Updated as of April 6, 2023
Introduction
At Synapse Financial Technologies, Inc., our mission is to enable companies to build and launch best-in-class financial services for their customers. In order to do so, we provide the technology link between internet-based platforms (“Platforms”) and financial services entities, empowering Platforms to enable their users – businesses and consumers alike – to have access to certain financial services.
As a technology company nestled in the financial services industry, privacy and security are very important to us. This Privacy Policy is meant to help you understand how we collect, use, and share personal data when you visit our website (“Site”) or use our services, such as when you create a developer account, access our dashboard, or submit your personal data on a Platform that uses our API services (collectively, “Services”).
From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this webpage. If we make material changes to our Privacy Policy, we may also notify you by other means, such as sending an email or posting a notice on our Site or Services. If required by applicable data protection laws, we will obtain your consent to any material changes. Please review this Privacy Policy periodically.
If you obtain financial services through a Platform that uses our Services, your personal data will be subject to additional privacy policies. The Platform you are using will provide you with a privacy policy explaining the personal data that it collects and how it uses and shares that personal data. Synapse Financial Technologies, Inc. is not a bank. Therefore, depending on the financial service you obtain, your personal data also will be collected, used and shared by financial services providers (“Financial Services Partners”), including as applicable partner bank(s) (“Partner Banks”), crypto services partner(s), a Synapse lending entity (Synapse Credit LLC), and/or a Synapse brokerage entity (Synapse Brokerage LLC). You can find more information on the privacy policies of our Financial Services Partners here. Finally, please refer to our Terms of Service and Terms of Use for information regarding the proper usage of the Services and Site, respectively.
Introduction
At Synapse Financial Technologies, Inc., our mission is to enable companies to build and launch best-in-class financial services for their customers. In order to do so, we provide the technology link between internet-based platforms (“Platforms”) and financial services entities, empowering Platforms to enable their users – businesses and consumers alike – to have access to certain financial services.
As a technology company nestled in the financial services industry, privacy and security are very important to us. This Privacy Policy is meant to help you understand how we collect, use, and share personal data when you visit our website (“Site”) or use our services, such as when you create a developer account, access our dashboard, or submit your personal data on a Platform that uses our API services (collectively, “Services”).
From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this webpage. If we make material changes to our Privacy Policy, we may also notify you by other means, such as sending an email or posting a notice on our Site or Services. If required by applicable data protection laws, we will obtain your consent to any material changes. Please review this Privacy Policy periodically.
If you obtain financial services through a Platform that uses our Services, your personal data will be subject to additional privacy policies. The Platform you are using will provide you with a privacy policy explaining the personal data that it collects and how it uses and shares that personal data. Synapse Financial Technologies, Inc. is not a bank. Therefore, depending on the financial service you obtain, your personal data also will be collected, used and shared by financial services providers (“Financial Services Partners”), including as applicable partner bank(s) (“Partner Banks”), crypto services partner(s), a Synapse lending entity (Synapse Credit LLC), and/or a Synapse brokerage entity (Synapse Brokerage LLC). You can find more information on the privacy policies of our Financial Services Partners here. Finally, please refer to our Terms of Service and Terms of Use for information regarding the proper usage of the Services and Site, respectively.
1. What is Synapse Financial Technologies, Inc.?
Synapse Financial Technologies, Inc. (“Synapse”) gives Platforms the ability to craft their own branded financial products and services in a simple, developer friendly way. Our mission is to enable entities to build and launch best-in-class financial services, and we provide the technology link between our Financial Services Partners and Platforms to offer these services.
Synapse’s offices are located at 101 2nd Street, Suite 525, San Francisco, CA 94105. Synapse operates both as a data controller and a data processor of personal data collected from residents of the European Economic Area or the United Kingdom. Synapse operates as the data controller of the personal data that is collected from the Site and operates as a data processor of the personal data that is collected from or on behalf of Platforms and Financial Services Partners.
Synapse Financial Technologies, Inc. (“Synapse”) gives Platforms the ability to craft their own branded financial products and services in a simple, developer friendly way. Our mission is to enable entities to build and launch best-in-class financial services, and we provide the technology link between our Financial Services Partners and Platforms to offer these services.
Synapse’s offices are located at 101 2nd Street, Suite 525, San Francisco, CA 94105. Synapse operates both as a data controller and a data processor of personal data collected from residents of the European Economic Area or the United Kingdom. Synapse operates as the data controller of the personal data that is collected from the Site and operates as a data processor of the personal data that is collected from or on behalf of Platforms and Financial Services Partners.
2. Collecting and Using Information
Personal Data We Collect
We may collect your personal data in different ways depending on how you interact with us, a Platform, and other entities that are necessary to provide the Services to you. Below we talk about the personal data that we collect in these different ways. For purposes of this Privacy Policy, “Personal Data” refers to any information relating to an identified or identifiable natural person that we maintain in an accessible form.
Interact with Our Site
When you use our Site, you may voluntarily provide us with certain types of Personal Data:
Personal Data We Collect
We may collect your personal data in different ways depending on how you interact with us, a Platform, and other entities that are necessary to provide the Services to you. Below we talk about the personal data that we collect in these different ways. For purposes of this Privacy Policy, “Personal Data” refers to any information relating to an identified or identifiable natural person that we maintain in an accessible form.
Interact with Our Site
When you use our Site, you may voluntarily provide us with certain types of Personal Data:
- Contact Us. When you contact us or register to receive information from us (e.g., newsletters, case studies, and events), you may provide us with your name, email address, and telephone number.
- Chatbot. If you use our chatbot, you will provide us with your name and email address, as well as any other information you choose to provide. Our chatbot feature is provided by HubSpot. HubSpot may collect, record, and store the information you provide in your chat messages. Please review HubSpot’s privacy policy here. We will also collect logs of your chat with our staff.
- Create a Developer Account. If you create a developer account, you will provide us with your legal name, email address, certain passwords, telephone number and address. You also will provide us with other information relating to your company such as entity legal name or aliases, including “doing business as” names, email address, physical address, phone number, legal entity type, industry, organizational documents (e.g., articles of incorporation and bylaws), employer identification number, billing account, and other information relating to your authorized signors or beneficial owners. If you create additional accounts for employees or other individuals related to your company to access a dashboard, we will collect the individual’s email address, certain passwords, and business contact information.
We also automatically collect certain Personal Data through your use of the Site, including the dashboard (as applicable), such as the following:
- Usage Information. For example, the pages on the Site you access, the frequency of access, and what you click on while on the Site.
- Device Information. For example, hardware model, operating system, application version number, and browser.
- Mobile Device Information. Aggregated information about whether the Site are accessed via a mobile device or tablet, the device type, and the carrier.
- Location Information. Location information from Site visitors on a city-regional basis.
Interact with a Platform that Uses Our Services
If you interact with a Platform that uses our Services, we will receive from the Platform certain of your Personal Data and process that Personal Data on behalf of the Platform and, depending on the financial product, on behalf of Financial Services Partners:
If you interact with a Platform that uses our Services, we will receive from the Platform certain of your Personal Data and process that Personal Data on behalf of the Platform and, depending on the financial product, on behalf of Financial Services Partners:
- Identity Verification. To verify your identity when you apply or sign up to receive a service through a Platform, we will collect information such as your name, email address, Social Security Number or other tax identification number, address, telephone number, date of birth, gender, videos, IP address, and photographs that may contain images of your face, including your driver’s license or government-issued identification card.
- External Bank Account Information. We may collect information regarding an external financial account such as the financial institution name, account name, account type, branch number, account number, routing number, international bank account number (“IBAN”), information, data, passwords, authentication questions, materials or other content, transaction and available balance information.
- Background Check Data. If we are asked to perform a background check, we may collect information such as credit and criminal checks, supporting research, and screenings, to the extent required or permitted by local law.
- Recipients’ or Senders’ Data. When you send or request money through a Platform, we may receive your name, address, telephone number, IP address, date of birth, and financial account information about the recipient or sender of the funds. The extent of data required about a recipient or sender may vary depending on the Platform product you are using to send or request money.
- Digital Information. Our servers may automatically collect information about your visit to a Platform’s website or mobile application, including IP addresses and associated information. We also may collect your device “fingerprint” (e.g., hardware model, operating system and version, unique device identifiers and mobile network information).
Financial Data, including transaction history, of Your Account with Our Financial Services Partners
If you establish an account with a Financial Services Partner, we may collect or receive information such as transactions and transaction history, ACH, wire and card transactions, available account balance, card data, loan and credit information, your income, employment information, credit history, education information, address, debt to income ratio, credit score, prior repayment history, loan types, loan balances, credit history, payment plans, credit reports, debit amounts, linked bank accounts information, salary and other income, spending history, sources of wealth, investment activity, and other assets.
Third Party Sources
To provide our Services, we may receive certain Personal Data about you from merchants, recipients and senders of funds, data providers, identity verification providers, and credit bureaus as permitted by law.
How We Use Your Personal Data
We use the Personal Data we collect to provide the Services, to improve our Services and Site, and to protect our legal rights. In addition, we may use the Personal Data we collect in the following ways:
If you establish an account with a Financial Services Partner, we may collect or receive information such as transactions and transaction history, ACH, wire and card transactions, available account balance, card data, loan and credit information, your income, employment information, credit history, education information, address, debt to income ratio, credit score, prior repayment history, loan types, loan balances, credit history, payment plans, credit reports, debit amounts, linked bank accounts information, salary and other income, spending history, sources of wealth, investment activity, and other assets.
Third Party Sources
To provide our Services, we may receive certain Personal Data about you from merchants, recipients and senders of funds, data providers, identity verification providers, and credit bureaus as permitted by law.
How We Use Your Personal Data
We use the Personal Data we collect to provide the Services, to improve our Services and Site, and to protect our legal rights. In addition, we may use the Personal Data we collect in the following ways:
- Provide the Services, perform obligations under our agreements with third-parties, and carry out related business functions, including performing data and transaction processing, analyzing transaction history to combat regulatory and other security concerns, assisting with the investigation of a dispute, conducting credit checks, credit reporting, handling user inquiries, and managing the relationship;
- Develop, enhance, modify, add to, and improve our Site or Services;
- Risk management, identity verification, and for fraud and malicious activity detection, prevention and investigation, including "know your customer," anti-money laundering and anti-terroism, economic and trade sanctions, suspicious activity reporting, conflict and other necessary onboarding and ongoing client checks, due diligence and verification requirements, credit checks, credit risk analysis, tax reporting, compliance with sanctions procedures or rules, and other applicable laws, regulations, ordinances, obligations or requirements, including those related to our Financial Services Partners;
- Security and privacy management, to detect, prevent, and investigate privacy and security-related concerns that could impact you, Platform, Synapse, or Financial Services Partners;
- Confirm a person’s authority as a representative or agent of an account holder;
- Investigate any potential misuse of our Services including criminal activity or other unauthorized use of or access to our Services;
- Provide customer support to you or to Platforms, including by responding to your inquiries related to our Services;
- Send technical notices, statements, updates, security alerts and support and administrative messages;
- Communicate with you about our Site or Services or to inform you of changes to our Site or Services;
- Communicate with you concerning information you registered to receive, such as newsletters, events, and case studies;
- Defend our legal rights and the rights of others;
- Conduct record keeping and otherwise manage our business;
- Comply with applicable law or regulations;
- For any other purpose with your consent.
How We Share Your Personal Data
We may share the information that we collect about you in the following ways:
We may share the information that we collect about you in the following ways:
- With the Platform you are using for the purposes of offering the Services and providing customer service to you. You understand that the Platform will have access to your Personal Data and that the Platform’s applicable data privacy policy or notice shall apply;
- With our Partner Bank(s) to comply with our obligations to our Partner Bank’s, and the Partner Bank’s regulatory obligations and "know your customer” requirements. You understand that the Partner Bank will have access to your Personal Data and that the Partner Bank’s applicable data privacy policy or notice shall apply;
- With other Financial Services Partners to provide lending, crypto and brokerage products. You understand that these Financial Services Partners will have access to your Personal Data and that the applicable data privacy policy or notice shall apply;
- To card networks if you are issued a card by a Partner Bank(s). You understand that the card network may have access to your Personal Data and that the card network’s applicable data privacy policy or notice shall apply;
- With other companies or consultants that provide services to us, including but not limited to identity verification service providers, fraud prevention service providers, financial service providers who enable you to use certain features provided with our Services, card printers, credit bureaus, or collection agencies;
- With other parties to transactions when you use the Services, such as other users, merchants, and their service providers. We may share your information with other parties involved in processing your transactions. This includes other users that you are sending or receiving funds from, and merchants and their service providers. This information might include: (i) information to facilitate the transaction, (ii) information to help other participant(s) resolve disputes, (iii) detect and prevent fraud, (iv) information to improve the recipient’s services;
- To information technology providers or other service providers around the world that act under our instructions regarding the processing of certain data. These entities will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the information, and to process information only as instructed;
- To independent external auditors or other service providers around the world. Such service providers will be subject to any necessary contractual obligations regarding the protection and processing of such Personal Data;
- With a joint account holder as applicable;
- To support our audit, legal, compliance, and corporate governance functions;
- To service providers to prepare, deploy and analyze advertising content;
- To the extent that we are required to do so by law or regulation;
- For our everyday business purposes, such as processing your transactions and maintaining your account(s);
- In connection with any legal or regulatory proceedings or any prospective legal or regulatory proceedings;
- To establish, exercise, or defend our legal rights, including providing information to others for the purposes of fraud prevention and risk management;
- To any other person or entity as part of any business or asset sale, equity transaction, merger, acquisition or in preparation for any of these events; and
- To any other person or entity where you consent to the disclosure, for example, when you authorize a subsequent Platform or third-party application or website to access your information.
3. Cookies and Other Tracking Technologies
Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons). To learn more about how we use cookies and to change your cookie settings, please see our Cookie Policy.
Google Analytics
Our Site uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Site and Services, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The technologies used by Google Analytics do not gather information that personally identifies you. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt-out of tracking of analytics by Google, click here.
Google reCAPTCHA
Our Site uses Google reCAPTCHA, which is a free service that protects websites from spam and abuse using advanced risk analysis techniques to tell humans and bots apart. Google reCAPTCHA works differently depending on what version is deployed. For example, you may be asked to check a box indicating that you are not a robot or Google reCAPTCHA may detect abusive traffic without user interaction. Google reCAPTCHA works by transmitting certain types of information to Google, such as the referrer URL, IP address, visitor behavior, operating system information, browser and length of the visit, cookies, and mouse movements. Your use of Google reCAPTCHA is subject to Google’s Privacy Policy and Terms of Use. More information as to Google reCAPTCHA and how it works is available here.
Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons). To learn more about how we use cookies and to change your cookie settings, please see our Cookie Policy.
Google Analytics
Our Site uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Site and Services, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The technologies used by Google Analytics do not gather information that personally identifies you. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt-out of tracking of analytics by Google, click here.
Google reCAPTCHA
Our Site uses Google reCAPTCHA, which is a free service that protects websites from spam and abuse using advanced risk analysis techniques to tell humans and bots apart. Google reCAPTCHA works differently depending on what version is deployed. For example, you may be asked to check a box indicating that you are not a robot or Google reCAPTCHA may detect abusive traffic without user interaction. Google reCAPTCHA works by transmitting certain types of information to Google, such as the referrer URL, IP address, visitor behavior, operating system information, browser and length of the visit, cookies, and mouse movements. Your use of Google reCAPTCHA is subject to Google’s Privacy Policy and Terms of Use. More information as to Google reCAPTCHA and how it works is available here.
4. International Data Transfers
We operate internationally and may transfer information to the United States and other countries for the purposes described in this Privacy Policy. The United States and other countries may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. Your Personal Data can be subject to access requests from governments, courts, or law enforcement according to the laws of those countries.
For any transfers of Personal Data from the European Economic Area (EEA), Switzerland or the United Kingdom that we make to other entities as described in this Privacy Policy, we use appropriate safeguards to ensure for the lawful processing and transfer of the Personal Data, including, when appropriate, adequacy decisions or the standard contractual clauses approved by the European Commission. To obtain a copy of the safeguards, contact us at help@synapsefi.com.
In addition, depending upon the jurisdiction in which you reside we may rely upon other bases such as consent or contract. To the extent that you agree to our Terms of Service and enter into a contract with us, you acknowledge that the transfer is necessary for performance of that contract.
We operate internationally and may transfer information to the United States and other countries for the purposes described in this Privacy Policy. The United States and other countries may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. Your Personal Data can be subject to access requests from governments, courts, or law enforcement according to the laws of those countries.
For any transfers of Personal Data from the European Economic Area (EEA), Switzerland or the United Kingdom that we make to other entities as described in this Privacy Policy, we use appropriate safeguards to ensure for the lawful processing and transfer of the Personal Data, including, when appropriate, adequacy decisions or the standard contractual clauses approved by the European Commission. To obtain a copy of the safeguards, contact us at help@synapsefi.com.
In addition, depending upon the jurisdiction in which you reside we may rely upon other bases such as consent or contract. To the extent that you agree to our Terms of Service and enter into a contract with us, you acknowledge that the transfer is necessary for performance of that contract.
5. “Do Not Track” Signals
Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.
Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.
6. Advertising and Marketing Choices
Depending on your location (and reflecting applicable law), you may have been asked to indicate your preferences, provide us with your consent regarding the receipt of such information from us, and indicate how you would like to receive it.
Wherever you are located, we will send you marketing communications based on any preferences you may have expressed.
We only want to send you information in which you are interested. If you do not want to receive these communications or would like to understand more about other unsubscribe options, please contact us as set out in the “How to Contact Us” section below.
For email communications, you can opt-out and/or manage your preferences by clicking on the unsubscribe link provided at the bottom of any email you receive from us. You also may submit a request to us at privacy@synapsefi.com. If we call you with information you do not want to receive, you can advise us of this during the telephone call.
Depending on your location (and reflecting applicable law), you may have been asked to indicate your preferences, provide us with your consent regarding the receipt of such information from us, and indicate how you would like to receive it.
Wherever you are located, we will send you marketing communications based on any preferences you may have expressed.
We only want to send you information in which you are interested. If you do not want to receive these communications or would like to understand more about other unsubscribe options, please contact us as set out in the “How to Contact Us” section below.
For email communications, you can opt-out and/or manage your preferences by clicking on the unsubscribe link provided at the bottom of any email you receive from us. You also may submit a request to us at privacy@synapsefi.com. If we call you with information you do not want to receive, you can advise us of this during the telephone call.
7. Third Party Links
The Site and Services may contain links that will let you leave the Site and Services and access another website. Linked websites are not under our control. Except as stated herein, this Privacy Policy applies solely to Personal Data that is acquired on this Site and Services. We accept no responsibility or liability for these other websites.
The Site and Services may contain links that will let you leave the Site and Services and access another website. Linked websites are not under our control. Except as stated herein, this Privacy Policy applies solely to Personal Data that is acquired on this Site and Services. We accept no responsibility or liability for these other websites.
8. Security
We maintain commercially reasonable security measures to protect the Personal Data we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee absolute security.
We maintain commercially reasonable security measures to protect the Personal Data we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee absolute security.
9. Children’s Privacy
The Site and Services are not intended for children under 16 years of age. We do not knowingly collect, use, or disclose personal information from children under 16.
The Site and Services are not intended for children under 16 years of age. We do not knowingly collect, use, or disclose personal information from children under 16.
10. How Long is Your Personal Data Kept?
We will retain your Personal Data for as long as necessary to fulfill the purposes for which we collect it and as set out in this Privacy Policy and for the purpose of satisfying any legal, accounting, or reporting requirements that apply to us or our Financial Services Partners.
We will retain your Personal Data for as long as necessary to fulfill the purposes for which we collect it and as set out in this Privacy Policy and for the purpose of satisfying any legal, accounting, or reporting requirements that apply to us or our Financial Services Partners.
11. Your Personal Data and Your Rights – Europe and the United Kingdom Only
If you are in a country in the European Economic Area (EEA) or in the United Kingdom, you are entitled to the following explanation of the legal bases we rely on to process your Personal Data and a description of your privacy rights.
Legal Bases for Processing Your Personal Data
The legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it.
Consent
We may process your Personal Data based on your consent such as when you create an account or use a Platform to request a service. You have the right to withdraw your consent at any time without affecting the lawfulness of the processing based on consent before its withdrawal.
Our Legitimate Interests
We may process your Personal Data if doing so is necessary for our legitimate interests and your rights as an individual do not override those legitimate interests. For example, when we process your Personal Data to carry out fraud prevention activities and activities to increase network and information security, to market directly to you, to expand our business activities and to improve our services and the content and functionality of our Site.
To Perform a Contract
We may process your Personal Data to administer and fulfill contractual obligations to you.
To Enable Us to Comply with a Legal Obligation
We may process your Personal Data to comply with legal obligations to which we are subject. This may include any requirement to produce audited accounts and to comply with legal process.
Necessary for the Exercise or Defense of Legal Claims
If you bring a claim against us or we bring a claim against you, we may process your Personal Data in relation to that claim.
If you have any questions about or need further information concerning the legal basis on which we collect and use your Personal Data for any specific processing activity, please contact us using the “How to Contact Us” section below.
Your Rights
Access Your Personal Data
You have the right to obtain from us confirmation as to whether or not we are processing Personal Data about you and, if so, the right to be provided with the information contained in this Privacy Policy. You also have the right to receive a copy of the Personal Data undergoing processing.
Rectify Your Personal Data
You have the right to ask us to rectify any inaccurate Personal Data about you and to have incomplete Personal Data completed.
Restrict Our Use of Your Personal Data
You have the right to ask us to place a restriction on our use of your Personal Data if one of the following applies to you:
If you are in a country in the European Economic Area (EEA) or in the United Kingdom, you are entitled to the following explanation of the legal bases we rely on to process your Personal Data and a description of your privacy rights.
Legal Bases for Processing Your Personal Data
The legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it.
Consent
We may process your Personal Data based on your consent such as when you create an account or use a Platform to request a service. You have the right to withdraw your consent at any time without affecting the lawfulness of the processing based on consent before its withdrawal.
Our Legitimate Interests
We may process your Personal Data if doing so is necessary for our legitimate interests and your rights as an individual do not override those legitimate interests. For example, when we process your Personal Data to carry out fraud prevention activities and activities to increase network and information security, to market directly to you, to expand our business activities and to improve our services and the content and functionality of our Site.
To Perform a Contract
We may process your Personal Data to administer and fulfill contractual obligations to you.
To Enable Us to Comply with a Legal Obligation
We may process your Personal Data to comply with legal obligations to which we are subject. This may include any requirement to produce audited accounts and to comply with legal process.
Necessary for the Exercise or Defense of Legal Claims
If you bring a claim against us or we bring a claim against you, we may process your Personal Data in relation to that claim.
If you have any questions about or need further information concerning the legal basis on which we collect and use your Personal Data for any specific processing activity, please contact us using the “How to Contact Us” section below.
Your Rights
Access Your Personal Data
You have the right to obtain from us confirmation as to whether or not we are processing Personal Data about you and, if so, the right to be provided with the information contained in this Privacy Policy. You also have the right to receive a copy of the Personal Data undergoing processing.
Rectify Your Personal Data
You have the right to ask us to rectify any inaccurate Personal Data about you and to have incomplete Personal Data completed.
Restrict Our Use of Your Personal Data
You have the right to ask us to place a restriction on our use of your Personal Data if one of the following applies to you:
- You contest the accuracy of the information that we hold about you, while we verify its accuracy;
- We have used your information unlawfully, but you request us to restrict its use instead of erasing it;
- We no longer need the information for the purpose for which we collected it, but you need it to deal with a legal claim; or
- You have objected to us using your information, while we check whether our legitimate grounds override your right to object.
Object to Our Use of Your Personal Data
You have the right to object to our use of your Personal Data where our reason for using it is based on our legitimate interests or your consent (rather than when the reason for using it is to perform an obligation due to you under a contract with us).
Delete Your Personal Data
You can ask us to delete your Personal Data if:
You have the right to object to our use of your Personal Data where our reason for using it is based on our legitimate interests or your consent (rather than when the reason for using it is to perform an obligation due to you under a contract with us).
Delete Your Personal Data
You can ask us to delete your Personal Data if:
- We no longer need it for the purposes for which we collected it;
- We have been using it with no valid legal basis;
- We are obligated to erase it to comply with a legal obligation to which we are subject;
- We need your consent to use the information and you withdraw consent;
- You object to us processing your Personal Data where our legal basis for doing so is our legitimate interests and there are no overriding legitimate grounds for the processing.
However, this right is not absolute. Even if you make a request for deletion, we may need to retain certain information for legal or administrative purposes, such as record keeping, maintenance of opt-out requirements, defending or making legal claims, or detecting fraudulent activities. We will retain information in accordance with the “How Long Is Your Personal Data Kept” section above.
If you do exercise a valid right to have your Personal Data deleted, please keep in mind that deletion by third parties to whom the information has been provided might not be immediate and that the deleted information may persist in backup copies for a reasonable period (but will not be available to others).
Transfer Your Personal Data to Another Service Provider
You may request that we transfer some of the Personal Data you have provided to you or another service provider in electronic copy. This applies to Personal Data we are processing to service a contract with you and to Personal Data we are processing based on your consent.
To exercise any of these rights, please contact us as described in the “How to Contact Us” section below.
Make a Complaint
If you have any concerns or complaints regarding our processing of your Personal Data, please contact us as described in the “How to Contact Us” section below and we will do our best to answer any question and resolve any complaint to your satisfaction.
If, for whatever reason, you feel we do not meet the standards you expect of us, you are also entitled to make a complaint to your local supervisory authority:
EU Data Protection Authorities (DPAs)
Swiss Federal Data Protection and Information Commissioner (FDPIC)
Information Commissioner’s Office (United Kingdom)
If you do exercise a valid right to have your Personal Data deleted, please keep in mind that deletion by third parties to whom the information has been provided might not be immediate and that the deleted information may persist in backup copies for a reasonable period (but will not be available to others).
Transfer Your Personal Data to Another Service Provider
You may request that we transfer some of the Personal Data you have provided to you or another service provider in electronic copy. This applies to Personal Data we are processing to service a contract with you and to Personal Data we are processing based on your consent.
To exercise any of these rights, please contact us as described in the “How to Contact Us” section below.
Make a Complaint
If you have any concerns or complaints regarding our processing of your Personal Data, please contact us as described in the “How to Contact Us” section below and we will do our best to answer any question and resolve any complaint to your satisfaction.
If, for whatever reason, you feel we do not meet the standards you expect of us, you are also entitled to make a complaint to your local supervisory authority:
EU Data Protection Authorities (DPAs)
Swiss Federal Data Protection and Information Commissioner (FDPIC)
Information Commissioner’s Office (United Kingdom)
12. Your Personal Data and Your Rights –United States Only (Including California)
Notice to Nevada Residents
Nevada law allows Nevada residents to opt-out of the sale of certain types of personal information. Subject to a number of exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. We do not currently sell personal information as defined in the Nevada law. However, if you are a Nevada resident, you still may submit a verified request to opt-out of sales and we will record your instructions and incorporate them in the future if our policy changes. Opt-out requests may be sent to privacy@synapsefi.com.
Notice to California Residents
The California Consumer Privacy Act (CCPA) requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, and sale of personal information and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this does not apply to you and you should not rely on it.
The CCPA defines “personal information” to mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, deidentified or aggregated information. For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.”
The CCPA’s privacy rights described below do not apply to Personal Information that is collected, processed, sold, or disclosed pursuant to the federal Gramm-Leach-Bliley Act and its implementing regulations or the California Financial Information Privacy Act. Generally, this will apply to any Personal Information obtained in connection with Synapse enabling you access to the financial products or services of Financial Services Partners. The CCPA’s privacy-related rights also do not apply to certain types of Personal Information that is subject to the Federal Credit Reporting Act (FCRA).
In addition, some of the CCPA’s privacy rights explained below do not apply to personal information collected in a business-to-business context. That is information reflecting a written or verbal communication or a transaction between us and a consumer, where the consumer is acting as an employee, owner, director, officer, or contractor of another entity and when the communication or transaction occur solely within the context of us conducting due diligence regarding, or providing or receiving a product or service to or from such entity.
Finally, as described in the “Collecting and Using Information” section above, we collect certain Personal Information in our role as a service provider for other entities. If you would like to make any requests or queries regarding Personal Information that we process on behalf of Platforms or Financial Services Partners, please contact those entities directly. Your rights under the CCPA will depend on our relationship with you.
Right to Know About Personal Information Collected, Disclosed, or Sold
If you are a California resident, you have the right to request that we disclose what Personal Information we have collected about you in the 12-month period preceding your request. This right includes the right to request any or all of the following:
Notice to Nevada Residents
Nevada law allows Nevada residents to opt-out of the sale of certain types of personal information. Subject to a number of exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. We do not currently sell personal information as defined in the Nevada law. However, if you are a Nevada resident, you still may submit a verified request to opt-out of sales and we will record your instructions and incorporate them in the future if our policy changes. Opt-out requests may be sent to privacy@synapsefi.com.
Notice to California Residents
The California Consumer Privacy Act (CCPA) requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, and sale of personal information and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this does not apply to you and you should not rely on it.
The CCPA defines “personal information” to mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, deidentified or aggregated information. For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.”
The CCPA’s privacy rights described below do not apply to Personal Information that is collected, processed, sold, or disclosed pursuant to the federal Gramm-Leach-Bliley Act and its implementing regulations or the California Financial Information Privacy Act. Generally, this will apply to any Personal Information obtained in connection with Synapse enabling you access to the financial products or services of Financial Services Partners. The CCPA’s privacy-related rights also do not apply to certain types of Personal Information that is subject to the Federal Credit Reporting Act (FCRA).
In addition, some of the CCPA’s privacy rights explained below do not apply to personal information collected in a business-to-business context. That is information reflecting a written or verbal communication or a transaction between us and a consumer, where the consumer is acting as an employee, owner, director, officer, or contractor of another entity and when the communication or transaction occur solely within the context of us conducting due diligence regarding, or providing or receiving a product or service to or from such entity.
Finally, as described in the “Collecting and Using Information” section above, we collect certain Personal Information in our role as a service provider for other entities. If you would like to make any requests or queries regarding Personal Information that we process on behalf of Platforms or Financial Services Partners, please contact those entities directly. Your rights under the CCPA will depend on our relationship with you.
Right to Know About Personal Information Collected, Disclosed, or Sold
If you are a California resident, you have the right to request that we disclose what Personal Information we have collected about you in the 12-month period preceding your request. This right includes the right to request any or all of the following:
- Specific pieces of Personal Information that we have collected about you;
- Categories of Personal Information that we have collected about you;
- Categories of sources from which the Personal Information was collected;
- Categories of Personal Information that we sold (if applicable) or disclosed for a business purpose about you;
- Categories of third parties to whom the Personal Information was sold (if applicable) or disclosed for a business purpose; and
- The business or commercial purpose for collecting or, if applicable, selling Personal Information.
The CCPA defines “sell” to mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California resident’s Personal Information to another business or a third party for monetary or other valuable consideration.
Collection of Personal Information
For a list of the Personal Information that we currently collect and, in the 12 months prior to the Last Updated date of this Privacy Policy, have collected, please see the “Collecting and Using Information – Personal Data We Collect” section above. As described more fully above, we collect the Personal Information from California residents directly and from Platforms, Financial Services Partners, identity verification providers, recipients and senders of funds, data providers, and credits bureaus. Not all categories of Personal Information are collected from each source.
For a list of the purposes for which we have collected this Personal Information, please see the “Collecting and Using Information – How We Use Your Personal Data” section above.
Disclosure of Personal Information
For a list of the Personal Information that we disclosed for a business purpose in the 12 months preceding the Effective Date of this Privacy Policy and the category of third parties to whom the Personal Information was disclosed, please see the “Collecting and Using Information” section above. We did not sell Personal Information to third parties in the 12 months preceding the Last Updated date of this Privacy Policy.
We do not knowingly collect or sell the Personal Information of minors under 16 years of age.
Right to Request Deletion of Personal Information
If you are a California resident, you have the right to request that we delete the Personal Information about you that we have collected. However, per the CCPA, we are not required to comply with a request to delete if it is necessary for us to maintain the Personal Information in order to, for example, complete a transaction, detect security incidents, comply with a legal obligation, or otherwise use the Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.
How to Submit a Request to Know and/or Delete
You may submit a request to know or delete by emailing us at privacy@synapsefi.com or by calling us at 1-833-953-1299.
Our Process for Verifying a Request to Know or Delete
If we determine that your request is subject to an exemption or exception, we will notify you of our determination. If we determine that your request is not subject to an exemption or exception, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request.
We will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure or deletion as applicable.
For requests to access categories of Personal Information and for requests to delete Personal Information that is not sensitive and does not pose a risk of harm by unauthorized deletion, we will verify your identity to a “reasonable degree of certainty” by verifying at least two data points that you previously provided to us and which we have determined to be reliable for the purpose of verifying identities.
For requests to access specific pieces of Personal Information or for requests to delete Personal Information that is sensitive and poses a risk of harm by unauthorized deletion, we will verify your identity to a “reasonably high degree of certainty” by verifying at least three pieces of Personal Information previously provided to us and which we have determined to be reliable for the purpose of verifying identities. In addition, you will be required to submit a signed declaration under penalty of perjury stating that you are the individual whose Personal Information is being requested.
Right to Opt-Out of Sale of Personal Information
If you are a California resident, you have the right to direct businesses to stop selling your Personal Information. We do not sell Personal Information as it is defined in the CCPA.
Right to Non-Discrimination for the Exercise of a California Resident’s Privacy Rights
We will not discriminate against California residents if they exercise any of the rights provided in the CCPA as described in this section “Notice to California Residents.”
Authorized Agents
If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, and if the request is not subject to an exemption or exception, we will require additional information to verify your authority to act on behalf of the California resident.
Shine the Light Law
We do not disclose personal information obtained through our Site or Services to third parties for their direct marketing purposes. Accordingly, we have no obligations under California Civil Code § 1798.83.
Collection of Personal Information
For a list of the Personal Information that we currently collect and, in the 12 months prior to the Last Updated date of this Privacy Policy, have collected, please see the “Collecting and Using Information – Personal Data We Collect” section above. As described more fully above, we collect the Personal Information from California residents directly and from Platforms, Financial Services Partners, identity verification providers, recipients and senders of funds, data providers, and credits bureaus. Not all categories of Personal Information are collected from each source.
For a list of the purposes for which we have collected this Personal Information, please see the “Collecting and Using Information – How We Use Your Personal Data” section above.
Disclosure of Personal Information
For a list of the Personal Information that we disclosed for a business purpose in the 12 months preceding the Effective Date of this Privacy Policy and the category of third parties to whom the Personal Information was disclosed, please see the “Collecting and Using Information” section above. We did not sell Personal Information to third parties in the 12 months preceding the Last Updated date of this Privacy Policy.
We do not knowingly collect or sell the Personal Information of minors under 16 years of age.
Right to Request Deletion of Personal Information
If you are a California resident, you have the right to request that we delete the Personal Information about you that we have collected. However, per the CCPA, we are not required to comply with a request to delete if it is necessary for us to maintain the Personal Information in order to, for example, complete a transaction, detect security incidents, comply with a legal obligation, or otherwise use the Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.
How to Submit a Request to Know and/or Delete
You may submit a request to know or delete by emailing us at privacy@synapsefi.com or by calling us at 1-833-953-1299.
Our Process for Verifying a Request to Know or Delete
If we determine that your request is subject to an exemption or exception, we will notify you of our determination. If we determine that your request is not subject to an exemption or exception, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request.
We will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure or deletion as applicable.
For requests to access categories of Personal Information and for requests to delete Personal Information that is not sensitive and does not pose a risk of harm by unauthorized deletion, we will verify your identity to a “reasonable degree of certainty” by verifying at least two data points that you previously provided to us and which we have determined to be reliable for the purpose of verifying identities.
For requests to access specific pieces of Personal Information or for requests to delete Personal Information that is sensitive and poses a risk of harm by unauthorized deletion, we will verify your identity to a “reasonably high degree of certainty” by verifying at least three pieces of Personal Information previously provided to us and which we have determined to be reliable for the purpose of verifying identities. In addition, you will be required to submit a signed declaration under penalty of perjury stating that you are the individual whose Personal Information is being requested.
Right to Opt-Out of Sale of Personal Information
If you are a California resident, you have the right to direct businesses to stop selling your Personal Information. We do not sell Personal Information as it is defined in the CCPA.
Right to Non-Discrimination for the Exercise of a California Resident’s Privacy Rights
We will not discriminate against California residents if they exercise any of the rights provided in the CCPA as described in this section “Notice to California Residents.”
Authorized Agents
If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, and if the request is not subject to an exemption or exception, we will require additional information to verify your authority to act on behalf of the California resident.
Shine the Light Law
We do not disclose personal information obtained through our Site or Services to third parties for their direct marketing purposes. Accordingly, we have no obligations under California Civil Code § 1798.83.
13. Your Choices and Rights – Rest of the World
Depending on the jurisdiction in which you are located, you may have certain rights with respect to your Personal Data. For example, you may have the following rights:
Depending on the jurisdiction in which you are located, you may have certain rights with respect to your Personal Data. For example, you may have the following rights:
- Right to access your Personal Data;
- Right to receive a copy of your Personal Data, including in a machine-readable format;
- Right to delete your Personal Data;
- Right to update your Personal Data;
- Right to correct inaccurate, out-of-date, or irrelevant Personal Data;
- Right to anonymization, blocking or deletion of unnecessary or excessive Personal Data or Personal Data processed in noncompliance with applicable law;
- Right to receive information about public and private entities with which we have shared your Personal Data;
- Right to information about the possibility of denying consent and the consequences of such denial;
- Right to revoke consent;
- Right to data portability;
- Right to confirm that we are processing your Personal Data;
- Right to restrict our processing of your Personal Data;
- Right to not be subject to automated decision-making;
- Right to a verification procedure that provides whether we are in compliance with the applicable law; and
- Right to object to or opt out of direct marketing from us.
If you would like to exercise your legal rights, please contact us at privacy@synapsefi.com. We will process your request in accordance with any applicable legal requirements.
For a description of the legal bases for which we collect your Personal Data, please see the section “Your Personal Data and Your Rights –Europe and the United Kingdom Only - Legal Bases for Processing Your Personal Data” above.
For a description of the legal bases for which we collect your Personal Data, please see the section “Your Personal Data and Your Rights –Europe and the United Kingdom Only - Legal Bases for Processing Your Personal Data” above.
14. Accessibility
We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below.
We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below.
15. How to Contact Us
For questions or concerns about our privacy policies or practices, please contact us at:
Email Address: privacy@synapsefi.com
Telephone: +1 (415)688-2943
Customer Service agents are available to answer your calls: Pacific Time (US): Monday – Friday (6:00 AM – 6:00 PM)
Physical Address:
Synapse Financial Technologies, Inc.
101 2nd Street, Suite 525, San Francisco, CA 94105
For questions or concerns about our privacy policies or practices, please contact us at:
Email Address: privacy@synapsefi.com
Telephone: +1 (415)688-2943
Customer Service agents are available to answer your calls: Pacific Time (US): Monday – Friday (6:00 AM – 6:00 PM)
Physical Address:
Synapse Financial Technologies, Inc.
101 2nd Street, Suite 525, San Francisco, CA 94105
1. What is Synapse Financial Technologies, Inc.?2. Collecting and Using Information3. Cookies and Other Tracking Technologies4. International Data Transfers5. “Do Not Track” Signals6. Advertising and Marketing Choices7. Third Party Links8. Security9. Children’s Privacy10. How Long is Your Personal Data Kept?11. Your Personal Data and Your Rights – Europe and the United Kingdom Only 12. Your Personal Data and Your Rights –United States Only (Including California)13. Your Choices and Rights – Rest of the World14. Accessibility15. How to Contact Us
