If you do not agree with this Policy, do not download, sign up, or use the Cynoia SA. Services.
What information do we collect from users visiting our website or using our Services?
We may collect the following kinds of information from and about you:
Cynoia may receive information about you from other services you choose to use, such as integrations, according to their terms and policies. We may use information received for the purposes, described in ‘How we use the information we collect’ section of this Policy.
Device information and location :
We may collect information from or about the computers, phones or other devices where you install or access our Services, including but not limited to device locations, such as through GPS, Bluetooth, or Wi-Fi signals. We may associate the information we collect from your different devices, to help us provide the Services consistently across your devices.
Log and cookie data :
We automatically collect information provided by your browser or operating system through the Services, such as your Internet protocol (IP) address and other browser or device identifiers, browser type, operating system, crash data, pages that you visit before using the Services, the date and time of your visit, information about your activities and actions (the links you follow or pages you view) within the Services and other standard server log information.
What if you choose to disable cookies in your browser?
Access to some features or Services will be disabled or may function improperly.
Do we intentionally collect data from children under the age of 16 ?
Cynoia Services are not intended for children under 16 years of age, and we do not knowingly collect personal information from children under 16. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information immediately. If you believe we might have any information from or about a child under 16, please contact us at: [email protected]
When do we collect personal information ?
Browsing Cynoia web pages is possible without indication of personal data. However, if a person wants to use Cynoia services via our website or apps, processing of personal data is necessary for the proper delivery of the Services. The user signs up for a team space account on the Cynoia website with the indication of personal data. The personal data we receive is determined by the form used during the signup process. By signing up on the Cynoia website, the IP address, date and time (timestamp) of the registration are also stored.
The storage of this data is the only way to prevent the misuse of our Services, and, if necessary, to make it possible to investigate committed offenses. Moreover, the storage of this data is necessary to secure Cynoia as a data controller. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.
How do we use the information we collect ?
We use the collected information to provide and improve the Services delivered by Cynoia SA. Company. Examples of such use include:
Cynoia uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time.
Customer testimonials and comments :
We post customer testimonials and comments on our Websites, which may contain Personal Information. We obtain each customer's consent via email prior to posting the customer's name and testimonial.
Use of credit card information :
If you give us credit card information, we use it solely to check your financial qualifications and collect payment from you. We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of credit card processing on our behalf.
What information do we collect and use from our newsletter subscribers ?
On the Cynoia websites, users have an opportunity to subscribe to our newsletter. Cynoia informs its customers and business partners regularly by means of a newsletter about product updates and marketing insights. Cynoia newsletter is sent to users if: the user has an existing email address and gives consent to subscribe to the newsletter.
During the subscription to the newsletter, we also store the IP address, date and time of the subscription. The collection of this data is necessary to understand the possible misuse of the email address of the user at a later date, and it serves as the legal protection of the Cynoia SA. company.
The personal data collected as part of a subscription for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by email in case of modifications to the newsletter delivery, or during the change in technical circumstances. We do not transfer any personal data collected by the newsletter service to third parties.
Data retention, account deactivation and deletion :
We store data until it is no longer necessary to provide our Services or until your account is deleted – whichever comes first. This is a case-by-case determination that depends on the nature of the data, why it is collected and processed, and relevant legal or operational retention needs.
It is your right to request deleting a team space, and we reserve the right to process your request up to 30 business days.
Once the team space is deleted, the team space URL of a deleted team cannot be reused. You can create a new team space any time choosing any team space URL available.
We do not interfere with the flow of your team space and do not process deleting team space members that can be done by team space owner or admins.
Team space owner can only be suspended or deleted by team space admins.
We can transfer the team space role to any active team space member, upon request from the team space owner themself.
Safety and security :
The information that we have is used to help us verify accounts and to promote safety and security on and off our Services: investigating suspicious activity or violations of our terms or policies. Protection of your team space data is a top priority for our teams of engineers, using automated systems and advanced technology such as encryption and machine learning. For example, we use automated technologies to detect suspicious activity, that may harm you, other users or our Services.
How is the information shared ?
We may share the information we collect in the following circumstances:
Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies. We may also retain information from accounts disabled for violations of our terms for at least a year to prevent repeat abuse or other violations of our terms and policies.
What is our legal basis for processing data ?
We collect, process and share the data to:
What are your rights under the General Data Protection Regulation ?
Under the General Data Protection Regulation (GDPR), you have the right to access, rectify, export and erase your data, as well as the right to restrict and object to certain processing of your data including:
How do you access and modify the information we hold about you ?
Currently, while Cynoia is at the early access stage, you can request us to modify or export the personal identifiable information in Cynoia web or desktop apps or by contacting [email protected]
Please note that the processing of data export is done semi-automatic and may take 90 days or more, depending on the amount of data. By the time of public release, we will deliver all the necessary tools for managing, accessing and exporting your data in your Cynoia team space settings. Once your request is processed you will see the changes immediately in your team space on Cynoia, but the data will be retained by Cynoia in the backup copy for a commercially reasonable amount of time.
How do we secure the information we store?
Cynoia SA. have implemented measures designed to secure your personal information from accidental loss, unauthorized access, use, alteration and disclosure. All information you provide to us is stored on secure servers behind firewalls.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Cynoia network is quarterly tested on penetration to prevent any potentially vulnerable spots. We use audit policies, file system encryption for database files, data transfer encryption and password encryption on the application layer.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. File system and file storage are encrypted together with isolated storages for each team on Cynoia.
In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. Any billing transactions will be encrypted, processed through a gateway provider and not stored or processed on our servers.
We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information. Your files and personal information are stored using a GDPR ready third-party provider AWS in a controlled environment with limited access.
High level of privacy is maintained by the access to your team space data by invitation only. While signing in to Cynoia you can't guess that the team space exists or find out the team space creator. Sign in to Cynoia is implemented with one-time codes, which are more secure and harder to exploit (unlike using a password for a sign in).
Our company also got extensive internal policies and perform regular data protection trainings for our team members. Moreover, our facilities are protected with alarm systems and all confidential documents are locked and appropriately destroyed if no longer needed.
However, safety and security of your information also depend on you. Where we have given you (or where you have chosen) one-time code or password for access to Cynoia Services, you are responsible for keeping the code or password confidential. We ask you not to share your code or password with anyone. We urge you to be careful about giving out information in public areas of the Cynoia apps. The information you share in public areas may be viewed by any user of the Cynoia app.
Unfortunately, the transmission of information via the internet and mobile platforms is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the absolute security of your personal information transmitted through our Cynoia apps. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures we provide.
Google Account Authentication & Privacy :
Accounts are added to the Software using OAuth authentication.
OAuth is a secure mechanism which gives the Software access to your Google account data without letting us know your password.
This token is valid during your use of the Software. If you remove an account, or uninstall the Software, you’ll be prompted to re-authorize the Software for each Google Account using OAuth.
We only use the authorization to support certain Software features like consult calendars events, access drive functions... if requested. This information is local, and not stored on, or transmitted to, our servers.
The Software will require access to your Google account(s) and user data for the following purposes:
- To access and read your Google account profile information to retrieve, use, and display your account name and account photo or image in the Software.
- To access and read your Google Drive files when you use certain features of the Software to display, retrieve, edit, or download those files.
- To upload your files to your google drive space from the software.
- To access and read your Google Calendar and calendar entries to provide you with notifications of upcoming events.
Once again, no data provided from google services are stored in our own servers but instead localy stored and client machine.
Do we transfer data internationally ?
The Services we provide to you together with using the service providers, you understand and agree that information may be stored or processed by us in different locations worldwide. For example, information collected from the European Economic Area (EEA) may be transferred to countries outside of the EEA for the purposes described in this Policy. We maintain standard contract clauses approved by the European Commission, and rely on the Commission decisions on certain countries, dealing with data transfer from the EEA to the United States and other countries. For most recipients of your personal data, this involves only your email address and profile details you provide. This information is vital for us to deliver the Services to you. We have audited our service providers and they have all publicly expressed that they are GDPR compliant.
California Online Privacy Protection Act :
According to CalOPPA, we agree to the following:
How does our site handle Do Not Track signals ?
We don't honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don't honor them because: DNT is active for guest users.
Does our site allow third-party behavioral tracking ?
It's also important to note that we do not allow third-party behavioral tracking.
Fair Information Practices :
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
CAN SPAM Act :
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
To be in accordance with CANSPAM, we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can email us at [email protected] and we will promptly remove you from ALL correspondence.
How will we notify you of changes to this Policy ?
Contact information :
THE DOT, Rue du Lac Malaren
1053 Tunis ,Tunisia