Privacy Policy

Last Updated: January 15, 2025

We take your privacy seriously at SynapConnect. This comprehensive policy explains how we collect, use, and protect your personal information when you use our budget approval workflow platform.

Information We Collect

Account Information

When you create an account with SynapConnect, we collect basic information including your name, email address, company name, and job title. This information helps us provide personalized service and ensure proper access controls within your organization's budget workflow system.

Usage Data

We automatically collect information about how you interact with our platform. This includes login times, features accessed, approval actions taken, and system performance metrics. We use this data to improve our service and identify potential security issues.

Financial Workflow Data

As part of our budget approval workflow service, we process transaction details, approval histories, budget categories, and related financial metadata. This information is essential for providing our core service but is handled with the highest level of security.

Data Type Purpose Retention Period
Account Details Service provision and communication Until account deletion
Usage Analytics Platform improvement and security 24 months
Financial Workflow Data Core service functionality 7 years (compliance requirement)
Support Communications Customer service and issue resolution 3 years

How We Use Your Data

We use your personal information exclusively for legitimate business purposes related to providing and improving our budget approval workflow platform. Here's exactly how we use different types of data:

  • Service Delivery: Processing budget approvals, maintaining workflow histories, and ensuring proper access controls within your organization
  • Platform Improvement: Analyzing usage patterns to enhance features, fix bugs, and optimize performance
  • Security Monitoring: Detecting suspicious activities, preventing fraud, and maintaining system integrity
  • Customer Support: Responding to your inquiries, troubleshooting issues, and providing technical assistance
  • Legal Compliance: Meeting regulatory requirements specific to financial workflow systems in South Korea

Important: We never use your financial data for marketing purposes or share it with third parties for their commercial benefit. Your budget information stays strictly within the scope of our service provision.

Data Sharing Practices

Limited Sharing Scenarios

We maintain strict controls over data sharing and only share your information in these specific circumstances:

  • Within Your Organization: Budget workflow data is shared with authorized users in your company according to the access permissions you configure
  • Service Providers: Trusted vendors who help us operate our platform, such as cloud hosting providers and security monitoring services
  • Legal Requirements: When required by South Korean law, court orders, or regulatory investigations
  • Business Transfers: In the unlikely event of a merger or acquisition, though we would notify you in advance

Third-Party Service Providers

We work with carefully selected partners who help us provide our service. These include cloud infrastructure providers, payment processors, and security monitoring services. All partners sign strict data processing agreements and are prohibited from using your data for their own purposes.

Security Measures

Protecting your financial data is our top priority. We implement multiple layers of security to safeguard your information:

Technical Safeguards

  • AES-256 encryption for all data at rest and in transit
  • Multi-factor authentication required for all user accounts
  • Regular security audits and penetration testing
  • Automated threat detection and response systems
  • Secure coding practices and regular security updates

Operational Security

  • Strict employee background checks and security training
  • Limited access to personal data on a need-to-know basis
  • Regular security awareness training for all staff
  • Incident response procedures and breach notification protocols

We maintain ISO 27001 certification and comply with South Korean Personal Information Protection Act (PIPA) requirements. Our security practices are regularly audited by independent third parties.

Your Privacy Rights

Under South Korean privacy law, you have several important rights regarding your personal information. Here's how to exercise each right:

Access Right

Request a copy of all personal information we hold about you. We'll provide this within 10 business days at no charge.

Correction Right

Ask us to correct any inaccurate or incomplete personal information. Most account details can be updated directly in your profile settings.

Deletion Right

Request deletion of your personal information, subject to legal retention requirements for financial records.

Processing Suspension

Ask us to stop processing your data for specific purposes while we investigate concerns about accuracy or lawfulness.

How to Exercise Your Rights

To exercise any of these rights, send a detailed request to our privacy team at [email protected]. Include your account information and specify exactly what you're requesting. We'll respond within 10 business days and may ask for additional verification to protect your privacy.

Data Retention

We keep your personal information only as long as necessary for the purposes outlined in this policy or as required by law. Different types of data have different retention periods:

  • Account Information: Retained until you delete your account, then anonymized within 30 days
  • Financial Workflow Records: Kept for 7 years after account closure to comply with South Korean financial record-keeping requirements
  • Usage Analytics: Aggregated and anonymized after 24 months
  • Support Communications: Deleted after 3 years unless needed for ongoing legal matters
  • Security Logs: Retained for 12 months for security monitoring purposes

When we delete your data, we use secure deletion methods that make recovery impossible. Backup systems are purged according to the same schedule.

International Data Transfers

Cross-Border Data Processing

While SynapConnect is based in South Korea, we may process your data in other countries where our service providers operate. This includes cloud hosting facilities in Japan and Singapore that provide redundancy and performance optimization for our South Korean users.

Transfer Safeguards

When we transfer data internationally, we ensure adequate protection through:

  • Contractual data protection clauses with all international service providers
  • Regular audits of international partners' security practices
  • Encryption of all data during transfer and storage
  • Compliance with South Korean data export requirements

Cookies and Tracking

Essential Cookies

We use essential cookies that are necessary for our platform to function. These include session management, security tokens, and user preference storage. These cookies cannot be disabled if you want to use our service.

Analytics and Performance

With your consent, we use analytics cookies to understand how users interact with our platform. This helps us improve performance and identify features that need enhancement. You can opt out of these cookies in your account settings.

Cookie Management

You can control cookie preferences through your browser settings or our cookie preference center. Note that disabling essential cookies will prevent proper platform functionality.

Third-Party Services

Our platform integrates with several third-party services to provide comprehensive budget workflow functionality:

  • Cloud Infrastructure: Amazon Web Services (AWS) for secure hosting and data processing
  • Payment Processing: Local South Korean payment providers for subscription billing
  • Email Services: Secure email providers for system notifications and communications
  • Analytics Tools: Privacy-focused analytics to improve our service

All third-party integrations are carefully vetted for security and privacy compliance. We maintain data processing agreements with each provider that restrict how they can use your information.

Policy Updates

We may update this privacy policy periodically to reflect changes in our practices, legal requirements, or service features. When we make significant changes, we'll notify you through:

  • Email notification to your registered address
  • Prominent notice on our platform dashboard
  • Updated policy posting with revision date

Minor updates, such as clarifications or contact information changes, will be posted without additional notification. We encourage you to review this policy periodically to stay informed about how we protect your privacy.

Privacy Contact Information

Privacy Officer

For privacy-related questions or concerns, contact our dedicated privacy team:

Email: [email protected]

Phone: +827088651680

Address: Gyeonggi-do, Bucheon-si, Sosa-gu, Okgil-ro, 129 KR Ssangyong Plaza 4th Floor

Response Time: Within 10 business days

If you're not satisfied with our response to privacy concerns, you have the right to file a complaint with the Korea Communications Commission (KCC) or the Personal Information Protection Commission.

This privacy policy is effective as of January 15, 2025, and applies to all users of the SynapConnect platform. By using our service, you acknowledge that you have read and understand this policy.