Skip to main content
Legal

Privacy
Policy

Effective Date

9/1/2025

Last Updated

9/25/2025

This Privacy Policy explains how Syrcha ("we," "our," "us," or "the Company") collects, uses, shares, and protects personal information when you use our website, products, and services.

We are committed to safeguarding your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant regulations.

01

Scope

This policy applies to all users of Syrcha's Services worldwide. It covers information collected:

  • When you visit our website or platform.
  • When you register for an account.
  • When you submit websites or apps for compliance scanning.
  • When you communicate with us (support, sales, inquiries).
02

Information We Collect

We collect the following categories of personal and service-related information:

a. Account Information

  • Name, email address, company name, and billing details.
  • Login credentials (encrypted).

b. Service Data

  • URLs and application endpoints you provide for scanning.
  • Scan results, compliance reports, and analysis logs.

c. Technical Data

  • IP addresses, device identifiers, browser type, and operating system.
  • Log files and diagnostic data.
  • Cookies and similar technologies (see Section 9).

d. Payment Information

  • Processed securely by third-party providers (e.g., Stripe, PayPal).
  • We do not store raw credit card details.

e. Communication Data

  • Records of support requests, feedback, or interactions with our team.
03

How We Use Information

We process collected information for the following purposes:

  • Service Delivery: To provide compliance scans, reports, and monitoring.
  • Account Management: To register, authenticate, and manage user accounts.
  • Payments: To process transactions and issue invoices.
  • Service Improvement: To troubleshoot, analyze, and enhance our Services.
  • Communications: To send service updates, security alerts, and product information.
  • Legal Compliance: To comply with applicable laws, enforce agreements, and protect rights.
05

Sharing and Disclosure

We do not sell personal data. We may share information with:

  • Service Providers: Cloud hosting (e.g., AWS, Hetzner), payment processors (e.g., Stripe), analytics tools.
  • Legal Authorities: If required by law or to protect rights and safety.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets.
06

Data Retention

  • Account Data: Retained as long as your account is active.
  • Scan Data: Retained for 12 months unless deleted earlier by the user.
  • Logs: Retained for 90 days for security and diagnostics.
  • Legal Records: Retained as required by law (e.g., tax obligations).

Users may request deletion of their data at any time (see Section 8).

07

Security

We implement appropriate technical and organizational measures, including:

  • Encryption in transit (TLS) and at rest.
  • Access controls and authentication safeguards.
  • Regular vulnerability assessments and monitoring.

However, no method of transmission over the Internet is 100% secure.

08

Your Rights

Depending on your location, you may have the following rights:

Under GDPR (EU/EEA):

  • Access, rectify, or erase personal data.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time.
  • Lodge a complaint with a supervisory authority.

Under CCPA (California):

  • Right to know what personal information we collect and how we use it.
  • Right to request deletion of personal information.
  • Right to opt out of sale of personal information (we do not sell data).
  • Right to non-discrimination for exercising your rights.

To exercise your rights, contact us at privacy@syrcha.com.

09

Cookies & Tracking Technologies

We use cookies and similar technologies for:

  • Authentication and session management.
  • Analytics and performance (e.g., Google Analytics, Plausible).
  • User preferences and settings.

Users may disable non-essential cookies via their browser settings or through our cookie banner.

10

International Transfers

If you access our Services from outside the country where we host data (e.g., outside the EU), your information may be transferred across borders. Where applicable, we use Standard Contractual Clauses (SCCs) or other approved safeguards to ensure compliance.

11

Children's Privacy

Our Services are not directed to children under the age of 16 (or 13, where applicable). We do not knowingly collect data from children.

12

Changes to this Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with the "Last Updated" date. We will notify users of significant changes by email or in-app notification.

13

Contact Us

If you have questions about this Privacy Policy or our practices, please contact us at:

Syrcha Privacy Team

Email: privacy@syrcha.com