Privacy Policy

Syntrisec Pte Ltd ("Syntrisec", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website syntrisec.com and use our services.

1. Information We Collect

1.1 Information You Provide Directly

When you interact with our website, we may collect the following information:

• Contact Information: First name, last name, work email address, job title, organization name
• Professional Information: Organization type, industry sector, job function
• Communication Data: Messages, inquiries, and feedback you provide through forms
• Marketing Preferences: Newsletter subscriptions, whitepaper downloads, demo requests

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain information about your device and browsing behavior:

• Usage Data: Pages visited, time spent on pages, click patterns, navigation paths
• Device Information: Browser type, operating system, device type, screen resolution
• Location Data: IP address, approximate geographic location (city/country level)
• Referral Information: Source of website traffic, UTM parameters, campaign attribution
• Cookies and Tracking Technologies: Session IDs, analytics cookies, performance cookies

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Service Delivery

• Respond to your inquiries and demo requests
• Provide customer support and technical assistance
• Process and fulfill your requests for whitepapers, resources, and content
• Schedule and conduct product demonstrations

2.2 Marketing and Communications

• Send you relevant information about our products and services
• Provide updates about healthcare cybersecurity trends and insights
• Personalize your experience based on your interests and organization type
• Conduct market research and gather feedback

2.3 Website Optimization

• Analyze website usage patterns to improve user experience
• Conduct A/B testing and performance optimization
• Monitor website security and prevent fraud
• Track marketing campaign effectiveness

2.4 Legal Compliance

• Comply with applicable laws and regulations
• Respond to legal requests and prevent fraud
• Enforce our terms and conditions
• Protect our rights, privacy, safety, or property

3. Third-Party Services

We use the following third-party services to operate our website and deliver our services:

3.1 Analytics Platforms

• Google Analytics 4: We use Google Analytics to understand how visitors interact with our website. Google Analytics collects information such as how often users visit the site, what pages they visit, and what other sites they used prior to coming to our site. Learn more at Google Privacy Policy.
• Microsoft Clarity: We use Microsoft Clarity to understand user behavior through session recordings and heatmaps. This helps us improve user experience and identify usability issues. Learn more at Microsoft Privacy Statement.

3.2 Form Processing

• Web3Forms: We use Web3Forms to process contact form submissions and send notifications to our team. Form data is transmitted securely via API. Learn more at Web3Forms Privacy Policy.

3.3 Marketing Platforms

• LinkedIn: We use LinkedIn advertising and tracking pixels to measure campaign effectiveness and retarget website visitors. Learn more at LinkedIn Privacy Policy.

3.4 Infrastructure

• Cloudflare: We use Cloudflare for website hosting, security, and performance optimization. Learn more at Cloudflare Privacy Policy.

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with our website.

4.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality and security
• Analytics Cookies: Help us understand how visitors use our website
• Marketing Cookies: Track campaign effectiveness and enable retargeting
• Performance Cookies: Improve website speed and user experience

4.2 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of our website. Most browsers allow you to:

• View what cookies are stored and delete them individually
• Block third-party cookies
• Block cookies from specific sites
• Block all cookies
• Delete all cookies when you close your browser

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

• Encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL
• Access Controls: Limited access to personal data on a need-to-know basis
• Secure Infrastructure: Hosting on secure, enterprise-grade infrastructure
• Regular Security Audits: Periodic assessment of our security practices
• Data Minimization: We only collect data necessary for stated purposes

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Contact Form Submissions: Retained for up to 3 years for business development purposes
• Analytics Data: Aggregated analytics data is retained for up to 26 months (Google Analytics standard)
• Marketing Communications: Retained until you unsubscribe or request deletion
• Legal Requirements: Some data may be retained longer for legal or regulatory compliance

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 General Rights

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Objection: Object to processing of your personal information
• Restriction: Request restriction of processing in certain circumstances
• Data Portability: Request transfer of your data to another service provider
• Withdraw Consent: Withdraw consent for data processing where consent was the legal basis

7.2 GDPR Rights (European Economic Area)

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

7.3 CCPA Rights (California)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including:

• Right to know what personal information is collected
• Right to know whether personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to deletion
• Right to non-discrimination for exercising CCPA rights

Note: Syntrisec does not sell your personal information to third parties.

8. Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data Transfers

Syntrisec Pte Ltd is based in Singapore. If you are accessing our website from outside Singapore, please be aware that your information may be transferred to, stored, and processed in Singapore and other countries where our service providers operate.

We ensure appropriate safeguards are in place for international data transfers, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with third-party service providers
• Compliance with applicable data protection frameworks

10. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals websites you visit that you do not want to be tracked. Currently, there is no standard for how DNT signals should be interpreted. We do not currently respond to DNT signals.

11. Business Email Requirement

We require business email addresses for form submissions to ensure communications are relevant to professional contexts. We do not accept personal email addresses from free providers (Gmail, Yahoo, Hotmail, etc.) for demo requests and partner inquiries.

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by:

• Posting the updated policy on this page
• Updating the "Last Updated" date at the top of this policy
• Sending email notification for material changes (if we have your email address)

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

14. Healthcare-Specific Considerations

Important Note: This Privacy Policy governs our website and marketing activities only. If you are a customer using Syntrisec's cybersecurity platform to protect healthcare systems and patient data, separate agreements govern the processing of Protected Health Information (PHI) and compliance with regulations such as HIPAA, HITECH, and other healthcare privacy laws.

Our website does not collect, process, or store any Protected Health Information (PHI) as defined under HIPAA. All healthcare-related discussions and demonstrations are conducted under separate Business Associate Agreements (BAAs) as appropriate.