TABLE OF CONTENTS:
“Affiliate” of a party means any corporation, partnership, joint venture, limited liability company, association, or other entity that directly or indirectly controls, is controlled by, or is under common control with, such party.
“Data Controller” or “Controller” means a legal or natural person, an agency, a public authority, or any other body who, alone or when joined with others, determines the purposes of any Personal Information and the means of processing it.
“Data Processor” or “Processor” means a legal or a natural person, agency, public authority, or any other body who processes Personal Information on behalf of a Data Controller.
“Personal Information” means information that (either in isolation or in combination with other information) enables a particular consumer or household to be directly or indirectly identified.
“Sensitive Personal Information” refers to a smaller subset of Personal Information which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation.
“You” or “Your” means the individual accessing or browsing our Website and/or using any of the Services, or the company, or other legal entity on behalf of which such individual is accessing or browsing our Website and/or using any of the Services, as the case may be.
Synoptek, LLC, a California limited liability company (together with its Affiliates, “Synoptek”, “we” or “our”), offers IT leadership, consulting, and management, strategic business procedures, and custom software solutions to businesses. Your privacy is important to us. This privacy policy notice (“Notice”) mainly covers the Personal Information that Synoptek collects on its premises, and through our website Synoptek.com (“Website”), or through other websites or applications that post a link to this Notice. This Notice further describes how Synoptek collects, uses, and discloses information when You interact with Synoptek via mobile apps, email newsletters or other online subscriptions, or by registering and/or attending our events (e.g., demos), or by accessing our Website, or via Synoptek’s products or services, including any services for the purposes of administering services (e.g., setting up an account or collecting Your Personal Information to process an invoice for accounting purposes, etc.) and managing ongoing relationships that display this Notice (collectively referred to as the “Services”). You understand and acknowledge that this Notice does not cover the handling of Personal Information when we are processing Personal Information on behalf of our customers as Synoptek will typically be acting as a Processor in accordance with applicable Services and/or data processing agreements entered into with our customers.
We mainly receive and collect Personal Information through the following ways:
We collect Personal Information that You choose to provide to Synoptek, for example, on our “Contact Us” (or similar) online form, when You interact with a chat bot on our Website, or if You register for any events, or apply for a job. If You contact Synoptek through our Website, we will keep a record of our correspondence. We receive and store the Personal Information You provide directly to Synoptek. We may collect and store media, documents, or other information You provide to Synoptek. We collect commercial information, such as records of the purchased Services or information related to requests for demos.
When You visit our Website, we collect internet or other electronic network activity information through the use of cookies and other trackers. Depending on Your tracking preferences, the information we collect may include, for example, Your device’s Internet Protocol (“IP”) address, referring website, what pages Your device visited, and the time that Your device visited our Website. We also rely on analytics and tools used to prevent spam and other security risks related to the use of abusive automated software. Internet or other electronic network activity information is also collected when You use the Services in our Systems:
We use the Personal Information we collect through our Website, events, or in connection with Services:
Please read the Cookie Notice if You’d like to know about the Personal Information we process in order to ensure network security, information security, and to help us improve our business performance.
We share information about You, including Personal Information, to public authorities in response to legitimate requests, or to our Affiliates, vendors, consultants, and other service providers we engage to perform Services on our behalf. These Processors include our payment processing providers, Website analytics providers, CRM service providers, and e-mail service providers. For example, we process Your Personal Information through the marketing tools provided to Synoptek by Google Analytics to provide and enhance our advertising services. Our use of Personal Information collected for marketing operations is used for targeting specific audiences, tracking, and optimizing our campaigns, adopting brand safety protection: ensuring we are not displaying our ads on unsafe or inappropriate websites, to protect our brand reputation, adopting of fraud prevention in our campaigns to protect our campaigns from online fraud. We reserve the right to access, read, preserve, and disclose any Personal Information as necessary to (i) comply with a law or a court order, (ii) enforce or apply our agreements with You and other agreements, or (iii) protect the rights, property, or safety of Synoptek, our employees, our users, or others.
If Synoptek receives Your Personal Information and subsequently transfers that information to a Processor for processing, Synoptek remains responsible for ensuring that such Processor processes Your Personal Information to the standard required by the applicable privacy laws, including the GDPR. For further information, please see the “International Data Transfers” section of this Notice. When You attend an event that is co-sponsored by Synoptek and another organization, we provide Terms & Conditions which includes information about sharing Your contact information with the event’s sponsor(s). Please refer to the specific Terms & Conditions provided to You during registration for further details. We may choose to buy or sell assets and may share and/or transfer customer information, including Personal Information, in connection with the evaluation of and entry into such transactions and based on our legitimate interests. Also, if we or our assets are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be one of the assets transferred to or acquired by the third party.
We store Your Personal Information for different time periods depending on the category of Personal Information and the nature of relationship that You have with Synoptek. We determine how long we need Personal Information on a case-by-case basis, but our goal is to keep Your Personal Information for as short of a period as possible to achieve the purpose for which Personal Information is collected. We use appropriate technical, organizational, and administrative security measures to protect Personal Information we store from loss, misuse, unauthorized access, disclosure, alteration, and destruction. However, no company or service can guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of a user’s Personal Information at any time. Among other practices, Your account is protected by a password for Your privacy and security. You must prevent unauthorized access to Your account and Personal Information by selecting and protecting Your password appropriately and limiting access to Your computer or device and browser by signing off after You have finished accessing Your account.
You may have certain rights relating to Your Personal Information, depending on Your location and subject to local applicable laws. These rights may include, subject to any exceptions or limitations:
If You would like to exercise the privacy rights available to You, please contact our Data Privacy representative at privacy@synoptek.com. Our privacy team will review Your verifiable privacy rights request and respond to You as quickly as possible. Synoptek does not discriminate against You for exercising Your privacy rights.
Synoptek is a company operating globally. As such, the Personal Information of individuals who visit our Website and/or who use our Services or otherwise interact with Synoptek may be transferred and accessed from around the world, such as from countries where Synoptek or Processors operate. Your Personal Information may also be subject to those other jurisdictions’ laws, including lawful requirements to disclose Personal Information to government authorities. Irrespective of which country You live in, You authorize Synoptek to transfer, store and use Your information in the United States and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where You live.
Operating globally, Synoptek may transfer Personal Information from the EEA or the UK to the United States (“US”) and other countries, including Personal Information we receive from individuals residing in the EEA or the UK who visit our Website and/or use our Services. Please note that the term Personal Information used in this Notice is equivalent to the term “personal data” under applicable EEA and UK data protection laws for individuals located in the EEA or the UK. Synoptek performs transfer impact assessments and continually monitors the circumstances surrounding such transfers to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the EEA and UK data protection laws.
Synoptek complies with the EU-US Data Privacy Framework (EU-US DPF) and the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework (Swiss-US DPF) as set forth by the US Department of Commerce. In compliance with the EU-US DPF Principles, Synoptek commits to resolve complaints about Your privacy and our collection or use of Your Personal Information transferred to the United States pursuant to the EU/SWISS DPF Principles. We will investigate and attempt to resolve any complaints or disputes regarding the processing of Personal Information as quickly as possible. We acknowledge our responsibility for the processing of Personal Information received and subsequently transferred to our third parties/agents/service providers. Synoptek remains liable under the DPF Principles if a third party/agent/service provider processes Personal Information covered by this Notice in a manner inconsistent with the DPF Principles, except where Synoptek can demonstrate that it is not responsible for the event giving rise to the damages.
Under the California Privacy Rights Act (“CPRA”) residents of California have certain rights regarding the Personal Information that businesses collect and process about them. This includes the right to request access or deletion of Your Personal Information, as well as the right to direct a business to stop selling or sharing Your Personal Information. We adopt this notice to also comply with the California Consumer Privacy Act of 2018 (“CCPA”), and other California privacy laws. Terms defined in the CPRA and CCPA have the same meaning when used in this Notice. We are required to detail the categories of Personal Information that we collect and/or share for the purposes of this Notice.
Information We Collect. We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (Personal Information). In particular, we have collected the following categories of Personal Information from consumers within the last 12 months:
| Category |
Examples |
Collected |
|---|---|---|
A. Identifiers. |
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | YES |
B. “Sensitive” Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, account log in information with password, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | YES |
C. Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | YES |
D. Commercial information. |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES |
E. Biometric information. |
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | YES |
F. Internet or other similar network activity. |
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | YES |
G. Geolocation data. |
Physical location or movements. | YES |
H. Sensory data. |
Audio, electronic, visual, thermal, olfactory, or similar information. | YES |
I. Professional or employment-related information. |
Current or past job history or performance evaluations. | YES |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | YES |
K. Inferences drawn from other personal information. |
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | YES |
Personal Information does not include:
We obtain the categories of Personal Information listed above from the following categories of sources:
Use of Personal Information. We may use or disclose Personal Information for one or more of the following business purposes:
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without giving You notice.
Sharing Personal Information. We may disclose Your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for performing under the contract.
In the preceding 12 months, we have disclosed the following categories of Personal Information for a business purpose:
Category A: Identifiers.
Category B: California Customer Records personal information categories.
Category C: Protected classification characteristics under California or federal law.
Category D: Commercial information.
Category E: Biometric Information.
Category F: Internet or other similar network activity.
Category G: Geolocation data.
Category H: Sensory data.
Category I: Professional or employment-related information.
Category J: Non-public education information.
Category K: Inferences drawn from other personal information.
We disclose Your personal information for a business purpose to the following categories of third parties:
In the preceding 12 months, we have not sold any Personal Information.
Your Rights and Choices under CCPA. The CCPA provides consumers (California residents) with specific rights regarding their Personal Information. This section describes Your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to You about our collection and use of Your Personal Information over the past 12 months. Once we receive and confirm Your verifiable consumer request, we will disclose to You:
Deletion Request Rights
You have the right to request that we delete any of Your Personal Information that we collected from You and retained, subject to certain exceptions. Once we receive and confirm Your verifiable consumer request, we will delete (and direct our service providers to delete) Your Personal Information from our records, unless an exception applies. We may deny Your deletion request if retaining the information is necessary for Synoptek or its service providers to:
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Synoptek by emailing at privacy@synoptek.com. Only You or a person registered with the California Secretary of State that You authorize to act on Your behalf, may make a verifiable consumer request related to Your Personal Information. You may also make a verifiable consumer request on behalf of Your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
We cannot respond to Your request or provide You with Personal Information if we cannot verify Your identity or authority to make the request and confirm the Personal Information relates to You. Making a verifiable consumer request does not require You to create an account with Synoptek. We will only use the Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform You of the reason and extension period in writing. If You have an account with Synoptek, we will deliver our written response to that account. If You do not have an account with Synoptek, we will deliver our written response by mail or electronically, at Your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For Data Portability Requests, we will select a format to provide Your Personal Information that is readily useable and should allow You to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to Your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell You why we made that decision and provide You with a cost estimate before completing Your request.
Non-Discrimination. We will not discriminate against You for exercising any of Your CCPA rights. Unless permitted by the CCPA, we will not:
Right to Opt-Out. Under the Commonwealth Data Protection Act (“CDPA”), residents of Virginia have certain rights regarding the Personal Information that businesses collect and process about them. This includes the right to request access or deletion of Your Personal Information, as well as the right to direct a business to stop selling or sharing Your Personal Information. Additionally, the privacy laws in Colorado, Connecticut, and Utah give residents certain rights with respect to their personal data.
To the extent applicable under the laws of Virginia, Colorado, Connecticut, and Utah, or any other privacy law, You have the right to direct a business that processes Your personal data for the purposes of targeted advertising, sale, and/or profiling, in furtherance of decisions that produce legal or similarly significant effects concerning You, not to process for these purposes. This right is referred to as “the right to opt-out.” If You submit a valid and authenticated request and we confirm Your identity and/or authority to make the request, we will cease processing Your personal data for the limited purposes of targeted advertising, sale, and/or profiling. Since we may engage in targeted advertising and/or profiling, we provide You with the option to opt-out of such processing for these purposes. Residents of Colorado, Connecticut, and Virginia may appeal a refusal to take action on a request by contacting us. Further, the residents of the State of Nevada have the right to opt out of the sale of certain pieces of their information to other companies who will sell or license their information to others. We disclose contact information to third parties that may want to market products or services to You. Unless contrary to any applicable law, we do not provide an opt-out for sale since we will not be selling Your personal data for monetary compensation. To exercise any of Your rights available under applicable law relating to opt-out or appeal as set forth in this Section, please submit a verifiable consumer request to Synoptek by emailing at privacy@synoptek.com.
In accordance with The Personal Information Protection and Electronic Documents Act (“PIPEDA”) and any other applicable federal or provincial privacy laws of Canada, this Notice sets the ground rules for how we collect, use, and disclose Personal Information, and privacy rights and access choices available for You. Please be aware that information You provide to us or that we obtain as a result of Your use of our Services or Website may be collected in Your jurisdiction and subsequently transferred to, maintained and/or processed outside of Your jurisdiction (including for residents of the province of Quebec, outside of Quebec), including in the United States or another jurisdiction by us or our service providers for the purposes mentioned in this Notice, and in accordance with applicable laws. Personal Information processed and stored in another country may be subject to disclosure or access requests by the governments, courts or law enforcement or regulatory agencies in that country according to its laws. We take reasonable steps to ensure that your Personal Information will only be used for purposes mentioned above or communicated to service providers with your consent, except where authorized by applicable law.
Synoptek reserves the right to amend this Notice at its sole discretion and at any time. When we make changes to this Notice, we will notify You by email or through a notice on our Website.
If You have any questions or comments about this Notice, the ways in which we collect and use Your Personal Information, Your choices, and rights regarding such use, or wish to exercise Your rights under California law, please do not hesitate to contact Synoptek at:
Phone: 1 (888) 796-6783
Email: privacy@synoptek.com
Attn: Privacy Department
Synoptek, LLC
Address: 19520 Jamboree Road, Suite 110, Irvine, California 92612