1. Information We Collect

When you use our platform or engage with our services, we collect different types of information. Some you provide directly – others we gather through your interactions with our systems.

Personal Information You Provide

This includes data you give us when creating an account, contacting support, or using our automation tools:

• Name, email address, phone number, and residential address
• Financial information necessary for investment automation setup
• Business details and investment preferences
• Communication preferences and support inquiry details
• Identification documents required under Australian financial regulations

Automatically Collected Information

Our systems collect certain data automatically as you interact with our platform:

• Device information (browser type, operating system, IP address)
• Usage patterns and feature interaction data
• Log files and technical diagnostics
• Cookie data and session information
• Performance metrics for service optimization

2. How We Use Your Information

We use collected data to provide and improve our investment automation services. Here's what that looks like in practice:

3. Data Sharing and Disclosure

There are specific circumstances where we share information with trusted partners or as required by law. We're careful about who gets access and why.

Service Providers

We work with third-party companies that help us operate our platform. These include cloud hosting providers, payment processors, and security services. They only receive the information needed to perform their specific functions and are contractually obligated to protect your data.

Financial Institutions

Investment automation requires coordination with banks, brokerages, and financial data providers. We share necessary information to execute transactions and maintain account connections – but only what's required for these operations.

Legal Requirements

We may disclose information when required by Australian law, court orders, or regulatory authorities. This includes compliance with ASIC requirements, AML/CTF obligations, and responses to valid legal processes.

Business Transfers

If Synapserix merges with another company or undergoes a business transition, your information may be transferred as part of that transaction. You'll be notified of any such changes.

4. Your Privacy Rights Under Australian Law

The Australian Privacy Act gives you specific rights regarding your personal information. Here's what you can do:

• Access: Request copies of the personal information we hold about you
• Correction: Ask us to update or correct inaccurate information
• Deletion: Request removal of your data (subject to legal retention requirements)
• Restriction: Limit how we process certain information
• Objection: Object to specific data processing activities
• Data Portability: Receive your data in a structured, commonly used format
• Withdraw Consent: Revoke previously given permissions (where consent is the legal basis)

To exercise these rights, contact our Privacy Officer using the details at the end of this policy. We'll respond within 30 days and verify your identity before processing requests.

5. Data Security and Protection

Protecting your information is something we take seriously. Our security approach includes multiple layers:

Technical Safeguards

• 256-bit encryption for data transmission and storage
• Regular security audits and vulnerability assessments
• Multi-factor authentication for account access
• Automated threat detection and monitoring systems
• Regular backup procedures with encrypted storage

Organizational Measures

• Strict access controls limiting who can view personal data
• Employee training on data protection practices
• Confidentiality agreements with all staff members
• Incident response protocols for potential breaches
• Third-party security certifications and compliance standards

Despite our efforts, no internet transmission is completely secure. We can't guarantee absolute security but maintain industry-standard protections and continuously update our practices.

6. Data Retention Periods

We keep your information only as long as needed for the purposes outlined in this policy. Different types of data have different retention schedules:

Active Account Data

While your account remains active, we retain all information necessary to provide services, maintain security, and meet ongoing regulatory requirements.

After Account Closure

Following account closure, we retain certain records for 7 years as required by Australian financial regulations. This includes transaction histories, account documentation, and communications related to financial activities.

Marketing and Analytics Data

Non-essential marketing information is typically deleted within 2 years of your last interaction with our platform, unless you've opted into ongoing communications.

You can request earlier deletion of certain data types – we'll accommodate where legally permissible.

7. Cookies and Tracking Technologies

Our platform uses cookies and similar technologies to function properly and improve your experience. Here's what we use and why:

Essential Cookies

These are necessary for basic platform operations – maintaining your login session, remembering your preferences, and ensuring security. You can't disable these without affecting core functionality.

Performance Cookies

We collect anonymous usage statistics to understand how people interact with our platform. This helps us identify issues and improve features. These don't identify you personally.

Managing Cookie Preferences

Your browser settings allow you to refuse or delete cookies. Be aware this might limit some platform features. Our cookie banner lets you manage non-essential cookies directly.

8. International Data Transfers

Synapserix operates primarily within Australia, but some service providers may store or process data internationally. When this occurs:

• We ensure adequate protection mechanisms are in place
• Service providers comply with equivalent privacy standards
• Contractual safeguards protect your information
• Transfers comply with Australian Privacy Principles

Most of our infrastructure remains within Australian data centers to minimize international transfers and maintain local regulatory compliance.

9. Children's Privacy

Our investment automation services aren't designed for individuals under 18. We don't knowingly collect information from minors. If you believe we've inadvertently collected such data, contact us immediately for removal.

10. Changes to This Privacy Policy

We update this policy periodically to reflect changes in our practices, technology, or legal requirements. Material changes will be communicated via email or prominent platform notifications at least 30 days before taking effect.

The effective date at the top of this document shows when the current version came into force. Continued use of our services after changes indicates acceptance of the updated policy.