The protection of privacy is important when processing personal data. Personal data is therefore handled and secured with the utmost care, in accordance with the General Data Protection Regulation (GDPR). In this Privacy Statement regarding the Synigo app, we inform you about how Synigo handles your personal data and how you can exercise your rights with regard to your personal data.
Purpose of the privacy statement
The purpose of this privacy statement is to inform app users of Synigo Pulse app about the processing of personal data by Synigo. Synigo processes personal data in order to be able to perform its duties properly as an Independent Software Vendor. The law sets rules for the processing of personal data.
Important information for controlling your data
Most customer data in Synigo Pulse is self-controlled by the user as he or she determines whether it is processed or not. This is by design as Synigo Pulse integrates with your employers Microsoft 365. Data is cached on Synigo’s system for performance objectives. Synigo caches data. By not using the system the data will be erased after a maximum of 3 days and a minimum of 1 hour. After Microsoft has updated their indexes Pulse is updated within 1 hour. Backups are kept for 90 days.
Synigo distinguishes two types of methods a user can control his or her data:
- Self-control: in this case the user has full control whether or not his or her data is processed by Synigo.
- Request-control: in this case the customer can make a request in order to stop processing his or her data by Synigo.
The personal data that is classified as self-control is managed by the user by means of using his or her own Microsoft 365 account that gives access to his or her Microsoft 365 tenant. From a user perspective he or she has two further kinds of self-control:
- The user can manage the personal data directly and by himself fully in Microsoft 365, e.g. his or her birth day.
- The user can manage the personal data only through the administrator of the Microsoft 365 tenant, e.g. his or her e-mail address. The administrator of the Microsoft 365 tenant is usually a colleague from the ICT-department.
Personal data that is classified as request-control can be managed by making a request to Synigo. You can do this by sending an e-mail to firstname.lastname@example.org and ask for the data. Synigo will follow up within 30 days. Note that the user should first contact the right contact person at his or her organization (customer). In most organizations this is the administrator or administrative contact person that decided to purchase Synigo Pulse and manages the Microsoft 365 environment.
2.2. Customer Data will be used only to provide Customer the Services including purposes compatible with providing those services. Synigo will not use Customer Data or derive information from it for any advertising or similar commercial purposes. As between the parties, Customer retains all right, title and interest in and to Customer Data. Synigo acquires no rights in Customer Data, other than the rights Customer grants to Synigo to provide the Services to Customer. The use of Customer Data by Synigo will be limited to the extent that such use is strictly necessary for providing the Services to Customer. Synigo will not use Customer Data beyond such extent and will not derive information from it for any advertising or similar commercial purposes. This paragraph does not affect Synigo’s rights in software or services Synigo licenses to Customer.
Disclosure of Customer Data
2.3. Synigo will not disclose Customer Data outside of Synigo except (1) as Customer directs, (2) as described in this agreement, or (3) as required by law.
2.4. Synigo will not disclose Customer Data to law enforcement unless required by law. If law enforcement contacts Synigo with a demand for Customer Data, Synigo will attempt to redirect the law enforcement agency to request that data directly from Customer. If compelled to disclose Customer Data to law enforcement, Synigo will promptly notify Customer and provide a copy of the demand unless legally prohibited from doing so.
2.5. Upon receipt of any other Third-party request for Customer Data, Synigo will promptly notify Customer unless prohibited by law. Synigo will reject the request unless required by law to comply. If the request is valid, Synigo will attempt to redirect the Third-party to request the data directly from Customer.
2.6. Synigo will not provide any Third-party: (a) direct, indirect, blanket or unfettered access to Customer Data; (b) platform encryption keys used to secure Customer Data or the ability to break such encryption; or (c) access to Customer Data if Synigo is aware that the data is to be used for purposes other than those stated in the Third-party’s request.
2.7. In support of the above, Synigo may provide Customer’s basic contact information to the Third-party.
2.8. Customer understands that Synigo may possess limited or no contact information for Customer’s students and students’ parents. Consequently, Customer will be responsible for obtaining any parental consent for any end user’s use of the Service that may be required by applicable law and to convey notification on behalf of Synigo to students (or, with respect to a student under 18 years of age and not in attendance at a postsecondary institution, to the student’s parent) of any judicial order or lawfully-issued subpoena requiring the disclosure of Customer Data in Synigo’s possession as may be required under applicable law.
2.9. Synigo is committed to helping protect the security of Customer’s information. Synigo has implemented and will maintain and follow appropriate technical and organizational measures intended to protect Customer Data against accidental, unauthorized or unlawful access, disclosure, alteration, loss, or destruction.
2.10. If Synigo becomes aware of any unlawful access to any Customer Data stored on Synigo’s and/or Third-party equipment or in Synigo’s and/or Third-party facilities, or unauthorized access to such equipment or facilities resulting in loss, disclosure, or alteration of Customer Data (each a “Security Incident”), Synigo will promptly (1) notify Customer of the Security Incident; (2) investigate the Security Incident and provide Customer with detailed information about the Security Incident; and (3) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Incident.
2.11. Notification(s) of Security Incidents will be delivered to one or more of Customer’s administrators by any means Synigo selects, including via email. It is Customer’s sole responsibility to ensure Customer’s administrators shared accurate contact information. Synigo’s obligation to report or respond to a Security Incident under this section is not an acknowledgement by Synigo of any fault or liability with respect to the Security Incident.
2.12. Customer must notify Synigo promptly about any possible misuse of its accounts or authentication credentials or any security incident related to a Service.
Location of Data Processing
2.13. The Geographical location of the data-center that hosts Synigo Pulse is The Netherlands (Azure region West Europe).
2.14. The Geographical location of Office 365 is based on the client’s own Office 365 subscription. Customer controls this location.
2.17. Synigo may offer preview, beta or other pre-release features, data center locations, and services ("Previews") for optional evaluation. Previews may employ lesser or different privacy and security measures than those typically present in the Services. Unless otherwise provided, Previews are not included in the SLA for the corresponding Service.
Use of Subcontractors
2.18. Synigo may hire subcontractors to provide services on its behalf. Any such subcontractors will be permitted to obtain Customer Data only to deliver the services Synigo has retained them to provide and will be prohibited from using Customer Data for any other purpose. Synigo remains responsible for its subcontractors’ compliance with Synigo’s obligations in this agreement.
How to Contact Synigo
2.19. If Customer believes that Synigo is not adhering to its privacy or security commitments, Customer may contact customer support. Synigo’s mailing address is:
Attn: Chief Security Officer
Zuthpenseweg 31 C-8
7418 AH Deventer
In the DPT, the term “Synigo Online Services” applies only to the services in the table below, excluding any Previews, and “Customer Data” includes only Customer Data that is provided through use of those Synigo Online Services.
Synigo Online Services
The following services are included in the service: Synigo Portal, Synigo Pulse Service, Synigo Pulse Native App.
The Synigo API acts as an interface to Third-party services.
Processors and Sub-processors
3.1. For the Synigo Online Services, Synigo is a data processor acting on Customer’s behalf. As data processor, Synigo will only act upon Customer’s instructions. The End User Agreement and along with Customer’s use and configuration of features in the Synigo Online Services, are Customer’s complete and final instructions to Synigo for the processing of Customer Data. Any additional or alternate instructions must be agreed to according to the process for amending Customer’s agreement, instructions issued by the Autoriteit Persoonsgegevens (AP) excepted. If implementing the AP’s instructions is not financially or technically feasible according to Synigo, either Synigo or Customer can immediately terminate the Subscription. If the cost of implementing the AP’s instructions as estimated by Synigo, is not financially acceptable to Customer, Customer can immediately terminate the Subscription.
3.2. Duration and Object of Data Processing. The duration of data processing shall be for the term designated under Customer’s licensing agreement. The objective of the data processing is the performance of the Synigo Online Services.
3.3. Scope and Purpose of Data Processing. The scope and purpose of processing of Customer Data, including any personal data included in the Customer Data, is described in the DPT and Customer’s licensing agreement.
3.4. Customer Data Access. For the term designated under Customer’s licensing agreement Synigo will, at its election and as necessary under applicable law either: (1) provide Customer with the ability to correct, delete, or block Customer Data, or (2) make such corrections, deletions, or blockages on Customer’s behalf.
3.5. Synigo acts a data processor and relies in its Synigo Online Services on two known sub-processors. In case of transfer to countries outside the EU, this will be governed by The EU Model clauses for the transfer of personal data to third countries.
3.6. Microsoft acts as a sub-processor in regard to certain services. Microsoft’s Online Services Terms that apply to the services can be found here: https://www.microsoft.com/en-us/TrustCenter/Compliance/EU-Model-Clauses.
3.7. Synigo uses the following hosting services: Azure Active Directory, App Service (API Apps, Mobile Apps, Web Apps), Backup, Load Balancer, Log Analytics (formerly Operational Insights), Machine Learning, Management Portal, Redis Cache, Scheduler, Service Bus, SQL Database, Storage, Traffic Manager, IIS, Visual Studio Team Services.
3.8. The Synigo Pulse platform allows the Customer to send push notifications to a native app. To make this possible securely, Synigo Pulse works with a so-called Device Registration Token. The token used to identify a recipient of a push notification. To do this, the Synigo Pulse platform uses a special combination token, namely a token that is a combination of mobile device and app. This token allows customers to send push notifications to the installed app. This token is generated by the installed app and stored in our back-end services. The channel is encrypted with SSL via TCP.
Access & Security
3.9. Synigo Pulse is a web application that can be accessed by users of the Customer using their regular Microsoft Active Directory / Office 365 credentials. Users are authenticated using the mechanisms the Customer has in place. This means that the Customer and/or Third-party that is assigned by Customer to execute administration responsibilities, controls who is allowed to access their company portal, Synigo Pulse. Microsoft Azure Active Directory (Azure AD) makes sure that only authorized users can access the computing environments, data, and applications. Synigo Pulse is only accessible through a TLS 1.2 connection.
3.10. Synigo Online Services relies on the federated authentication process, configured by the Customer, regulated by Microsoft Azure. Customers can configure the level of security to access their applications here, for example Multi-factor authentication, or the use of an ADFS environment. If a user’s authentication process (signing in) is finished successfully, we receive a SAML token (with a very limited validity time) from Microsoft with which we can retrieve 2 tokens:
3.11. 1) A user token: This token is used to identify the user and allows this user to access the Microsoft graph, as well as our systems (Expires in 1 hour).
3.12. 2) A refresh token (expires in 90 days). Basic account information such as the UPN (User Principle Name). TenantId (the id given by O365 to this users tenant).
3.13. When the user token expires, Synigo Pulse needs to retrieve a new one, using the refresh token. If the user is locked out or deleted, the user will be signed out and cannot sign in again. When the refresh token is expired, the user needs to sign in again.
3.14. All calls to the Microsoft systems are done in the context of this user token. This token is encrypted and cached by Synigo, in a SQL database (behind a Firewall) and can only be accessed by the UPN, given by Microsoft after signing in (Synigo uses claims to store this information).
3.15. Two types of data are stored by Synigo Pulse: 1) Personalization settings and 2) CMS (Content Management System) content, such as news.
3.16. Personalization settings: These are stored in a SQL database (behind a Firewall) and can only be accessed by the UPN, provided by Microsoft as part of the Office 365 subscription the Customer has. It is impossible to temper with both the UPN and TenantId, as they are given to us by Microsoft, when signing in. This process takes place on the server side, so users cannot manipulate these values. It is impossible to retrieve any document from the CMS without a tenant id and which does not belong to your tenant.
3.17. General Practices. Synigo has implemented and will maintain and follow for the Synigo Online Services the following security measures, which, in conjunction with the security commitments in the End User Agreement, are Synigo’s only responsibility with respect to the security of Customer Data.
Data Recovery Procedures
- All files are replicated three times and backup daily.
- Disaster recovery: In fatal situations Synigo Pulse allows the database to be restored to any point in time within a database’s retention period (30 days). The applies to the whole tenant.
- Full database backups happen weekly, differential database backups generally happen every few hours, and transaction log backups generally happen every 5 - 10 minutes.
- On an ongoing basis, but in no case less frequently than once a week (unless no Customer Data has been updated during that period), Synigo maintains multiple copies of Customer Data from which Customer Data can be recovered.
- Synigo logs data restoration efforts, including the person responsible, the description of the restored data and where applicable, the person responsible and which data (if any) had to be input manually in the data recovery process.
Data Beyond Boundaries
- Synigo encrypts, Customer Data that is transmitted over public networks.
- Event Logging. Synigo logs, access and use of information systems containing Customer Data, registering the access ID, time, authorization granted or denied, and relevant activity.
Synigo maintains a record of security privileges of individuals having access to Customer Data.
Synigo maintains and updates a record of personnel authorized to access Synigo systems that contain Customer Data.
- Synigo deactivates authentication credentials that have not been used for a period of time not to exceed three months.
- Synigo identifies those personnel who may grant, alter or cancel authorized access to data and resources.
- Synigo ensures that where more than one individual has access to systems containing Customer Data, the individuals have separate identifiers/log-ins.
- Technical support personnel are only permitted to have access to Customer Data when needed.
- Synigo restricts access to Customer Data to only those individuals who require such access to perform their job function.
- Synigo uses industry standard practices to identify and authenticate users who attempt to access information systems.
- Synigo ensures that de-activated or expired identifiers are not granted to other individuals.
If you have any questions about this statement or about the way in which Synigo handles your personal data, please contact email@example.com. Even if you want to exercise your privacy rights and cannot contact your own employer for this, you can contact us.