Privacy Policy

Below is a clean, customizable privacy policy draft for a startup website and SaaS product. It is written for a U.S.-based company with business users, and it can be adapted for Synapse Foundry AI.

You will still want counsel to review it before publishing, especially if you collect health data, operate internationally, or support regulated customers.

Privacy Policy

Effective Date: [Month Day, Year]
Last Updated: [Month Day, Year]

Synapse Foundry AI, Inc. (”Synapse Foundry AI,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it through this Privacy Policy.

This Privacy Policy describes how we collect, use, disclose, and otherwise process personal information when you visit our website, use our products and services, communicate with us, or otherwise interact with us.

  1. Scope

This Privacy Policy applies to personal information we collect through:
• our website,
• our products and services,
• sales, marketing, and customer support interactions,
• events, webinars, and other business activities.

This Privacy Policy does not apply to information we process on behalf of customers as a service provider or processor under a separate customer agreement. In those cases, our processing is governed by the applicable agreement with the customer.

  1. Information We Collect

We may collect the following categories of information:

A. Information you provide directly

We may collect information you provide to us, such as:
• name,
• work email address,
• phone number,
• company name,
• job title,
• account credentials,
• billing and transaction information,
• communications you send to us,
• information submitted through forms, demo requests, or support requests.

B. Information collected automatically

When you use our website or services, we may automatically collect certain information, including:
• IP address,
• device identifiers,
• browser type and settings,
• operating system,
• referring URLs,
• pages viewed,
• clicks and interactions,
• dates and times of access,
• log and usage data,
• cookie and similar technology data.

C. Information from third parties

We may receive information from third parties, such as:
• analytics providers,
• marketing partners,
• authentication providers,
• payment processors,
• publicly available sources,
• business partners and referral sources.

D. Customer data

If you use our services, we may process data submitted to the platform by or on behalf of our customers. We process such data in accordance with our agreements with customers and applicable law.

  1. How We Use Information

We may use personal information for the following purposes:
• to provide, operate, maintain, and improve our website, platform, and services,
• to create and manage accounts,
• to respond to inquiries, requests, and support issues,
• to provide demos, onboarding, and customer service,
• to communicate about updates, security notices, and administrative matters,
• to send marketing communications, where permitted by law,
• to personalize content and improve user experience,
• to analyze trends, usage, and performance,
• to detect, investigate, and prevent fraud, abuse, security incidents, and other harmful activity,
• to comply with legal obligations and enforce our agreements,
• to protect our rights, users, systems, and business.

  1. Legal Bases for Processing

Where required by applicable law, we process personal information on one or more of the following legal bases:
• performance of a contract,
• compliance with a legal obligation,
• our legitimate interests,
• your consent.

  1. Cookies and Similar Technologies

We and our service providers may use cookies, pixels, local storage, and similar technologies to:
• operate and secure our website and services,
• remember preferences,
• understand usage and performance,
• support analytics,
• support marketing and advertising, where applicable.

You can control cookies through your browser settings. Depending on your jurisdiction, you may also have additional rights to opt out of certain cookie-based processing.

  1. How We Disclose Information

We may disclose personal information to:

A. Service providers

We may share information with vendors and service providers who perform services on our behalf, such as hosting, analytics, communications, payment processing, customer support, security, and infrastructure services.

B. Business partners

We may share information with business partners in connection with integrations, joint offerings, events, or other business relationships, subject to appropriate safeguards.

C. Corporate transactions

We may disclose information in connection with an actual or proposed merger, acquisition, financing, asset sale, bankruptcy, or other corporate transaction.

D. Legal and safety-related disclosures

We may disclose information where necessary to:
• comply with law, regulation, legal process, or governmental request,
• enforce our terms and agreements,
• protect the rights, property, and safety of us, our users, customers, or others,
• detect or prevent fraud, abuse, or security issues.

E. With your direction or consent

We may disclose information where you direct us to do so or otherwise consent.

  1. Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:
• provide our services,
• maintain business and tax records,
• comply with legal obligations,
• resolve disputes,
• enforce agreements,
• protect our business and systems.

Retention periods may vary depending on the nature of the information and the context in which it was collected.

  1. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, loss, misuse, alteration, and disclosure.

No method of transmission over the internet or method of storage is completely secure. We cannot guarantee absolute security.

  1. International Data Transfers

We may transfer, store, and process personal information in the United States and other countries where we or our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

Where required, we take appropriate steps to provide safeguards for cross-border transfers.

  1. Your Rights and Choices

Depending on your jurisdiction, you may have rights regarding your personal information, including the right to:
• access personal information,
• correct inaccurate personal information,
• delete personal information,
• object to or restrict certain processing,
• withdraw consent where processing is based on consent,
• request portability of certain information,
• opt out of marketing communications.

You may opt out of marketing emails by using the unsubscribe link in those emails. Even if you opt out of marketing messages, we may still send you service-related or transactional communications.

To exercise applicable rights, contact us at: [privacy@synapsefoundry.ai]

  1. U.S. State Privacy Rights

If you reside in a U.S. state that grants privacy rights, you may have additional rights under applicable law, subject to limitations and exceptions, including rights to know, access, delete, correct, and opt out of certain processing.

We will not unlawfully discriminate against you for exercising applicable privacy rights.

To submit a request, contact us at: [privacy@synapsefoundry.ai]

  1. Children’s Privacy

Our website and services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected personal information from a child under 13, contact us and we will take appropriate steps to investigate and address the issue.

  1. Third-Party Links and Services

Our website or services may contain links to third-party websites, integrations, or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version and revise the effective date above. Where required by law, we will provide additional notice.

  1. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

Synapse Foundry AI, Inc.
[Mailing Address]
[City, State ZIP]
Email: [privacy@synapsefoundry.ai]

Optional Addendum for B2B AI / Enterprise AI Companies

You may want to add language like this if it fits your operations:

AI and Model Improvement

We may use data collected through our website, communications, and service interactions to improve our products, services, and security. We do not use customer confidential information or customer-submitted data to train generalized models except as expressly permitted by contract.

Customer-Controlled Data Processing

Where we process personal information on behalf of enterprise customers, we do so as a service provider or processor and in accordance with the customer’s instructions and applicable agreements.

Security and Governance Controls

We implement controls designed to support privacy, confidentiality, and secure deployment, including access controls, logging, monitoring, and other safeguards appropriate to the nature of our services.

Fields you should fill in before publishing
• Effective date
• Legal entity name
• Company address
• Privacy email
• Whether you use cookies/analytics/ads
• Whether you process personal data on behalf of customers
• Whether customer data is used for model training
• Whether you support international users
• Whether you need a separate HIPAA, GDPR, or CCPA/U.S. state addendum