Privacy Policy

At Synthetron, we process big amounts of, mostly anonymous, data. This anonymous data does not provide any risk to personal privacy of the people connected to Synthetron. In most cases, Synthetron acts as a data processor for a client who is the data controller. Although anonymity and privacy are key values for Synthetron, we do collect some personal data. In this privacy policy, we will give a detailed explanation of what personal data we collect, how we collect it, and why we collect it. We care about privacy and therefore have taken measures to protect it, read all about these protection measures in our Security Policy. This privacy policy document covers the following issues:

• For each processing activity
  1. The information we collect and how we collect it.
  2. How we use personal data.
  3. The timeframe for keeping this personal data.
• How data is disclosed to others and third-party processors.
• How data is stored.
• How you can contact Synthetron concerning your privacy.

1. Processing activities

All data is segmented per activity and will not be used in a different way than specified in this Privacy Policy. For example, contact information gathered in the help desk will not be used to send newsletters to. Who, within the Synthetron team, is allowed to access personal data depends on the project and the expertise of the team member. Data sharing within the team will be kept to a minimum and is always susceptible to the Synthetron code of conduct and the NDAs signed by all employees.

1.1. Synthetron online dialogues

1.1.1. Session data

IP addresses of participants to the dialogue that are registered during the session. This information is collected automatically when participants enter the landing page of Synthetron sessions, through the links provided to them.ii. The IP addresses of participants to the dialogue are used during the sessions to make the software run smoothly and allow it to distinguish unique users online.iii. IP addresses gathered as stipulated in point 1.1 will be deleted automatically at the end of the Synthetron online dialogue. To guarantee complete anonymity of the dialogues, this IP address will not be in any of the reports that come out of these dialogues. Therefore, the dialogues don’t contain personal data anymore from the point that the session has finished.

1.1.2. Help desk

Contact information of persons that reach out to the Synthetron help desk if they are experiencing difficulties entering Synthetron dialogue sessions. Information includes but is not limited to: name and surname, email addresses, personal phone numbers, etc.ii. Contact information is used to help solve the problems that individuals experience while trying to participate in Synthetron online dialogues as well as for the Synthetron IT team to find, and fix, any bugs that might occur in the system.iii. Contact information through the help desk, as specified in point 2.1, will be deleted after three months.

1.1.3. Log data

Server log data, including IP addresses, is collected when a person uses any Synthetron service hosted on Synthetron servers.ii. Server log data is used to find bugs and improve Synthetron software.iii. Server log data will be kept until there is no use for it anymore. Where possible, the IP address will be encrypted or anonymized.

1.1.4. Segmentation data

During a session, some multiple-choice questions about specific personal information, like age group or gender, can be asked.ii. The sole purpose of collecting this data is to be able to segment large groups into smaller groups with common properties. In order to protect individual privacy, the questions are prepared in such a way that segments are no smaller than 8 persons. Segmentation information is at no point used for the identification of the individual participant.iii. Since the segmentation is essential for the reporting, the segmentation information is being kept together with the session data, as long as the detailed data is needed for reporting. When a question, unwillingly, caused the segmentation to create groups smaller than 8 people, this question is being discarded and ignored in the reporting.

1.2. Communication

1.2.1. Contacts in general

Contact information such as, but not limited to, email address, name, and last name. This is collected through personal business contacts, the Synthetron website, business relations of the Synthetron consultants, and people that reach out to Synthetron contact e-mail addresses.ii. Contact information is used for mailing lists. These lists are used for distributing newsletters on Synthetron's activities, as well as sending out invitations to Synthetron events such as Think Tanks, networking events, etc., using mailchimp.com.iii. Contact information used as specified will be stored as long as there is a need for. However, it is always possible to ask to be forgotten and not receive emails and invitations anymore. In order to do this contact this email address: support@synthetron.com.

1.2.2. Contact Information linked to a project

Contact information provided by the client (data controller) in order to successfully complete a project. The information that is shared is agreed upon beforehand, the exact use of this data is specified in the contract with the client.ii. Contact information as specified is used to successfully complete projects. This data may be used in different ways such as: sending out invites to the online dialogue, sending out invitations to participate in surveys, or any other activity agreed upon beforehand between the client and Synthetron. In these cases, Synthetron strictly acts as a data processor, the client is in control of the data (data controller).iii. Information provided by clients in order to complete projects will be deleted after the project is completed.

1.2.3. Social media

Contact information provided to Synthetron by persons choosing to follow Synthetron on various social media such as, but not limited to: Facebook, LinkedIn, Twitter, Instagram, etc.ii. The personal information provided through social media is strictly used to share updates with through social media channels. The personal information stored on these social media falls under the responsibility of the respective social media outlets and therefore is not under control of Synthetron. The personal information from these “followers” on social media is not used outside of the respective platform it is hosted on.iii. Contact information through social media will disappear if a person decides not to follow Synthetron anymore, no records are kept on this information.

1.3. Human resources

1.3.1. Job applications

Resumes of persons that contact Synthetron for potential job opportunities.ii. Resumes are kept confidential and will only be discussed internally by Synthetron.iii. Resumes are kept until the end of employment or will be deleted after a person has been turned down for a vacancy. Open job applications can be kept for a longer period.

2. How data is disclosed to others and third-party processors.

• Personal data can be shared in a secure way throughout the Synthetron team in order to make use of everyone’s expertise, as far as it is necessary for the purposes specified in this document. How Synthetron secures your information is specified in the Security Policy of Synthetron.
• Synthetron makes use of third-party processing software in order to execute its tasks. Third-party software can be split up into two different areas; online and offline. Following is a list of third-party software we frequently use, all are trusted entities that comply with GDPR rules:

• Online:
  • MailChimp
  • G-mail
  • MS SharePoint
  • Message bird
  • Google analytics
  • Zoom
• Offline:
  • Microsoft 365
  • Ucinet (network drawing software)
• Outside of these trusted processing tools, Synthetron will never share personal data with any other entities without explicit consent.

3. How data is stored

• All Synthetron servers are located in Frankfurt and operated by AWS and managed by Synthetron. Therefore, we are in full compliance with GDPR regulations.
• All third-party processors store European data in Europe according to GDPR rules.

4. How you can contact Synthetron concerning your privacy

• You always have the right to ask for any data we might have of you, and we will be happy to provide it. As personal data is not part of our core business, this will mostly be contact information as specified in this document. Contact us at: support@synthetron.com to inquire about your personal data.
• You always have the right to unsubscribe, or subscribe, from our mailing list. In order to unsubscribe, contact this email: support@synthetron.com.
• You have the right to be forgotten. If you want us to delete all data we have on you, feel free to contact us at support@synthetron.com.

‍

‍