Scope of The Policy
Privacy and Security Overview
We follow these guiding principles when dealing with any user data
- Retention - Your personal data such as files, folders or any other data from cloud providers is never stored on our servers beyond the duration of the functionality (such as copy or move files). However, if you directly upload or copy data to Syndoc Drive, then it is stored on our servers.
- Types - Only registration related data entered by you during sign-up process and cloud provider authentication token is stored on our servers in encrypted forms. For contacts integration and backup, contacts data will be stored encrypted in our servers. We do not store any other data on our servers (except when user chooses to upload or copy data to Syndoc Drive).
- Records - Any data such as user registration data entered by you (required for logging in to our site) is stored on our servers securely in encrypted form using AES and other encryption algorithms only and never in plain-text. Users may choose to upload Contacts data backup to our servers and any such data is stored securely using AES encryption.
- Processing - We use information only that is necessary for the specific functionality being used and for limited purposes only.
- Transmission - Any communication with cloud providers (and our back-end servers) is always done using HTTPS.
- Location - We store your data (i.e. registration data) in cloud servers in Amazon Web servers and Google cloud servers.
- Sharing - Your data will never be shared with any third party for commercial purposes.
Information Collection and Use
Customers and registered users of the Service ("Customers") use the Service to connect Customer applications and services ("Customer Services") to their users' third-party accounts ("End-User Accounts") and transfer data ("Customer Services Data") between the Service and End-User Accounts.
To use Syndoc services you must first register to our site which requires some basic information (like name,username,email address). We also collect information when you update your profile. We use this information for password recovery and for login to Syndoc account. We will not share your information with any third party outside of our organization. If your personal information changes in any way, you can make updates to your profile information by logging into your account on Syndoc at any time.
Anonymized data for troubleshooting and debugging purposes may be stored on the server. All troubleshooting data stored on server is completely anonymized and stored securely.
User uploaded Data
Syndoc offers free storage (also known as My Drive) as a temporary drive for registered users and users may choose to upload their files to MyDrive. Note that users may also choose to upload their Device Contacts data. This data is securely encrypted using AES encryption algorithm and stored in Syndoc database. This feature is completely voluntary and Syndoc will never upload any other data (apart from registration data and anonymized data for troubleshooting purposes).
Third-party connected accounts
Similar to End-User Accounts, you may choose to connect third-party accounts like (Google Drive, OneDrive, Dropbox & Amazon S3 Drive) of your own to the Service. This is treated the same as End-User Accounts.
Syndoc takes reasonable steps to protect information we collect from you to prevent loss, misuse and unauthorized access, disclosure, alteration, and destruction. Any transmission of personal information is at your own risk. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. While we take reasonable efforts to guard personal information we knowingly collect directly from you, no security system is impenetrable. We take precautions to protect your information by encrypting the Log-in password. We support two-step authentication, for all cloud accounts via Oath2 process without storing the contents. Instead you give permission to Syndoc to access your cloud accounts. Therefore, Syndoc just acts as a bridge to connect one cloud storage to another and we don’t have access to your OAuth token or app-specific password. None of your files are transferred, routed or stored in Syndoc servers (except when user chooses to upload or copy files to Syndoc Drive). Your files are uploaded and downloaded directly to and from cloud accounts over an encrypted link. The encryption is the same as in your web browser connection to cloud accounts. Your data is encrypted while in transit on the Internet, the same as if you were using a web-browser. You can choose to encrypt files and folders on supported cloud providers. This encrypts your files at-rest on Drive and provides a secure end-to-end encryption solution. Encrypting files on a cloud storage platform is recommended.