Effective December 2, 2020
Synacor, Inc. (collectively with its affiliated companies (including, but not limited to, NTV Internet Holdings, LLC, Sync Holdings, LLC, and Zimbra Software, LLC), "Synacor", "our", "us", or "we") is a cloud-based software and services company whose customers ("Customers") include video, internet and communications providers, device manufacturers, governments, and other enterprises. Our mission is to enable our Customers to better engage with their clients and other users of their products and services...
This policy describes our practices and your options with respect to the types, methods of collection, use, sharing, and processing of "Personal Information" (i.e., information about an identified or identifiable natural person) that we collect in the ordinary course of business in connection with your use or enjoyment of the following "Services":
- websites, hosted email, mobile applications, and other services that we provide to or mange for our Customers ("Customer Applications");
- advertising that we provide on Customer Applications, in email, in mobile applications, and to third parties for their websites; and
- various websites and applications that Synacor owns and operates ("Synacor Applications").
2. Information We Collect About You and How We Collect It
The Personal Information that we collect depends on how you use our Services and how you manage your privacy controls on your device. For instance, when you use the Services, we store the content you create, upload, or receive from others. This includes things like the emails you write and receive if you are using our email service, or comments you make on blogs. In addition, if any of our Services include user-generated content, we will collect any Personal Information contained therein. Because our Services may change from time-to-time, our methods for collecting and your options for managing Personal Information preferences may change as well.
Information You Provide to Us
Via Customer Applications
When you create an account on a Customer Application, you provide us with Personal Information that includes your user name and a password. You might also provide your phone number or your email address to receive updates or information about our Services or those of our Customers. When authorized by a Customer, we collect Personal Information that you provide via the Customer Application. This may include your login credentials, demographic information such as zip code or age, and other information that you provide completing the registration or sign-in process, responding to surveys, requesting product information, or otherwise.
You may choose not to provide Personal Information via the Customer Applications, but doing so may limit or prevent website functionality as a result. Please note that we do not control the data collected via the Customer Applications, we only act as a data processor of this data on behalf of our Customers. As a data processor, we will not share, sell, rent, or trade with third parties for their marketing purposes any Personal Information collected by us, except as provided in this policy.
Via Synacor Applications
We also collect Personal Information that you provide to us via the Synacor Applications. In this situation, we are the data controller. Some examples of situations where you might provide Personal Information to us include:
- creating an account;
- signing up for email messages, newsletters and other information;
- completing a form related to one of our products or Services;
- uploading a resume and applying for a job; and
- contacting us for technical support or customer service.
If you choose to correspond with Synacor through email, Synacor may retain the content of the correspondence, email addresses, and our responses. If you sign-up to receive marketing emails or other communications from us and would like to discontinue receiving this information, you may update your email preferences by using the "Unsubscribe" link found in email messages we send to you or by contacting us as set forth at the end of this policy (see Contact Us).
If you apply for a job via the Synacor Applications, we collect (through our job application service provider) Personal Information that you provide us, such as your name, email address, physical address, phone number and other information contained on your resume. We use a third-party service provider to manage our job postings and resume submittals. The third party is prohibited from using your Personal Information for any purposes, except for purposes for which it was provided to such third party or otherwise related thereto, unless we obtain your consent or required by any applicable law.
Information We Collect
Applications, Browsers, and Devices
When you download and use our Services through a mobile application, we automatically collect information on the type of device you are using, operating system version, the device identifier, and other similar information.
We send you notifications from time-to-time in order to update you about events or promotions that we may be running. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information. If you no longer wish to receive these notifications, you may turn them off on your device.
We collect information about your activity while using our Services. This activity information may include:
- terms you use when conducting an online search;
- videos you watch;
- views and interactions with content and ads;
- voice and audio information when you use audio features;
- purchase activity;
- people with whom you communicate via email or share content; and
- activity on third-party sites and apps that use our Services.
Your Location Information
We collect information about your location when you use our Services. Your location can be determined with varying degrees of accuracy by:
- browser or device-provided location information;
- IP address;
- information about things near your device, such as Wi-Fi access points, cell towers, and Bluetooth enabled devices; and
- zip code.
The types of location data we collect depends in part on your device and account settings. For example, you can turn your Android device’s location on or off using the device’s settings application. You can also turn on location history if you want to save and manage your location information.
Information Collected Automatically
We gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, domain type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.
We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, and to enhance our marketing, analytics, and site functionality. IP addresses are also used to provide us an audit trail in the case of any attempted illegal or unauthorized use of the Services.
We use analytics software to allow us to better understand and improve the functionality of our mobile applications on your devices. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any Personal Information you submit within the mobile applications.
Cookies and other Similar Technologies
Technologies such as cookies, beacons, tags, scripts, and other similar technologies are used by Synacor and our advertising partners, affiliates, analytics and service providers, and other third parties. These technologies are used in analyzing trends, advertising auditing and reporting, content personalization, administering the Services, tracking users’ movements around the Services, and gathering demographic information about the user base as a whole. We may receive reports containing information from these technologies that relates to you individually or multiple individuals (including you) in the aggregate.
Personal Information We Collect From Other Sources
Synacor may work with third-party service providers to augment some of the information you provide via the Services. For example, if you have provided your email address, we may work with a third-party data company to determine your age and zip code, and add that information to our database to create more tailored advertising, content, and products for you.
3. How We Use Your Information
How we use your Personal Information depends on factors such as how you communicate with us, how you utilize our Services, what preferences you have communicated to us, among other factors. Generally, we use your Personal Information in the ordinary course of business for the purpose of delivering our Services. In addition to other uses referenced in this policy, our use of your Personal Information may include:
- to provide Services;
- to process payments;
- to market and promote our Services;
- to support functionality on a Synacor Application or a Customer Application;
- to communicate with you about, and support your use of, our Services;
- to improve the quality of our Services;
- to enhance safety and security, including the protection of Personal Information from loss or theft or unauthorized access, acquisition, disclosure, modification or use;
- to provide you with customized content according to your preferences and entitlements;
- to provide aggregate reporting, including disclosing aggregated information and user statistics to current and prospective Customers, advertisers, and content partners in connection with our Services;
- other legitimate business purposes consistent with applicable law; and
- other purposes with your consent.
4. Sharing of Information by Synacor
Your Personal Information will be shared with all companies affiliated with Synacor, Inc. We will not, however, share your Personal Information with any individuals or non-affiliated companies, except in the circumstances described in this section or as otherwise set forth in this policy.
With Your Consent
We will share your Personal Information when we have your consent and only for the specific reasons for which you give consent or other reasons related thereto.
Synacor will share Personal Information if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably appropriate for legal reasons which may include:
- to comply with any applicable law, or governmental request for information (such as a subpoena, court order, or similar legal process);
- to detect, prevent, or otherwise address fraud, security, or technical issues; or
- to protect against harm to the rights, property, or safety of Synacor, its Customers, and other third parties, or as required or permitted by law.
Synacor provides Personal Information to its affiliates and other third parties to process the Personal Information for us, based on our instructions, and in compliance with applicable law and commercially reasonable security measures. For example, we use third-party service providers to help us with customer support.
We may transfer any Personal Information or other information in our possession to any purchaser (or successor to such purchaser) of all, or substantially all, of our business or assets that concern our Services.
We may share with third parties (including, but not limited to, publishers and advertisers), aggregated usage and demographic information collected via the Services. We also allow third parties to collect information from your browser or device for advertising or other purposes using their own cookies or similar technologies.
Third Party Business
We use a variety of third parties to provide products or services to, or together with, Synacor (including, but not limited to, payment processing). When any such products or services relate to you, we may share your Personal Information with those third parties. Any third parties receiving your Personal Information may use it for any purpose for which Synacor could use it.
We collaborate with other parties to provide and manage advertising displayed via the Services. These other parties may use technologies (such as cookies) to gather information about your browsing activities in order to provide you advertising based upon your preferences and interests.
Synacor may receive payments or other valuable consideration for facilitating such advertising. Customization of ads to personal preferences and interests requires us to provide your personal information to the advertisers and other parties used by us to place advertising.
Advertising revenue is necessary in order for Synacor to provide the Services. Please note that opting out of interest-based or contextually-based ads does not stop you from receiving ads. You will continue to receive non-targeted ads.
5. Sharing Your Own Information with Others
If you choose to use the Services by posting comments to blogs, forums, or other editorial sections available via the Services, any information you submit there can be read, collected, or used by others. Therefore, when using blogs, forums, other editorial sections available via the Services, or otherwise posting information online, we urge you to think carefully before disclosing any Personal Information that might be used to identify you or anyone else. When you publish any such Personal Information, it becomes public and we are not responsible for what others may do with the information you choose to submit through these features.
We may also post on Synacor Applications customer testimonials, comments, and reviews provided by you regarding Synacor and the Services. In doing so, we will obtain your consent prior to posting any testimonial containing your Personal Information. If you want your testimonial, comments, or reviews removed, please contact us as set forth at the end of this policy (see Contact Us).
If a password is used to help protect your accounts and information, it is your responsibility to keep your password confidential. Do not share this information with anyone. If you are sharing a computer with anyone, you should always log out before leaving a website or service to protect access to your information from subsequent users.
6. Information Relating to Children
The Services are not directed at those 16 years of age and younger. Synacor does not knowingly collect Personal Information from anyone under the age of 16. If Synacor is made aware that it has received Personal Information from someone under 16, it will use reasonable efforts to remove that Personal Information from its records. Children under the age of 16 should not post in any of the blogs, forums, or other editorial sections of, or otherwise use the Services.
7. Updating, Correcting or Deleting Personal Information
Synacor does not represent or warrant that any Personal Information held by it is accurate or error-free.
If you are a user of the Synacor Application and would like us to correct or delete any Personal Information that you have provided to us, please contact us as set forth at the end of this policy and, except in certain situations, we will process your request within a reasonable period of time after receipt, not to exceed forty-five (45) days. If we will not process your request, we will notify you of the reason why. Upon your request, Synacor will also provide you with information about whether or not we hold any of your Personal Information.
8. Data Retention
We will retain Personal Information that we process, whether for us or on behalf of a Customer, for a period of time that is consistent with the purposes for which it was collected, as required under applicable law or to comply with our other legal obligations, resolve disputes, and perform and enforce our agreements. If you wish to cancel your account on a Customer Application or request that we no longer use your Personal Information to provide a Customer Application, you should contact such Customer. If you wish to cancel your account on a Synacor Application or request that we no longer use your Personal Information to provide a Synacor Application, you should contact us using our contact information at the end of this policy (see Contact Us).
9. Social Media and Widgets
10. Security Procedures
We have implemented a variety of security measures to protect Personal Information that we receive, including containing all Personal Information behind a secured server network and restricting access to only permit a limited number of authorized persons who have access rights to such systems. Anyone with access to Personal Information is subject to confidentiality obligations and may be disciplined or terminated if they fail to meet those obligations. We follow commercially reasonable measures (or other standards required by applicable law) to protect the Personal Information submitted to us, both during transmission and while in our possession. We also review our information collection, storage, and processing practices, including physical security measures, to reduce the likelihood of unauthorized access to our systems. However, no method of electronic storage or transmission is 100% secure. Therefore, while we use commercially reasonable measures to protect your Personal Information, we cannot guarantee its absolute security.
11. Third Party Practices
We utilize framing techniques on some pages displayed via the Services to make it appear that the user is still on a Synacor or Customer website, as applicable, when the user is actually on a third-party website. Please be aware that, if you are providing your Personal Information on these third-party websites, you are providing such Personal Information to these third parties and not to Synacor, and that the privacy policies of these third parties will apply to your Personal Information.
13. Data Transfers
Your Personal Information may be processed on servers located outside of the jurisdiction where you live. Data protection laws vary among jurisdictions, with some providing more protection than others. Regardless of where your information is processed, Synacor will follow the provisions described in this policy.
When we receive formal written complaints, we respond by contacting the person who made the complaint. Solely to the extent required by applicable law, we work with the appropriate regulatory authorities to resolve any complaints regarding the transfer of your Personal Information that we cannot resolve with you directly.
14. Privacy Shield
Synacor participates in, and has certified its compliance with, the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Synacor is committed to subjecting all Personal Information received from the European Union, United Kingdom, and Switzerland to compliance with the Privacy Shield Framework and to the Privacy Shield Framework’s Principles. To learn more about the Privacy Shield, visit the U.S. Department of Commerce’s Privacy Shield website at www.privacyshield.gov.
Synacor is responsible for the processing of Personal Information it receives under the Privacy Shield Framework and subsequently transfers to a third party. Synacor complies with the Privacy Shield Framework for all onward transfers of Personal Information from the European Union, United Kingdom, and Switzerland (including the onward transfer liability provisions).
With respect to Personal Information received or transferred pursuant to the Privacy Shield Framework, Synacor is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Synacor may be required to disclose Personal Information in response to a lawful request by public authorities (including, but not limited to, a request to meet national security or law enforcement requirements).
Upon certification to the Privacy Shield, Synacor (1) was included on the list of companies that have so certified located at www.privacypolicy.gov and (2) received a Certificate of Validation evidencing its compliance with the EU-US and Swiss-US Privacy Shield Framework for Personal Information from an independent third party that specializes in compliance and security.
In compliance with the Privacy Shield Framework, Synacor commits to resolve complaints about our collection, use, retention, or transfer of your Personal Information. EU and Swiss individuals with inquiries or complaints regarding our compliance with the Privacy Shield Framework should first contact Synacor as set forth at the end of this policy (such inquiries or complaints are "Privacy Shield Inquiries").
We will provide an initial response to Privacy Shield Inquiries within forty-five (45) days after receiving it, unless we extend the response period for a reasonable cause. Further, we will follow our standard procedures for responding to Privacy Shield Inquiries. If there is any conflict between your rights under the Privacy Shield Framework and Synacor’s procedures for handling any Privacy Shield Inquiries, the Privacy Shield Framework shall govern.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at www.trustarc.com/consumer-resources/dispute-resolution.
Under certain conditions, more fully described on the Privacy Shield website at www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Synacor has further committed to cooperate with the panel established by the European Union data protection authorities and the Swiss Federal Data Protection and Information Commissioner with regard to unresolved Privacy Shield Inquiries concerning human resources data transferred to the United States from the European Union and Switzerland in the context of the employment relationship.
In light of the judgment of the Court of Justice of the EU in Case C-311/18 and an opinion of the Federal Data Protection and Information Commission (FDPIC) of Switzerland, Synacor does not rely on the EU-U.S. or Swiss-U.S. Privacy Shield Framework as a legal basis for transfers of personal data (although it continues to abide by the Framework). Synacor is implementing standard contractual clauses for transfers on an as-needed basis. For more information about transfers from the EU to U.S. or Switzerland to U.S., please visit the visit the U.S. Department of Commerce’s Privacy Shield website.
15. Required Actions and Disclosures
Under certain circumstances, applicable laws may permit you to make a request to us about Personal Information that we collect. Such requests should be delivered to us using the instructions found in the 'Contact Us' section at the end of this policy. To the extent required by applicable law, following our receipt of a properly delivered request, we will respond, disclose, delete, or take such other action as is legally appropriate.
For example, if you are a resident of California, you may make a request pursuant to the California Consumer Privacy Act (the "CCPA") to have Synacor, among other things:
- Disclose to you, for the preceding 12-month period:
- (a) the categories of Personal Information that we have collected about you;
- (b) the categories of sources from which we collected your Personal Information;
- (c) the purpose for collecting your Personal Information;
- (d) the categories of third parties with whom we have shared your Personal Information;
- (e) the specific pieces of Personal Information we have about you; and
- (f) the categories of any Personal Information that we have sold or disclosed for a business purpose, and the categories of third parties to whom we have sold or disclosed for a business purpose such Personal Information; and
- Except in certain circumstances, delete your Personal Information that we have collected.
Any such request permitted under the CCPA (1) can only be made twice in a 12-month period, (2) will require us to collect certain information in order to verify the identity of the person making the request, and (3) should be submitted to Synacor as set forth at the end of this policy or using the link "California Request". We will respond to verified requests within 45 days after receiving it.
In addition, if you are a resident of California you may opt-out of the sale of your Personal Information by using this link "Do Not Sell My Personal Information". You will not have to create an account with us in order to direct us not to sell your Personal Information.
The CCPA requires certain additional disclosures. Such disclosures can be found at this link www.synacor.com/personal-data.
Other rights may be available to individuals pursuant to applicable law. Synacor will not discriminate against any individual for exercising any right made available to such individual under applicable law.
The current version of this policy (including its effective date) will be posted on applicable Synacor Applications. We reserve the right to modify this policy at any time. If we make changes to this policy, we will post the updated policy to applicable Synacor Applications and indicate its effective date. It is your responsibility to periodically check Synacor Applications for changes to this policy, and we are not required to send you any email or other notice regarding such changes, although we may do so in our sole and absolute discretion.
17. Contact Us
Please direct all questions regarding this policy, the practices and procedures outlined in this policy, Personal Information held by Synacor, and concerns regarding the Services to Synacor’s Data Processing Officer as follows:
Regular mail: Synacor, Inc.
Attn: Data Processing Officer
40 La Riviere Drive, Suite 300
Buffalo, NY 14202;
Email: firstname.lastname@example.org; or
Toll free no. 1-877-492-9484