Privacy Policy

Version 2.0 Last Updated: March 8, 2026

Introduction

Welcome to SynthBoard AI ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered collaborative platform.

Business Information:

Service: SynthBoard AI
Contact: privacy@synthboard.ai

1. Information We Collect

1.1 Information You Provide

Account Information:

Name and email address
Authentication credentials (encrypted)
Profile information (avatar, preferences)
Payment information (processed securely via third-party providers)

Usage Data:

AI session transcripts and interactions
Agent configurations and custom prompts
Collaboration settings and team data
Referral and credit transaction history

Communications:

Support requests and feedback
Email preferences and notification settings

1.2 Automatically Collected Information

Technical Data:

IP address and geographic location
Browser type and version
Device information and operating system
Session duration and navigation patterns
Cookies and similar tracking technologies

Performance Analytics:

Feature usage statistics
API usage and cost metrics
Error logs and diagnostic data

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Delivery

Provide and maintain our AI collaboration platform
Process AI requests and generate responses
Manage your account and authentication
Process payments and credit transactions
Enable collaboration features and session sharing

2.2 Service Improvement

Analyze usage patterns to enhance features
Develop new AI capabilities and integrations
Optimize performance and cost efficiency
Conduct research and analytics

2.3 Communication

Send transactional emails (session updates, receipts)
Provide customer support
Send marketing communications (with your consent)
Notify you of policy updates or service changes

2.4 Security & Compliance

Detect and prevent fraud or abuse
Enforce our Terms of Service
Comply with legal obligations
Protect user safety and platform integrity

3. AI Data Processing

3.1 AI Provider Integration

SynthBoard AI integrates with third-party AI providers (Anthropic Claude, OpenAI, Google Gemini, Perplexity). When you use our service:

Your prompts and session data are sent to these providers
Providers process data according to their own privacy policies
We do not sell your AI conversation data
You can delete your session history at any time

Provider Privacy Policies:

3.2 Data Retention

Active Sessions: Stored until you delete them
Deleted Sessions: Permanently removed within 30 days
Account Data: Retained while your account is active
Backups: Maintained for 90 days for disaster recovery

4. Information Sharing and Disclosure

4.1 We Do NOT Sell Your Data

We will never sell your personal information or AI conversation data to third parties.

4.2 When We Share Information

Service Providers:

Payment processors (Paddle)
Email delivery (Resend)
Cloud infrastructure (Vercel, Supabase)
Analytics tools (anonymized data only)

Legal Requirements:

To comply with laws, regulations, or legal processes
To protect our rights or property
To prevent fraud or security threats
In connection with business transfers (mergers/acquisitions)

With Your Consent:

Shared sessions (when you explicitly share with others)
Team collaboration (with designated team members)
Public features (if you opt-in to community features)

5. Data Security

We implement industry-standard security measures:

5.1 Technical Safeguards

Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
Authentication: Secure OAuth 2.0 with Google/GitHub
Access Control: Role-based permissions and least-privilege principles
Infrastructure: Enterprise-grade hosting with Vercel and Supabase
Monitoring: Security monitoring and intrusion detection

5.2 Organizational Safeguards

Periodic security reviews and vulnerability assessments
Access limited to necessity
Incident response procedures
Ongoing security awareness practices

5.3 Your Responsibility

Use strong, unique passwords
Enable two-factor authentication when offered
Keep your account credentials confidential
Report suspicious activity immediately

6. International Data Transfers

Your data may be transferred to and processed in:

United States: Cloud infrastructure providers
European Union: Regional compliance requirements

We ensure adequate protection through:

Standard Contractual Clauses (SCCs)
EU-US Data Privacy Framework (where applicable)
GDPR-compliant data processing agreements

7. Your Privacy Rights

7.1 Under GDPR (EU Users)

You have the right to:

Access: Request a copy of your data
Rectification: Correct inaccurate information
Erasure: Request deletion of your data ("right to be forgotten")
Portability: Receive your data in a structured format
Restriction: Limit how we process your data
Objection: Object to processing for marketing purposes
Withdraw Consent: Opt-out of optional data processing

7.2 Exercising Your Rights

To exercise any privacy rights:

Email: privacy@synthboard.ai
Response time: Within 30 days
Verification: We may request identity verification

8. Cookies and Tracking

8.1 Cookies We Use

Essential Cookies:

Authentication and session management
Security and fraud prevention
Load balancing and performance

Analytics Cookies (Optional):

Usage patterns and feature adoption
Performance monitoring
A/B testing and optimization

8.2 Cookie Management

You can control cookies through:

Browser settings (reject all or specific cookies)
Our cookie preferences center
Do Not Track signals (honored where applicable)

Note: Disabling essential cookies may limit functionality.

9. Children's Privacy

SynthBoard AI is not intended for users under 18 years of age. We do not knowingly collect information from minors. If we discover data from a user under 18, we will delete it promptly.

10. Third-Party Links

Our service may contain links to external websites. We are not responsible for their privacy practices. Please review their privacy policies before providing any information.

11. California Privacy Rights (CCPA)

California residents have additional rights:

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of data "sales" (we don't sell data)
Right to non-discrimination for exercising privacy rights

Contact for CCPA requests: privacy@synthboard.ai

12. Data Breach Notification

In the event of a data breach affecting your personal information:

We will notify you within 72 hours
Notification will include the nature of the breach and affected data
We will provide remediation steps and support

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be:

Posted on this page with a new "Last Updated" date
Notified via email for material changes
Effective immediately upon posting (unless otherwise stated)

Your continued use of SynthBoard AI after changes constitutes acceptance.

14. Contact Us

For privacy-related questions, concerns, or requests:

Email: privacy@synthboard.ai Support: support@synthboard.ai

Data Protection Officer: For GDPR inquiries: dpo@synthboard.ai

15. Regulatory Information

EU Supervisory Authority (GDPR): Find your local authority: edpb.europa.eu

Thank you for trusting SynthBoard AI with your data. We are committed to transparency, security, and your privacy rights.