Syncolio Logo
← Back to home

Privacy Policy

Last updated: May 17, 2026

Controller: Syncolio ("Company", "we", "us", "our")

Contact: contact@syncolo.com

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website and services (the "Service").

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Privacy by Design and Data Minimization

We are committed to the principles of:

  • data minimization
  • purpose limitation
  • storage limitation
  • integrity and confidentiality

The Service is designed to collect only the minimum amount of personal data necessary to operate.

You are not required to provide personal data unless you choose to use specific features.

You should avoid submitting sensitive personal data unless absolutely necessary.

2. Data Controller

For the purposes of GDPR and similar laws, the data controller is:

Syncolio

contact@syncolo.com

3. Types of Data We Collect

We intentionally limit data collection.

3.1 Data You Provide Voluntarily

Depending on your use of the Service, you may provide:

  • email address
  • login credentials
  • portfolio information you choose to upload
  • communications you send to us

You are solely responsible for the data you submit.

We do not require bank credentials or brokerage passwords.

3.2 Automatically Collected Data

We may automatically collect limited technical data:

  • IP address
  • browser type
  • device type
  • operating system
  • pages visited
  • timestamps
  • basic usage analytics

This information is used solely for security, functionality, and performance.

3.3 Portfolio and Financial Data

Portfolio data uploaded by users may include:

  • asset allocations
  • securities and holdings
  • historical performance data

This information is processed only to provide analytics requested by the user.

We do not verify the accuracy of user-submitted data.

4. Purposes of Processing

We process data strictly for the following purposes:

  • providing and maintaining the Service
  • performing analytics requested by users
  • security and fraud prevention
  • improving functionality and reliability
  • complying with legal obligations

We do not use personal data for advertising or profiling.

5. Legal Bases for Processing (GDPR)

Where GDPR applies, processing is based on:

  • Contract — providing the Service you request
  • Legitimate Interests — security, maintenance, improvement
  • Legal Obligations — compliance with applicable law
  • Consent — where explicitly requested (e.g., cookies)

6. No Sale or Marketing Use of Data

We do not:

  • sell personal data
  • rent personal data
  • trade personal data
  • share personal data for advertising
  • use personal data for third-party marketing

We do not monetize user data.

7. Limited Sharing with Service Providers

We may use third-party processors strictly necessary to operate the Service, such as:

  • hosting providers
  • infrastructure providers
  • analytics providers
  • security providers

These providers:

  • process data only on our instructions
  • are contractually bound by confidentiality
  • must implement appropriate safeguards

We are not responsible for independent actions of third parties beyond our reasonable control.

8. International Data Transfers

Your data may be processed in countries outside your jurisdiction.

Where required, we rely on:

  • Standard Contractual Clauses (SCCs)
  • adequacy decisions
  • other lawful transfer mechanisms

You acknowledge that data protection laws may differ across jurisdictions.

9. Data Retention

We retain data only as long as necessary to:

  • provide the Service
  • comply with legal obligations
  • resolve disputes
  • enforce agreements

We may retain anonymized or aggregated data indefinitely.

10. User Rights (GDPR)

Subject to applicable law, you may request:

  • access to your data
  • correction of inaccurate data
  • deletion ("right to be forgotten")
  • restriction of processing
  • data portability
  • objection to processing

Requests can be sent to: contact@syncolo.com

We may refuse or limit requests where permitted by law.

11. Security Disclaimer

We implement reasonable technical and organizational safeguards.

However:

  • no system is completely secure
  • no transmission over the Internet is risk-free

You transmit data at your own risk.

To the maximum extent permitted by law, we disclaim liability for unauthorized access beyond our reasonable control.

12. Children's Privacy

The Service is not intended for individuals under 18.

We do not knowingly collect data from minors.

13. Third-Party Links

The Service may contain links to third-party websites.

We are not responsible for their privacy practices.

14. Changes to This Policy

We may update this Privacy Policy at any time.

Continued use of the Service constitutes acceptance of the updated policy.

15. Limitation of Liability

To the maximum extent permitted by law, the Company shall not be liable for:

  • data loss
  • data breaches beyond reasonable control
  • indirect or consequential damages
  • losses arising from third-party services

16. Contact

For privacy inquiries:

contact@syncolo.com