Legal

Privacy Policy

Effective date: April 28, 2026

This Privacy Policy explains how SYNOPI Business AI, a product of Synchronous ICT Ltd., collects, uses, stores, and protects personal and business data when customers use our website, AI communication platform, and related services.

1. Data Controller

Synchronous ICT Ltd. ("Synchronous ICT", "SYNOPI", "we", "us") is the data controller for website and account-level data. Business customers using SYNOPI are generally the data controllers for customer conversation data processed through the platform.

2. Data We Collect

2.1 Information you provide directly

  • Name, email, phone number, company details, and inquiry messages.
  • Account registration and billing contact details.
  • Support requests, onboarding materials, and business configuration inputs.

2.2 Information collected from service usage

  • Conversation metadata (timestamps, channels, status, escalation events).
  • Order, booking, lead, and campaign activity records created inside SYNOPI.
  • Audit logs, role-based access logs, and API usage logs.

2.3 Payment and transaction context

  • Payment status and transaction references from integrated payment workflows such as bKash/Nagad and payment gateway processes.
  • We do not intentionally store full card numbers, PINs, OTPs, or CVV values in plain text.

3. Sensitive Data and Redaction

Where technically available in the platform flow, SYNOPI applies automated redaction controls for sensitive identifiers (for example card data, OTP-like strings, and national ID patterns) before long-term storage. Customers are responsible for configuring channels and scripts to avoid intentional collection of prohibited payment credentials.

4. How We Use Data

  • To deliver AI voice/chat services, booking and order workflows, and escalation handling.
  • To provide account administration, technical support, onboarding, and service improvements.
  • To maintain security, prevent fraud/abuse, and investigate incidents.
  • To process billing, invoices, usage reconciliation, and payment disputes.
  • To comply with legal/regulatory obligations and legitimate law-enforcement requests.

5. Legal Bases

We process data based on contractual necessity, legitimate interest in operating and securing services, consent where required (for specific communications), and legal obligations. Business customers are responsible for collecting end-customer consent where their use case requires it.

6. Data Sharing

We may share data with:

  • Infrastructure providers, communication channel providers, and operational subprocessors necessary to run the platform.
  • Payment and settlement partners for processing relevant transactions.
  • Professional advisers, auditors, or authorities where legally required.

We do not sell personal data to third parties for unrelated advertising markets.

7. Retention

Retention periods vary by data category, service plan, and contractual settings. We retain logs and service records as needed for service continuity, security review, accounting, and legal obligations. Customers may request retention configuration aligned to their compliance needs.

8. Data Residency and Cross-Border Processing

SYNOPI is operated by a Bangladesh-based company with local support operations. Depending on deployment architecture and integrated providers, some processing components may occur across multiple jurisdictions. Contractual safeguards and access controls are used to protect data in transit and at rest.

9. Security Controls

  • Role-based access controls and authentication measures.
  • Immutable audit logging for critical administrative changes.
  • Operational monitoring and incident response procedures.
  • Transport-layer security for web/API communication.

10. Your Rights

Depending on applicable law and your role (end user vs. business customer), you may request access, correction, deletion, processing restriction, or objection. Business customers can also request account closure and export support according to contract terms.

11. Children's Data

SYNOPI is designed for business use and is not intended for direct use by children. If we learn that data has been submitted inappropriately, we will take reasonable steps to remove or restrict it.

12. Cookies and Web Tracking

Our website uses cookies and similar technologies for essential session handling, security, and website analytics. See our Cookie Policy for details.

13. Changes to This Policy

We may update this policy from time to time. The latest version and effective date will always be posted on this page.

14. Contact

Email: [email protected]

Address: 76, Shantinagar, Dhaka, Bangladesh