Privacy Policy

SynergySoft SARL (“SynergySoft”, “we”, “us”, or “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how SynergySoft collects, uses, discloses, and safeguards personal information in compliance with the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP). Please read this policy carefully to understand our practices.

Data Controller: SynergySoft SARL is the data controller. Our headquarters are located at Rue de Chantepoulet 10, 1201 Geneva, Switzerland. We can be contacted at [email protected] for privacy inquiries.

We collect personal information that you provide directly or that we obtain indirectly. This may include:

• Contact information: name, email address, phone number, job title, company name (e.g., when you submit a contact form or sign up for communications).
• Account information: login credentials if you register for our client portals.
• Usage data: information about how you use our website, services, or applications (e.g., IP address, browser type, pages visited, device identifiers, and location data).
• Cookies and tracking data: We use cookies and similar technologies (pixels, web beacons, analytics scripts) to collect information and enhance your experience. This includes session cookies (to operate our site), preference cookies (to remember your settings), and security cookies (to prevent fraud). You can control cookies through your browser settings.

We may also collect certain data indirectly (e.g., from our CRM, mailing lists, or public sources). In each case, we limit collection to what is necessary for our legitimate business purposes.

SynergySoft processes personal data for the following purposes:

• Service Provision: To respond to inquiries and provide our integration and consulting services. This includes account management, billing, project communications, and technical support.
• Business Development: To market our services and send relevant communications (with your consent, where required), such as newsletters or event invitations.
• Service Improvement: To analyze usage and feedback in order to improve our website, tools, and services (e.g., refining the Integration Calculator).
• Legal Compliance: To comply with applicable laws, regulations, audits, or law enforcement requirements. This includes maintaining records and cooperating with authorities as needed.
• Security: To protect our systems and customers, for example, by detecting and preventing fraudulent or malicious activities.

Recruitment: If you apply for employment, we process applicant data for hiring decisions.

We rely on the following legal grounds for processing personal data:

• Contractual Necessity: Processing is necessary to perform services or enter into contracts with you (e.g., setting up an account or providing a proposal).
• Legitimate Interests: We may process data when we have a legitimate business interest that does not override your rights – for instance, to improve our services, ensure security, or send non-marketing updates.
• Consent: When required by law, we seek your consent (for example, before placing marketing cookies or sending promotional emails). You may withdraw consent at any time (see “Your Rights” below).

Legal Obligation: We process data to comply with laws (for example, financial record-keeping, tax obligations, or responding to lawful requests from authorities).

We do not sell personal data. We may share information with service providers and partners who help us deliver our services, under strict contractual obligations. These include:

• Cloud and Hosting Providers: Third parties (e.g. AWS, Microsoft Azure) that host our applications or data.
• Technical Service Providers: IT support, analytics (such as Google Analytics), CRM, marketing automation, and email services used to operate our business.
• Professional Advisers: Lawyers, accountants, auditors, or consultants, when needed to provide professional advice or in connection with a business transaction.
• Regulators and Authorities: Entities such as the Swiss Federal Data Protection and Information Commissioner (FDPIC) or courts, when required by law or to protect our legal rights.

All third parties with access to personal data are obligated to keep it secure and confidential, and to use it only for specified purposes. We limit the categories of personal data shared to what is necessary for the specified purpose.

SynergySoft may transfer data outside Switzerland or the European Economic Area (EEA) only to jurisdictions with appropriate safeguards. In line with the Swiss FADP’s requirements, we ensure adequate protection for cross-border transfers. For example, we may rely on transfers to:

• Countries with an adequacy decision (EU/EEA, UK, Japan, etc.).
• Standard Contractual Clauses or other approved mechanisms for international transfers.
  

We do not transfer data indiscriminately. Our privacy notices disclose when transfers might occur, and we implement technical and contractual safeguards (such as encryption and EU-approved contractual clauses) to protect your personal data during transit and storage.

We take data security seriously. We implement organizational and technical measures to safeguard data from unauthorized access, loss, or alteration. These measures include:

• Encryption of sensitive data at rest and in transit (SSL/TLS for web connections).
• Firewall and intrusion detection systems, access controls, and regular vulnerability assessments.
• Employee training and policies on data confidentiality.
• Secure data deletion and device management policies.

While we strive to use appropriate security measures, please note that no method of transmission over the Internet or storage is completely secure. If you suspect a security breach, please contact us immediately at [email protected].

SynergySoft retains personal data only as long as necessary for the purposes described or to comply with legal obligations. Specific retention periods depend on the data type and use case:

• Customer and Contact Data: Retained for the duration of our business relationship and a commercially reasonable period thereafter (typically 5–10 years) for record-keeping and compliance.
• Job Applicant Data: Retained for up to 2 years after completion of the recruitment process, unless you consent to longer storage.
• Website Analytics and Cookies: Collected data is retained in accordance with our data retention schedules (e.g., analytics data may be aggregated after a set period). You can clear cookies via your browser at any time.

Once data is no longer needed, we will securely delete or anonymize it in accordance with our policies and legal requirements.

Under the GDPR and Swiss FADP, individuals have the following rights concerning their personal data:

• Right to Access: You may request confirmation of whether we hold your personal data and obtain a copy of it.
• Right to Rectification: You can ask us to correct inaccurate or incomplete data about you.
• Right to Erasure: You may request deletion of your personal data, subject to legal obligations (for example, we may need to retain certain information for tax or audit purposes).
• Right to Restrict Processing: You can ask us to temporarily suspend processing of your data (e.g., if you contest its accuracy).
• Right to Data Portability: Where applicable, you can request your data in a structured, machine-readable format to transfer to another service provider.
• Right to Object: You may object to certain processing, such as direct marketing or processing based on our legitimate interests.
• Right to Withdraw Consent: If you have given consent (e.g. for cookies or marketing), you can withdraw it at any time without affecting prior processing.
• Right to Lodge a Complaint: You have the right to complain to a supervisory authority about our data processing. In Switzerland, this would be the Federal Data Protection and Information Commissioner (FDPIC); in the EU, your local Data Protection Authority.

To exercise any of these rights, please contact us at [email protected].We will respond in accordance with applicable laws, typically within one month. We may require additional information to verify your identity before complying with your request.

Our website uses cookies and similar technologies to enhance user experience and analyze site usage. We obtain consent where required (e.g. for marketing cookies). You can manage cookie preferences through your browser or our cookie banner. Common cookies we use include:

• Essential Cookies: Necessary for website functionality (login sessions, security).
• Analytics Cookies: Used to collect anonymous data on site usage (via Google Analytics or similar services).
• Preference Cookies: Remember your language or display preferences.
• Marketing Cookies: For targeted advertising (only with your consent).

Detailed information about the cookies we use is provided in our Cookie Policy. To delete or block cookies, follow your browser settings or use opt-out mechanisms provided by analytics vendors.

SynergySoft may update this Privacy Policy periodically to reflect new legal requirements or changes in our practices. If we make significant changes, we will notify you via our website or by email. The “Effective Date” at the top indicates when the policy was last revised. We encourage you to review this page regularly for any updates.

For questions or concerns about this Privacy Policy or our data practices, please contact:

SynergySoft SARL
Rue de Chantepoulet 10, 1201 Geneva, Switzerland
Email: [email protected]

If you believe your data protection rights have been violated, you also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or the relevant EU data protection authority.

SynergySoft takes your privacy seriously and is committed to maintaining transparent data governance for all enterprise clients and users.