Privacy Policy

Synapse is an adaptive learning platform operated by PuntoyComaTech ("we", "our", or "the company"). You can use the service at aisynapse.app.

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you may have.

If you have questions, contact us at [email protected].

We collect the following categories of information:

Account information: name, email address, password stored in hashed form, profile information you choose to add, and information received from a connected sign-in provider if you use one.

Study materials: files you upload (PDFs, images, audio, video) and URLs you submit so we can create your personalized study experience.

Usage data: pages visited, learning events (study sessions, quizzes, and concept progress), and interactions with Gaby, the AI assistant.

Technical data: IP address, device and browser information, session identifiers, and language preference settings.

Beta access request data: name, email address, study topic, academic level, how you found us, and optional community username if you choose to share it.

We use your data to:

• Operate the platform: create and secure your account, deliver the service, and show your content inside your workspace.
• Process your materials: analyze your uploaded materials and submitted links so we can generate study support, personalized practice, and learning paths.
• Personalize your learning: adjust sessions, quizzes, and reminders based on your progress.
• Transactional communications: send beta approval emails, password reset links, service updates, and security alerts. We do not send marketing emails without your consent where consent is required.
• Improve the service: review aggregated or de-identified usage patterns, troubleshoot issues, and monitor performance.
• Abuse detection and security: identify, prevent, and investigate usage that violates our Terms of Service or threatens the platform.

We share limited personal data only when needed to operate the service, including with:

• Third-party AI service providers: to analyze materials and generate educational support within the service.
• Cloud infrastructure and storage providers: to host the platform, store uploaded materials, and deliver content securely.
• Email delivery service provider: to send transactional messages such as beta approvals, password resets, and security notices.
• Error monitoring service: to detect, diagnose, and fix technical problems.
• Professional advisers and legal authorities: when necessary to comply with the law, enforce our terms, or protect rights, safety, and security.
• Community platform: if you choose to join our public community, your interactions there are governed by that platform's own terms and privacy practices.

We do not sell, rent, or trade your personal data for advertising or unrelated commercial purposes.

We and our service providers may process personal data in countries other than the one where you live. When we transfer data internationally, we use appropriate safeguards required by applicable law, which may include:

• Standard contractual clauses or comparable transfer mechanisms.
• Contractual, technical, and organizational safeguards designed to protect the data during transfer and processing.
• Additional assessments and controls where required for sensitive or regulated transfers.

You can request more information about the safeguards relevant to your data by contacting [email protected].

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: request confirmation of whether we process your data and obtain a copy.
• Rectification: correct inaccurate or incomplete data.
• Erasure: request deletion of your data, subject to legal or contractual retention requirements.
• Restriction: ask us to limit certain processing in specific circumstances.
• Portability: receive your data in a structured, machine-readable format where applicable.
• Objection: object to processing based on legitimate interests where the law gives you that right.
• Withdrawal of consent: withdraw consent you previously gave, without affecting past lawful processing.
• Complaint: lodge a complaint with your local data protection authority if you believe your rights have been violated.

To exercise any of these rights, contact us at [email protected]. We respond within the timeframe required by applicable law.

We retain your data as follows:

• Account data and study materials: while your account is active. If you delete your account, we delete your data within 30 days, unless required by law to retain it longer.
• Technical logs (errors, access): maximum 90 days.
• Beta access requests: up to 12 months from submission, to fulfill communication commitments.

When data is no longer needed, we delete it securely or anonymize it.

We implement technical and organizational measures designed to protect your data, including:

• Encryption in transit and, where appropriate, encryption at rest.
• Password storage in hashed form rather than plain text.
• Session and access controls intended to reduce unauthorized access.
• Role-based restrictions for production and administrative access.
• Monitoring and response processes for security incidents.

No system is completely invulnerable. If we detect a breach affecting your personal data and the law requires notice, we will notify affected users and regulators as required.

Synapse is not directed to individuals under 13 years of age, or under the minimum age required by the law that applies to them. We do not knowingly collect personal data from minors without any consent required by law.

If we learn that an account belongs to a minor without the required permission, we will disable the account and delete the associated data as required. If you are a parent or guardian and believe a minor has created an account, contact us at [email protected].

We use the following cookies and similar technologies:

• Essential session cookies: to keep you signed in, secure your session, and provide the service.
• Preference cookies: to remember settings such as your language selection.
• Operational storage or similar technologies: where needed to maintain platform stability and user experience.

We do not use third-party advertising cookies on the beta service. Where the law requires consent for non-essential cookies, we will request it before using them.

Synapse uses artificial intelligence, including third-party AI service providers, to process your materials and generate educational support such as questions, concept breakdowns, idea relationships, and learning paths.

This processing is part of the core service we provide to you. Depending on the context, our legal basis may include contract performance, legitimate interests, or your consent where required.

We do not make decisions that produce legal or similarly significant effects on you based solely on automated processing. AI-generated outputs are study tools, not official grades or professional advice.

We may update this Privacy Policy periodically. If we make material changes (changes that significantly affect your rights or how we use your data), we will notify you by email at least 15 days before they take effect.

The "Last updated" date at the top of this page always reflects the current version. We recommend reviewing it periodically.

For privacy questions, requests to exercise your rights, or any inquiry related to this policy:

Email: [email protected]

We respond within the timeframe required by applicable law and, when possible, within 30 business days.