← Back to Synolo

Privacy Policy

Last updated: March 30, 2026

1. Introduction

Synolo LLC ("Synolo," "we," "us," or "our") operates the Synolo application and website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. By accessing or using Synolo, you agree to this Privacy Policy. If you do not agree, please do not use the service.

Synolo LLC is incorporated in Philadelphia, Pennsylvania, USA. For privacy-related inquiries, contact us at [email protected].

2. Information We Collect

2.1 Information You Provide

  • Account information: Name, email address, password (hashed and salted), timezone, and currency preferences.
  • Content you create: Notes, tasks, contacts, calendar events, board entries, budget data, and any other content you enter into the application.
  • Financial data: If you connect a bank account via SimpleFIN, we receive transaction data, account balances, and institution details. This data is cached locally on our servers.
  • Meeting recordings: If you use the meeting transcription feature, audio recordings are temporarily stored for processing and automatically deleted after transcription is complete.
  • API keys: If you provide your own AI provider API keys (e.g., OpenAI, Anthropic, Google), they are stored encrypted using AES-256-GCM on our servers.
  • Communications: When you contact us for support or feedback.

2.2 Information Collected Automatically

  • Authentication cookies: We use essential cookies for session management. We use two cookies: a secure, HTTP-only session token and a non-sensitive login indicator flag. These expire after 7 days.
  • Push notification tokens: If you enable push notifications, we store your browser push subscription endpoint.
  • Location data: If you use the weather feature, your approximate location may be sent to Open-Meteo and Nominatim (OpenStreetMap) to retrieve weather data. We do not store your location.

2.3 Information We Do Not Collect

  • We do not use any third-party analytics, tracking pixels, or advertising technologies on the application.
  • We do not collect device fingerprints or browsing history.
  • We do not use cookies for advertising or cross-site tracking.

3. How We Use Your Information

  • To provide the service: Your content and data are used to power the features you interact with — calendar, tasks, notes, finances, contacts, and more.
  • AI processing: Your content (notes, tasks, emails, calendar events) may be sent to third-party AI providers (such as OpenAI, Anthropic, and Google) to power AI features including chat, suggestions, summarization, categorization, and agent automation. We use your data to train and improve our system's performance. We do not own or operate the underlying AI models.
  • Meeting transcription: Audio recordings are sent to OpenAI's Whisper API for transcription. Recordings are deleted from our servers after transcription completes.
  • Email communications: We use Brevo to send transactional emails such as password resets, email verification, trial reminders, and announcements. We track email opens and link clicks for our announcement emails only.
  • Payment processing: Billing and subscription data is processed through Stripe. We store your Stripe customer ID and subscription status but do not store credit card numbers.
  • To improve the service: We may analyze aggregate, non-identifying usage patterns to improve functionality.

4. Third-Party Services

We share your data with the following categories of third-party services only as necessary to provide the application's functionality:

  • AI providers: OpenAI, Anthropic, Google Generative AI, and other user-configured providers — for AI-powered features. Content you create may be sent to these providers for processing.
  • Google APIs: Google Calendar and Gmail — if you connect your Google account for calendar sync or email features.
  • Stripe: For payment processing and subscription management.
  • SimpleFIN: For bank account connection and transaction syncing, if you enable this feature.
  • Brevo: For sending transactional emails.
  • CoinGecko: For cryptocurrency price data, if you use the investments feature.
  • Open-Meteo & Nominatim: For weather data and location lookup.
  • Frankfurter: For currency exchange rates.
  • Web Push services: For delivering push notifications to your browser.

We do not sell, rent, or share your personal information with third parties for advertising or marketing purposes.

5. Data Storage and Security

  • Your data is stored on our servers using a file-based storage system with atomic write protection and rolling backups.
  • Each user's data is isolated in a separate directory with restricted file permissions.
  • Passwords are hashed using scrypt before storage.
  • Sensitive credentials (API keys) are encrypted using AES-256-GCM.
  • Sessions are signed with HMAC-SHA256 and stored in HTTP-only cookies.
  • We implement Content Security Policy (CSP) headers and rate limiting to protect against common web attacks.

While we take reasonable measures to protect your information, no method of electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

  • Account data: Retained for as long as your account is active.
  • Chat history: Free Trial and Core plans retain chat history for 7 days. Pro and Ultra plans retain chat history indefinitely.
  • Meeting recordings: Audio files are automatically deleted after transcription. Transcription text and summaries are retained as notes.
  • Financial data: Cached transaction data from SimpleFIN is stored locally and updated on sync.
  • Deleted accounts: When your account is deleted, all associated data — including notes, tasks, contacts, recordings, and files — is permanently removed from our servers.

7. Your Rights

You have the right to:

  • Access your data: You can view all data stored in your account through the application.
  • Export your data: You may request a full export of your data at any time.
  • Delete your data: You may request deletion of your account and all associated data by contacting us.
  • Correct your data: You can update your account information and content directly within the application.
  • Withdraw consent: You may disconnect third-party integrations (Google, SimpleFIN) at any time.
  • Unsubscribe: You can opt out of announcement emails via the unsubscribe link included in each email.

To exercise any of these rights, contact us at [email protected].

8. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell your personal information. To exercise your CCPA rights, contact us at [email protected].

9. International Users

Synolo is operated from the United States. If you access the service from outside the United States, your information may be transferred to, stored, and processed in the United States. By using the service, you consent to the transfer of your information to the United States, which may not offer the same level of data protection as your home jurisdiction.

10. Children's Privacy

Synolo is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal information, please contact us at [email protected].

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the service after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

Synolo LLC
Philadelphia, PA, USA
[email protected]