Privacy Policy

Last updated: February 27, 2026

1. Introduction

SynthLabTech ("we," "our," or "us") operates the SynthLabTech platform for deterministic synthetic data generation. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our services, including our website (www.synthlabtech.com), client application (app.synthlabtech.com), and API services.

2. Information We Collect

We collect information you provide directly to us, including:

  • Account information: organization name, email addresses, and contact details provided during registration.
  • Usage data: API call logs, job execution metadata, credit consumption, and feature usage patterns.
  • Reference datasets: data you upload for synthetic data generation. These are processed solely for generation purposes and stored in your tenant-isolated environment.
  • Communication data: information you provide through support requests, contact forms, and sales inquiries.

3. How We Use Your Information

  • To provide, maintain, and improve the SynthLabTech platform and services.
  • To process synthetic data generation jobs and deliver evidence bundles.
  • To manage your account, billing, and subscription.
  • To communicate with you about service updates, security notifications, and support.
  • To monitor and analyze usage patterns for platform improvement and capacity planning.
  • To comply with legal obligations and enforce our terms of service.

4. Data Retention

Reference datasets and generated synthetic data are retained in your tenant environment for the duration of your subscription. Upon account deletion, all tenant data is permanently removed within 30 days. Audit logs are retained for 12 months for compliance purposes.

5. Data Security

We implement industry-standard security measures including AES-256 encryption at rest, TLS 1.3 for data in transit, tenant-isolated storage, write-only secret management, and comprehensive audit logging. Our infrastructure is hosted on AWS with SOC 2 Type II and ISO 27001 certified practices.

6. Data Sharing

We do not sell your data. We may share information with service providers who assist in operating our platform (AWS for infrastructure, Stripe for billing) under strict data processing agreements. We may disclose information when required by law or to protect our legal rights.

7. Your Rights

You have the right to access, correct, or delete your personal information. You may request data export or account deletion by contacting privacy@synthlabtech.com. For tenants in the European Economic Area, you have additional rights under GDPR including data portability and the right to object to processing.

8. Cookies

We use essential cookies for authentication (httpOnly session cookies) and security. We use privacy-first analytics that do not track individual users across sites. We do not use third-party advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our website. Continued use of the platform after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@synthlabtech.com.