Our mission is to enable companies to build and launch best-in-class financial services. In order to do so, we provide the technology link between our partner bank(s) and our partners (Platforms), enabling our Platforms to enable users like you to have access to certain banking services.
This Privacy Policy applies to you if you are (i) using a website or phone application that uses Synapse to provide to end-users like you such certain banking services or (ii) using our website synapsefi.com (“Website”).
By using our services, you agree to Synapse’s Privacy Policy. We may update this PrivacyPolicy from time to time and the continued use of our services means acceptance of this Privacy Policy. If you do not agree to the Policy as last revised, do not use (or continue to use) the Services (as defined below).
As a technology company nestled in the financial services industry, we take privacy and security very seriously as provided herein. To demonstrate our commitment to privacy and security, we have developed this Privacy Policy to explain how we may collect, retain, process, share, and transfer your information.
Policy Overview
1.1. In this Policy, “Services”refers to any products, services, content, features, technologies, or functions made available to you by Synapse as a technology service provider of our partner bank(s) via the website and/or phone application of the Platform. The terms “Synapse,” ****we”, “us” or“our” shall refer to Synapse Financial Technologies, Inc. The terms “you” or“your” shall refer to any individual or entity who accepts this Policy.
1.2. We may, in our sole and absolute discretion, change or modify this Policy, and any policies or agreements which are incorporated herein, at any time, and such changes or modifications shall be effective immediately upon posting to the Website. No revision or update will apply to a dispute which we had actual notice of prior to the date we posted the changes or modifications. We will notify you of such changes or modifications by posting them to the Website, and your use of theServices after such changes or modifications have been posted (as indicated by a “Last Revised” date) shall constitute your acceptance of the Policy as last revised. If you do not agree to the Policy as last revised, do not use (or continue to use) the Services.
Applicability and Scope
2.1. This Privacy Policy applies to your information when you visit the Website or use the Services via a Platform and does not apply to online websites or services that we do not own or control, including websites, mobile applications or services of our Platforms. This means that this Policy does not explain what our Platforms do with any of your information that we provide to them (or any other information they collect directly from you, their end user).
2.2. Information provided to third parties, such as our Platforms, shall be controlled by their respective privacy policies. We encourage you to review the privacy policies or notices of the Platform or other third parties for information about their practices.
Collection of Information.
3.1. We collect public and non-public information (i) when you visit our Website; (ii) when you communicate with us via our customer support channels; (iii) when you apply or sign up to use any of our Services via a Platform; (iv) when you communicate with our partner bank(s) or Platform; (v) we collect through third-party service providers and other sources; (vi) through online research on social media and websites, which may not be publicly available; and (vii) when you use any of our Services directly or via a Platform.
3.2. As a third-party service provider and agent of the bank partner(s) we collect data on behalf of the partner bank(s) to comply with applicable law and financial services regulation.
3.3. We also collect information in order to verify your identity when you apply or sign up to receive a service from us or our partner bank(s).
Types of Personal Data Collected
4.1. The information we collect may vary according to the Service we will be providing to you and your use of the Services.
4.2. We may collect the following information about individuals or businesses (“Data”):
4.2.1. Individuals’ Information: name or aliases, physical address, work address, phone number, email address, IP address, date of birth, gender, social security number or other tax identification number, result of sanctions screenings, government ID, photo identification, selfie, or video authorization, images of your face on your identification document (e.g., government-issued identification card) and/or video, your biometric facial identifiers, and other additional information you may provide, or additional information we may additionally request you to provide;
4.2.2. Business’ Information: entity legal name or aliases, including “doing business as” names, physical address, phone number, legal entity type, industry, organizational documents (e.g. articles of incorporation and bylaws), employer identification number, or other information relating to your authorized signors or beneficial owners, which may include the Individuals’ Information as provided above, or additional information we may additionally request you to provide;
4.2.3. External Bank Account Information: external financial institution name, account name, account type, branch number, account number, routing number, international bank account number (“IBAN”), information, data, passwords, authentication questions, materials or other content, transaction and available balance information;
4.2.4. Financial Data of Your Account With Us and Our Partner Bank: transactions and transaction history, including but not limited to ACH, Wire and card transactions, available account balance, card data, loan and debit amounts, loan types, payment plan, loan balance, linked bank accounts, salary and other income, sources of wealth, and other assets;
4.2.5. Background Check Data: background check information including credit and criminal checks, supporting research, and screenings, to the extent required or permitted by local law;
4.2.6. Recipients’ or Senders’ Data: when you send or request money through the Services, we may collect data such as name, postal address, telephone number, IP address, date of birth, and financial account information about the recipient or sender of the funds. The extent of data required about a recipient or sender may vary depending on the Services you are using to send or request money;
4.2.7. Third-Party Sources: we may obtain information from third-party sources such as Platform, merchants, recipients and senders of funds, data providers, identity verification providers, and credit bureaus, where permitted by law.
4.2.8. Digital Identity Information:
4.2.8.1. Services Metadata: when you interact with the Services, metadata is generated that provides additional context about the way you interact with the Services.
4.2.8.2. Log Data: our servers may automatically collect information about your visit to the Website and to Platform’s websites or mobile applications, including IP addresses and associated information, the address of the website visited before using the Website, browser type and settings, the date and time the Services were accessed and used, information about browser configuration and plugins, language preferences.
4.2.8.3. Device Information: your device “fingerprint” (e.g. hardware model, operating system and version, unique device identifiers and mobile network information) when you access our Website or use a Service via a Platform.
4.2.8.4. Location Information: we may receive information from you that helps approximate your location, such as using an IP address received from your browser to determine an approximate location. Further, we may also collect location information from devices in accordance with the consent process provided by your device.
Retention of Information
5.1. We retain your information to fulfill our legal or regulatory obligations and for our business purposes. We may retain your Data for longer periods than required by law if it is in our legitimate business interests and not prohibited by law.
5.2. If you stop using the Services and close an account with a Platform, we reserve our ability to retain and access the Data as provided in this Policy. We will continue to use and disclose such Data in accordance with this Privacy Policy.
5.3. All Data are stored in encrypted format in Synapse’s database.
Purposes of Collection and Use of Information
6.1. We use the information we collect or receive to operate, improve, and protect the Services we provide and to develop new Services.
6.2. More specifically, we collect and use your information:
6.2.1. To provide the Services, perform obligations under our agreements, and carry out related business functions, including performing data and transaction processing, conducting credit checks, handling user inquiries, and managing relationship;
6.2.2. To develop, improve, enhance, modify, add to, and further develop our Services;
6.2.3. To comply with legal obligations and regulations applicable to the Services and to our partner bank(s), including but not limited to “know your customer” obligations based on applicable anti-money laundering and anti-terrorism requirements, economic and trade sanctions, customer due diligence, suspicious activity reporting, foreign exchange and international trade, tax reporting and other applicable laws, regulations, ordinances, and obligations or requirements;
6.2.4. To confirm a person’s authority as a representative or agent of a user;
6.2.5. To conduct record keeping and otherwise manage the business;
6.2.6. To verify you, your identity, that the data provided is credible, and prevent fraud;
6.2.7. To protect you, our Platforms, or Synapse from fraud, malicious activity, and other privacy and security-related concerns;
6.2.8. To provide customer support to you or to our Platforms including to help respond to your inquiries related to our Services or our Platforms’ applications or website;
6.2.9. To send you technical notices, updates, security alerts and support and administrative messages;
6.2.10. To investigate any misuse of our Services or our Platforms’ applications or websites, including criminal activity or other unauthorized access to our Services;
6.2.11. For any other purpose with your consent.
6.3. We may use raw data or aggregated and anonymized data for the purposes provided in this Policy.
6.4. We use machine learning and facial recognition to verify the legitimacy of your identification documents, verify the factualness and credibility of the information you provide to us, and avoid fraud, by, among other actions, comparing biometric data with data previously or separately obtained. Based on the submitted identification document, Synapse programmatically creates a feature vector of the face displayed in such document and stores it in encrypted format in Synapse’s database. The vector cannot be used to reconstruct the original image. When a new user creates an account, Synapse programmatically compares that user’s vector against others in its database to help detect potential cases of identity theft. As with all Data, Synapse does not sell or rent the image, likeness, or vector to anyone, including marketers or other third parties, and does not use your Data for commercial purposes other than identity verification, financial loss mitigation, and regulatory compliance.