administration of our services.

Support Data

WHAT: We may process any personal data contained in any enquiry you submit to us via our customer support ("Support Data"). The Support Data may include Usage Data, Account Data and Service Data.

HOW: We only process the Support Data that you provide to us via our customer support. The Support Data may be processed for the purposes of bug fixing, improving our services, ensuring the security of our services, maintaining back-ups of our databases and communicating with you.

WHY: The legal basis for this processing is the consent you gave us, our legitimate interests in the proper administration of our services or the performance of the contract between you and us.

Notification Data

WHAT: We may process information that you provide to us for the purposes of subscribing to our email notifications and/or newsletters ("Notification Data"). The Notification Data may include your name and email address.

HOW: We may collect such Notification Data from you. The Notification Data may be processed for the purposes of sending you the relevant notifications and/or newsletters.

WHY: The legal basis for this processing is the consent you gave us.

3. What are your rights?

Under data protection laws, you have several rights relating to the processing of your personal data. You can exercise such rights by sending us an email at dpa@synergist.io. Some of the rights are complex, and not all of the details have been included in our summaries below. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

Right to access

You have the right to get a confirmation on whether or not we process personal data of you. If we do, you have the right to access your personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Provided the rights and freedoms of others are not affected, we will supply to you a copy of your personal data upon request.

Right to rectification

You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

Right to erasure

In some circumstances you have the right to request that we erase your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you have a right to object to the processing and exercise such right; the processing is for direct marketing purposes; the personal data have been unlawfully processed. However, there are exclusions of the right to erasure where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.

Right to restrict processing

In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

Right to object processing

You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.

You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.

Right to data portability

To the extent that the legal basis for our processing of your personal data is the consent you gave us or the performance of a contract between you and us and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

Right to complain to a supervisory authority

If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so by contacting our supervisory authority at the contact details provided at: https://www.datenschutz-berlin.de/

Right to withdraw consent

To the extent that the legal basis for our processing of your personal data is a consent you gave us, you have the right to withdraw that consent at any time. You can do this by emailing us at support@synergist.io. Withdrawal will not affect the lawfulness of processing before the withdrawal.

4. Which third parties process your personal data?

We partner with certain third-party service providers so that you benefit from a seamless and comprehensive service. Some of these third-party service providers may only operate their service if we disclose your personal data to them. If we do share your personal data with a third-party service provider, we do so only insofar as is reasonably necessary for the purposes of our services provided to you. In this case, such third-party service providers act as our data processors. We have chosen each one of them thoroughly and supervise their processing of your personal data.

  • Amazon Web Services (https://aws.amazon.com/)
    Description: cloud services and hosting provider
    Personal Data processed: usernames, email addresses, user IDs, company names, company IDs, documents and their contents, user activity
  • Digital Ocean (https://www.digitalocean.com/)
    Description: cloud services and hosting provider
    Personal Data processed: usernames, email addresses, user IDs, company names, company IDs, documents and their contents, user activity
  • Mixpanel (https://mixpanel.com/)
    Description: analyzing user activity via events
    Personal Data processed: username, email address, company name, user ID, company ID, user location (city, country, region), operating system, web browser, screen width/height
  • Google Analytics - https://www.google.de/intl/de/analytics/
    Description: user activity tracking on website
    Personal Data processed: IP address, time and frequency of website visits including time stamps.
  • Intercom (https://www.intercom.com/)
    Description: user messaging application for instant chat, emails and support articles
    Personal Data processed: username, email address, user location (city, country, region), last page visited, web browser, LinkedIn profile, job title
  • DocuSign (https://www.docusign.com/)
    Description: electronic Signature Service
    Personal Data processed: signer name, email address, job title, signature, IP address, location, documents and their contents
  • Bugsnag (https://www.bugsnag.com/)
    Description: error reporting service
    Personal Data processed: username, email address, user ID, company ID

5. Where do we store your personal data?

Our website and service are hosted in Frankfurt am Main, Germany and Amsterdam, Netherlands. Some of our third-party service providers, however, operate outside the EEA. If provision of the services requires that your personal data is transferred or stored outside the EEA, we will take appropriate safeguards to protect your personal data, namely by use of standard data protection clauses adopted or approved by the European Commission.

6. How long do we store your personal data?

We will not keep any of your personal data for longer than is necessary for the purpose on which basis we process such personal data.

We will archive and stop actively using any of your personal data 5 years after you last logged in to our services. We will delete your personal data from our archives no later than 6 years after you last logged in to our services, unless we have agreed otherwise in our contract.

Notwithstanding the above, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

7. How do we use cookies?

Cookies – what is this?

Our website as well as our service uses cookies. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either "persistent" cookies or "session" cookies. A persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal data that we store about you may be linked to the information stored in and obtained from cookies.

Which Cookies do we use?

We use cookies for the following purposes:

(a) we use authentication cookies to identify you when you visit our website and/or our service and as you navigate our website and/or service;

(b) we use status cookies to help us to determine if you are logged into our service;

(c) we use personalisation cookies to store information about your preferences and to personalise the service and/or website for you;

(d) we use security cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally;

(e) we use analysis cookies to help us to analyze the use and performance of our website and services; and

(g) we use cookies to store your preferences in relation to the use of cookies more generally.

Which cookies do our third-party service providers use?

Some of our third-party service providers use cookies and those cookies may be stored on your computer when you visit our website and/or service. Please see section 4 for a list of our third-party service providers.

How can I manage cookies?

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links: https://support.google.com/chrome/answer/95647?hl=en (Chrome); https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox); http://www.opera.com/help/tutorials/security/cookies/ (Opera); https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer); https://support.apple.com/kb/PH21411 (Safari); or https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

Blocking cookies will have a negative impact upon the usability of our website and service and certain parts of our website and/or service may not function fully. In some cases, our website and/or service may not be accessible at all. 

8. How can we change this privacy policy?

This version of the policy has been updated in May 2018. We may update this policy from time to time by publishing a new version on our website.

If you are a registered user of our services, we will notify you of any more than insignificant changes to this policy by email or through the messaging system in our service.

9. Our details

This website and service is provided to you by synergist.io GmbH. We have our registered seat in Unter den Linden 17 c/o Microsoft Ventures, Berlin, Germany. We are registered with the commercial register of the local court of Charlottenburg under no. HRB 171356 B.

You can contact us by post at the address given above, by telephone using the following number: +49 1603 603 214 or by email using the following email address: support@synergist.io.

10. Data protection officer

You may contact our data protection officer at: dpa@synergist.io.