Privacy Policy
We believe in plain language. Here is a clear breakdown of what data we collect, why we collect it, and how we protect it when you use Synced.
1. Overview
Synced ("we," "our," or "us") provides coordination, AI document assistance, and exam readiness infrastructure for banks and fintech companies. To help teams coordinate meetings, manage deadlines, search and reference documentation, and build a compliance audit trail, we integrate with Google APIs to access calendars, contacts, files, and email communications. This Privacy Policy details how we handle that information.
2. Information We Collect
We only request and collect the minimal amount of information required to deliver the core scheduling, document assistance, and regulatory deadline tracking services of Synced. Specifically:
- Account Authentication & Profile Details: When you sign up via Google OAuth, we collect your primary email address (
userinfo.email) and profile information (userinfo.profile) to authenticate your identity, secure your login, and set up your workspace profile. - Calendar Information (Read & Write): If you connect your Google Calendar (using the
.../auth/calendarscope), we retrieve calendar availability to find conflict-free meeting times, and create or modify calendar events per your request. Write access is necessary for the app's core feature of scheduling and updating meetings. - Contacts Information (Read-only): If you connect your contacts (using the
.../auth/contacts.readonlyand.../auth/contacts.other.readonlyscopes), we retrieve your contacts via the People API to automatically autocomplete and fill invitee email addresses when scheduling meetings or sending invites. - Drive Files (Read-only): If you authorize access to Google Drive (using the
.../auth/drive.readonlyscope), our AI assistant searches your Drive files to locate relevant existing materials and reads or extracts content from them to answer your queries or compile context for your tasks. - Email Communications (Gmail Read & Write): If you connect your Gmail account (using the
.../auth/gmail.readonlyand.../auth/gmail.modifyscopes), our system searches messages and retrieves message details/headers to compile context, summarize email threads, and answer your questions. We also use these scopes to create draft replies and send emails, with each draft requiring your explicit approval before sending.
Google API Limited Use Disclosure
Synced’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
3. How We Use Google OAuth Data
We process data collected via Google OAuth strictly to support the functionalities of the Synced platform. We follow these strict guardrails:
- No Ad Targeting: We will never sell, lease, or rent your personal information or data collected via Google APIs. We do not share this data with any third-party ad networks, data brokers, or advertising platforms.
- No AI/ML Model Training: We do not use personal data received from Google Workspace APIs (including email contents, calendar entries, files, or contacts) to train, retrain, or fine-tune generalized Artificial Intelligence (AI) or Machine Learning (ML) models.
- Limited Human Access: Our developers and employees will not read your calendar events, emails, files, or contacts unless you request support resolving a specific technical bug, you explicitly consent in writing to help us debug an issue, or it is necessary for security investigations (e.g., detecting abuse or responding to malware).
- Restricted Sharing: We only transfer Google user data to third parties if it is necessary to provide or improve our user-facing features (such as secure databases and hosting providers), comply with applicable law, or as part of a merger or acquisition.
4. Data Security & Storage
All credentials and synced metadata (such as deadline events and email parse logs) are encrypted in transit using industry-standard TLS protocols and encrypted at rest within our secure databases (e.g. Firebase Firestore). We employ strict firewalls, vulnerability logging, and access controls to prevent unauthorized access.
5. User Controls: Revoking and Deleting
You are in full control of your integrations and credentials at all times:
- Revoking Access: You can disconnect your Google Calendar or Gmail account at any time directly in your Synced settings. Alternatively, you can revoke Synced's access to your Google account via the Google Security Settings page.
- Data Deletion: If you close your account or request data deletion, all stored tokens, credentials, and cached calendar or email meta-records will be permanently expunged from our database records.
6. Contact Us
If you have questions about this Privacy Policy, your data rights, or how to delete your account, please email us directly: