The protection and security of your personal data, sensitive (special categories) personal data and non-personal data are important to Syno. Therefore, Syno is committed to respecting and protecting the privacy of each person (i.e. data subject).
Data subjects trust us with their personal information, and we are responsible for ensuring that we justify that trust.
Below is information about how Syno works in the area of privacy, how it complies with the General Data Protection Regulation (GDPR) or the California Consumer Protection Act (CCPA) and other applicable international and local legal acts, and what essential information data subjects must know when using Syno platforms, solutions, systems, services and websites.
The protection and security of your personal data, sensitive (special categories) personal data
and non-personal data are of utmost importance to Syno. Syno is committed to respecting and
protecting the privacy of each person (i.e. data subject).
Data subjects trust us with their personal information, and we are responsible for ensuring that
we justify that trust.
Below is information about how Syno works in the area of privacy, how it complies with the
General Data Protection Regulation (GDPR), UK Data Protection Law, the California Consumer
Protection Act (CCPA) and other applicable international and local legal acts, and what essential
information data subjects must know when using Syno platforms, solutions, systems, services
and websites.
“Syno group of companies” / “Syno” all references in this Privacy policy to Syno include Syno
and its parent, subsidiary, and affiliated companies. The list of affiliated companies may be
unilaterally updated by Syno. All references to “us” or “we” refer to Syno, including but not
limited to:
UAB Syno International, a private limited civil liability company, incorporated and operating
pursuant to the legal acts of the Republic of Lithuania, under legal entity code 302748928;
Syno Poland sp. z o. o. (Syno Poland), a company incorporated and operating pursuant to the
legal acts of Poland, under registration code 0000667223;
Syno International (UK) Limited (Syno UK), a company incorporated and operating pursuant to
the legal acts of the United Kingdom, under registration code 11839775;
Asia Syno International PTE. LTD. (Syno Asia), a company incorporated and operating pursuant
to the legal acts of Singapore, under registration code 201717773E;
Syno International Danışmanlık Hizmetleri Limited Şirketi (Syno Turkey), a company
incorporated and operating pursuant to the legal acts of Turkey, under registration code
0788092246100001;
UAB Syno International (Syno Mexico), a company incorporated and operating pursuant to the
legal acts of Mexico, under code USI200206S97.
“Syno systems and platforms” means all the Syno systems and platforms and services which are
provided by Syno, such as Syno Cloud, Syno Tool, Syno Rewards, Surveyo24etc. to natural or
legal persons, i.e. clients, users, respondents, panelists, website visitors, third parties etc.
“Services” means services of Syno systems and platforms which are provided by Syno to natural
or legal persons, i.e. clients, users, respondents, panelists, website visitors, third parties etc.
“Day” means any business day, which is not a day off or a national holiday according to the
legislation of the respective country.
“Personal data” means any information relating to an identified or identifiable natural person
(“data subject”); an identifiable natural person is one who can be identified, directly or
indirectly, in particular by reference to an identifier such as a name, an Syno identification
number, location data, an online identifier ( Cint ID, Adobe ID, MAID, etc. ) or to one or more
factors specific to the physical, physiological, genetic, mental, economic, cultural or social
identity of that natural person.
“Special categories of personal data” means sensitive personal data revealing racial or ethnic
origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or
biometric data for the purpose of uniquely identifying a natural person, data concerning health
or data concerning a natural person’s sexual life or sexual orientation.
“Non-personal data” means any information and data which is not personal data, and from
which it is not possible to identify a data subject.
“Processing” means any operation or set of operations which is performed on personal data or
on sets of personal data, whether or not by automated means, such as collection, recording,
organization, structuring, storage, adaptation or alteration, retrieval, consultation, use,
disclosure by transmission, dissemination or otherwise making available, alignment or
combination, restriction, erasure or destruction.
“Data subject” means an individual person whose personal data and special categories of
personal data was processed / is processed / will be processed by a data controller and / or data
processor.
“Data controller” means:
Syno or any company which belongs to Syno indicated in Section “Definitions No. 1” in
definition “Syno”;
Natural or legal person, which orders services of Syno systems and platforms, (in some cases,
Syno also acts as an independent Data Controller for the operation of its own panels, platforms,
and research projects conducted under its own account, as described in the “Data Protection
Roles” section of the Terms and Conditions for Panelists). and which, alone or jointly with
others, determines the purposes and means of the processing of personal data, and who
receives and processes personal data in Syno systems and platforms in individual cases when
Syno is involved in processing of personal data.
“Data processor” means:
A natural or legal person, public authority, agency, or other body which processes personal data
on behalf of the data controller (Syno). Syno engages affiliated companies and trusted
third-party service providers (“sub-processors”) to support the delivery, operation, security, and
improvement of its services. These sub-processors process personal data solely on Syno’s
documented instructions and are contractually bound to comply with applicable data protection
laws.
The following sub-processors may be used by Syno, depending on the services provided:
Amazon Web Services (AWS) – cloud hosting and infrastructure services
Interneto Vizija – cloud hosting and infrastructure services
Cint – market research sample sourcing and panel marketplace services
Pollfish – market research sample sourcing services
PureSpectrum – market research sample sourcing services
InnovateMR – market research sample sourcing services
RepData – market research and respondent verification services
Bitlabs / Prodege – market research sample sourcing services
Prime Insights (Prime Surveys) – market research sample sourcing services
Riwi – market research sample sourcing services
Huuray – reward and incentive fulfilment services
Tango Card – reward and incentive fulfilment services
NeoCurrency – reward and incentive fulfilment services
Virtual Incentives – reward and incentive fulfilment services
Tremendous – reward and incentive fulfilment services
Fixed & Mobile (DT One) – mobile reward and top-up services
Behavix – behavioral analytics and fraud-prevention services (where enabled)
MaxMind – IP-based fraud prevention and geolocation services
Meta – user authentication and authorization services (where applicable)
Syno may engage affiliated companies and trusted third-party subprocessors to support the
delivery of its Services. The current list of subprocessors is published on Syno’s website at
https://www.synoint.com/legal-and-quality/ and may be updated from time to time. Clients and
other users are encouraged to periodically review this list.
In cases where required by law or contract, Syno will provide advance notice of at least 10 (ten)
calendar days before a new subprocessor is engaged.
Objections to such changes must be submitted in writing within the same 10-day period, but
only if the new subprocessor presents a material risk to data protection or confidentiality.
If no reasonable objection is raised, the change will be deemed accepted.
Syno may engage emergency or replacement subprocessors without prior notice where
necessary to maintain the continuity, security, or functionality of the Services, provided that
notification is given as soon as reasonably practicable thereafter.
Syno or any of the companies that belong to Syno indicated in Section “Definitions No. 1” in
definition “Syno” processes personal data on behalf of the data controller when the data
controller orders services of Syno systems and platforms. Syno may use sub-processors,
including affiliates of Syno as well as third party companies (included but not limited to the ones
indicated above as Syno data processors), to provide, secure or improve the Services, and such
sub-processors may have access to personal data.
“Consent of the Data subject” means any freely given, specific, informed, and unambiguous
indication of the data subject’s wishes by which he or she, by a statement or by a clear
affirmative action, signifies agreement to the processing of personal data relating to him or her.
“Personal data breach” means a breach of security leading to the accidental or unlawful
destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted,
stored or otherwise processed.
“General data protection regulation” means Regulation (EU) 2016/679 of the European
Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard
to the processing of personal data and on the free movement of such data, and repealing
Directive 95/46/EC (GDPR).
“California Consumer Privacy Act” is a state statute intended to enhance privacy rights and
consumer protection for residents of California, United States. In June 2018, the CCPA was
signed into law, creating new privacy rights for Californians and significant new data protection
obligations for businesses. The CCPA went into effect Jan. 1, 2020. California’s Office of the
Attorney General has enforcement authority (CCPA).
“Data Protection Law” means all laws relating to data protection, the Processing of Personal
Data, privacy and/or electronic communications in force in the United Kingdom of Great Britain
and Northern Ireland, including the UK GDPR and the Data Protection Act 2018. “UK GDPR” has
the meaning given in section 3 of the Data Protection Act 2018.
When a data subject visits Syno websites, Syno collects and stores information about the data
subject, data subject`s computer and / or device. More about this you can read in the Cookies
policy on https://www.synoint.com/cookies-policy/. Syno collects IP address, the website from
which the person accesses Syno website, http answer code, data and time of access. Syno
collects technical and location-derived data, such as IP address, approximate location (country,
region, city-level), device and usage metadata, where required for fraud prevention, research
quality control, behavioral analytics, or where optional features such as Behavix are enabled by
the Panel owner.
Personal data about Syno employees: e-mail, telephone No., name, surname, postal code, date
of birth, country, address, gender, bank account details, wage, CV (curriculum vitae), photos,
payments details, education data, holidays, and other necessary information in accordance with
legislation.
Personal data about data subjects, who apply to open positions in Syno
(https://www.synoint.com/career/): e-mail, telephone No., name, surname, postal code, date of
birth, country, address, gender, CV (curriculum vitae), motivational letter, education data,
experience data, hobbies, other skills.
Non-personal data: metadata (data / information that provides information about other data)
when the data subject uses Syno websites or services, such as: status, creation date and time,
last modification date and time, files names, type, size, and various identifiers.
Personal data when the data subject contacts Syno via email or other means of
communications: name, e-mail, request, message content, consents.
When Syno concludes business (cooperation) relations, orders, or agreements, Syno processes:
name and surname of authorized representative, representative email, signatures and other
relevant contact information.
When a data subject creates an account (including cases when Syno creates an account by data
subject request or any other legal person creates an account for a data subject) to use services
of Syno systems and platforms, or apply for the provision of other services, Syno might collect:
e-mail, telephone number., user name, password, details of payments, data on services
provided, postal code, data about company’s employees, contact data of company`s data
protection officer, contact data of company`s representative, signature, name, surname, postal
code, date of birth, country, address, gender and any other relevant information that is needed
for provision of ordered Syno services.
Syno provides a mobile application (“Panel App”) that may be offered by the Panel owner to
Panel members to enable access to their panel account, surveys, rewards, and related
functionalities via a mobile device.
Use of the Panel App is optional and depends on whether the Panel owner has enabled
connectivity of its Panel to the Panel App.
Where the Panel App is used, Syno may process the same categories of personal data as for
access via the web-based panel portal, including account identifiers, participation history,
rewards information, technical and device-related data, and security or fraud-prevention data,
for the purposes described in this Privacy Policy.
Personal data when data subjects (such as panelists, respondents and other users and
members), register to participate in panels, surveys, market research, public opinion polls and
other market research activities: username, password, e-mail, gender, date of birth, postal code,
country, phone number. More about this can be read in Terms and Conditions for Panelists and
Respondents on https://www.synoint.com/terms-and-conditions-for-panelists/.
Personal data and special categories of personal data when data subjects (such as panelists,
respondents and others) respond to Syno questionnaires: region of workplace, type of work,
shopping habits, travel, data about education, political views, religion views, health, languages,
and other information.
When data subject participates in rewards systems and intends to get rewards, Syno processes:
e-mail, name, surname, username, password, number of projects that the data subject
participated in etc.
Information about the operations and services performed with Syno systems and platforms and
other Syno products, such as: which services have been used, for how long, for what purpose.
Syno collects and uses information for the following purposes:
Market research (including market and public opinion research; customers insights; loyalty and
rewards programs; provision of data collection, processing and reporting solutions; addition of
the data received from a third party about data subject to its profile information);
Submitting the best deals and get acquainted with Syno services (applies to B2B cases);
Proper administration and management of agreements, orders, projects, other documents,
services, etc. (applies to B2B cases);
Security Authentication (2FA) and SMS Communication - Syno may collect and process your
phone number for the purpose of enabling SMS-based two-factor authentication (2FA), which
enhances the security of access to Syno systems and platforms. This processing is based on our
legitimate interest in ensuring account protection and service integrity. For this purpose, we
may use third-party communication service providers such as Twilio Inc., Amazon , which may
involve transfers of data outside the EEA. In such cases, if relevant, we ensure appropriate
safeguards are in place, such as the European Commission’s Standard Contractual Clauses
(SCCs). Your phone number will be processed solely for security-related functionality and
retained only for the period necessary for this purpose;
We may use your phone number to send you transactional or service-related messages via SMS,
such as verification codes, account alerts, or important notifications related to your use of Syno
systems and platforms;
Implementation of the requirements and provisions of the legislation;
Quality control of the services performed by Syno, to detect, prevent, or investigate fraud,
abuse, or security incidents.
For the purposes of conducting market research, analytics, audience segmentation, fraud
prevention, and research quality assurance, Syno may generate and assign pseudonymized
internal identifiers (“Syno IDs”) to Panelists and Respondents.
These Syno IDs do not directly identify individuals and cannot be attributed to a specific person
without additional information held separately by Syno.
Syno may share such pseudonymized Syno IDs and related research metadata with Syno Clients
solely for market research, validation, incentive reconciliation, and quality control purposes, and
always subject to contractual confidentiality and data-protection obligations.
No directly identifying personal data (such as name, email address, or phone number) is shared
with Clients unless expressly agreed and covered by a separate data-sharing agreement.
In addition to the above, Syno may use your pseudonymized or aggregated data to
support audience analytics and market activation activities. This includes matching your
profile data with other datasets to generate audience segments for research, insight
generation, and digital media planning. Such data may be shared with trusted third-party
partners to enhance accuracy of audience models.
These partners may include:
All such partners are contractually bound to use your data solely for lawful, specified
purposes and in accordance with applicable data protection laws and are not permitted
to use the data for direct identification of, or direct advertising targeting towards,
individual data subjects. No directly identifying data is shared, and your identity is never
disclosed to these partners.
For the purpose of cookie and identity matching, Syno may process and exchange public
identifiers such as cookies, email addresses, phone numbers, or hashed versions thereof,
device IDs, or other pseudonymized online identifiers with trusted partners (e.g.
advertising, analytics, and attribution partners). Such processing allows accurate audience
measurement, fraud prevention, and campaign reach analysis. All data is processed in a
pseudonymized or hashed form and used solely for measurement, fraud prevention, and
audience analytics purposes, without direct identification of individuals. More
information is provided in the Cookie Policy at ttps://www.synoint.com/cookies-policy/.
A current list of our third-party partners involved in these activities is available in the legal
section on www.synoint.com and is updated regularly.
We recommend you periodically review this list to remain informed of where and how
your data may be used.
Data is processed based under standard IAB (Interactive Advertising Bureau) purposes:
- Store and/or access information on a device (Saving or retrieving information (like
cookies, device IDs, etc.) on a user’s device;
- Measure ad performance (Measuring how ads perform, e.g. impressions, clicks,
conversions.);
- Measure content performance (Measuring the effectiveness or engagement of content
(e.g. article reads, video plays);
- Understand audiences through statistics or aggregated insights (Developing aggregated
reports about users’ demographics, preferences, or behaviour — not for individual
targeting.).
You may opt out of receiving SMS messages at any time by replying STOP to any SMS you
receive from us. For assistance, reply HELP or contact us directly at
data.protection@synoint.com. Please note that opting out of SMS messages may limit certain
features of our services, such as authentication or account alerts.
Syno stores your personal data, sensitive (special categories) personal data and non-personal
data for no longer than it is required by the data processing goals, or than it is stated in legal
regulations if there is a longer data duration provisioned. We aim not to store outdated or
irrelevant information, and we ensure that personal data and other information is updated
consistently and correctly.
The term of data storage may range from 1 (one) to 10 (ten) years, depending on the purpose of
processing, contractual obligations, and applicable legal requirements, unless otherwise
required by law or agreed with the data subject or client.
For example:
Syno stores personal data about data subjects who apply to open positions up to 1 (one) year,
unless agreed otherwise;
Syno stores personal data about Syno employees up to 10 (ten) years, unless agreed otherwise;
When a data subject creates an account / profile (including cases when Syno creates an account
by data subject request or any other legal person creates an account for a data subject) to use
services of Syno systems and platforms, Syno stores his data at least 3 (three) years from last
activity. If the data subject has not been active for 3 years, Syno deletes the stored data about
the data subject. In case the data subject submits the request to delete the stored data about
him, Syno obliges to delete the data within 30 days after receiving the request.
Syno periodically reviews all stored data and makes sure that inaccurate or out-of-date data is
not processed.
Syno websites, services of Syno systems and platform and other services, are not intended for
minors.
Syno complies with the GDPR and with the Law on the legal protection of personal data of the
Republic of Lithuania where there is indicated that persons under the age of 14 (fourteen) are
considered to be minors. Specific age thresholds may vary depending on the Panel and
applicable local law, as described in the Terms and Conditions for Panelists.
In view of this, Syno takes the position that minors should not visit Syno websites and use Syno
Services.
Syno does not knowingly collect personal data from minors, except where permitted by
applicable law and subject to appropriate parental consent mechanisms. If there are any cases
when children want to visit Syno websites and use Syno services or other Syno activities, they
have to submit consents and permissions from their parents and implement other requirements
specified in the GDPR and on the Law of the legal protection of personal data of the Republic of
Lithuania. If it comes to our attention that we have collected personal data from/of a minor, we
may delete this information without a notice.
Syno shall use your personal data only where we have legal grounds to do so. We determine the
legal grounds based on the purposes for which we have collected and used your personal data.
We may also rely on your consent or our legitimate interest to process your data for market
research and audience segmentation, including data matching and pseudonymized data sharing
for the creation of audience models and advertising analytics. In every case, the legal ground
will be one of the following:
Consent by data subject: for example, where you have provided your consent to create an
account to use services of Syno systems and platforms and create your profile. You can
withdraw your consent at any time.
Our legitimate interests, where it is necessary for us to ensure the security of user accounts and
the integrity of our services (e.g. using two-factor authentication (2FA) via SMS), to prevent
fraud, and to improve service experience. For example:
Analyzing what services the data subject uses;
Determining what services may be relevant to our clients;
Recording the voice and/or location of the data subject during the face-to-face interviews for
quality control purposes; Analysing what content has been viewed on our sites, so that we can
understand how they are used.
Performance of a contract / agreement with you (or in order to take steps prior to entering into
a contract with you): for example, the information required for payments for the usage of Syno
services.
Implementing other contracts and agreements under which personal data are processed.
Compliance with law: in some cases, we may have a legal obligation to use or keep your
personal data.
Syno ensures that personal data, sensitive (special categories) personal data and non-personal
data shall be:
Processed lawfully, fairly and in a transparent manner in relation to the data subject (”
lawfulness, fairness and transparency”);
Collected for specified, explicit and legitimate purposes and not further processed in a manner
that is incompatible with those purposes (” purpose limitation”);
Adequate, relevant and limited to what is necessary in relation to the purposes for which they
are processed (”data”);
Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure
that personal data that is inaccurate, having regard to the purposes for which they are
processed, is erased or rectified without delay (” accuracy”);
Kept in a form which permits identification of data subjects for no longer than is necessary for
the purposes for which the personal data is processed (” storage limitation”);
Processed in a manner that ensures appropriate security of the personal data, including
protection against unauthorized or unlawful processing, and against accidental loss, destruction
or damage, using appropriate technical or organizational measures (” integrity and
confidentiality”).
IP hashing is used for the purpose of pseudonymisation. Data at rest is encrypted using AES256
bit encryption. Data in transit is protected by Transport Layer Security (”TLS”).
Access to data necessary for the performance of the particular task is ensured within the
systems and applications by a corresponding user role and authorization concept.
Lawful basis for audience analytics and market activation
Processing of pseudonymized or aggregated data for audience analytics, segment creation, and
market activation is carried out under Syno’s legitimate interests in providing aggregated
research insights and measurement services to Clients and partners (GDPR Art. 6(1)(f)). This
processing does not involve direct identification or direct contact with any individual. Syno
applies pseudonymization, access controls, and contractual safeguards with all partners to
prevent re-identification and to restrict use strictly to specified purposes. Where behavioral
analytics or IP-derived location data are processed through optional features (such as Behavix),
such processing is carried out only where enabled by the Panel owner and accepted by the
Panelist, under Syno’s legitimate interests and subject to appropriate safeguards, minimization,
and opt-out mechanisms.
You may object at any time to this processing by contacting data.protection@synoint.com. If
you object, Syno will stop further processing of your data for these analytics/activation
purposes (other lawful processing related to your account or participation may continue where
applicable).
Syno ensures that all the rights of data subjects are implemented according to the GDPR:
Right to be informed;
Right to access;
Right to rectification;
Right to erasure (Right to be forgotten);
Right to restriction of processing;
Notification obligation;
Right to data portability;
Right to object;
Automated decision-making;
Right not to be discriminated against for exercising the rights available to you under applicable
data protection laws.
If you would like to implement any of these rights, or if you think that we process incorrect
personal data about you, or you have any other questions regarding your rights, please contact
Syno by e-mail data.protection@synoint.com.
The request is handled within 30 (thirty) days. If your request is complicated or if you have a
large number of requests, it may take us longer. We will let you know if we need longer than 30
days to respond and we aim to respond within shortest reasonable time If you ask us to delete
your personal data or restrict how it is used, there may be exceptions to the right to erasure for
specific legal reasons which, if applicable, we will set out for you in response to your request.
We might need specific information from you to help us confirm your identity, therefore all
required information about you should be provided and your request should be submitted as
clearly and understandable as possible.
If you are unable to resolve the issues with Syno and if Syno engagement or a lack there of
worries you that this privacy report or legal regulations requirements are not being adhered to,
you have the right to contact State data protection inspectorate of the Republic of Lithuania
(supervisory authority) or other institutions which are responsible for the supervision and
control of legal acts which regulate personal data protection and implementation of data
subjects rights.
Syno has implemented technical and organizational controls to protect your personal data
against unauthorized processing and against accidental loss, damage or destruction.
You are responsible for choosing a secure password when we ask you to set it up to access Syno
systems, platforms, and sites. You should keep this password confidential, and you should
choose a password that you do not use on any other site. You should not share your password
with anyone else, including anyone who works for us. Unfortunately, sending information via
the internet is not completely secure. Although we will do our best to protect your personal
data once it is in our possession, transmission of information via the internet is not completely
secure.
If you suspect that a password has been compromised, please inform about this immediately by
e-mail info@synoint.com and / or data.protection@synoint.com.
We also ask you to get acquainted with the Syno Security policy on
ttps://www.synoint.com/security-policy.
Data that we collect may be transferred to, stored, and processed in any country or territory
where any of Syno companies exist, service providers or servers’ providers (data processors) are
based or have facilities. While other countries or territories may not have the same standards of
data protection, Syno will continue to protect personal data that we transfer in line with this
privacy policy and other procedures by Syno.
We may transfer your personal data that we collect outside the European Economic Area (EEA),
and by accepting this Privacy Policy and using Syno services, you explicitly permit us to do so.
We may also transfer your personal data to countries for which adequacy decisions have been
issued, and/or use contractual protections for the transfer of Personal Information to third
parties, such as the European Commission’s Standard Contractual Clauses, with respect to
restricted transfers subject to the UK GDPR, the International Data Transfer Addendum to the
EU Commission Standard Contractual of 21 March 2022, as may be amended or replaced by the
UK Information Commissioner’s Office from time to time (the “UK SCCs”),or their equivalent
under applicable law. Whenever we transfer your personal data out of the EEA, we ensure
similar protection and put in place at least one of these safeguards:
We will only transfer your personal data to countries that have been found to provide an
adequate level of protection for personal data;
We use specific approved contracts with our service providers, servers’ providers, data
processors, data sub-processors, that are based in countries outside the EEA using European
Commission’s Standard Contractual Clauses or UK SCC’s. These contracts give your personal
data the same protection it has in the EEA;
We have informed the supervisory authorities about these transfers if applicable;
We have received all necessary permissions and consents for the transferring of personal data.
Syno informs you that for proper provision of services, your personal data may be accessed by
the Syno companies having respective data processing agreements in place between the
companies.
In most cases, Syno provides only pseudonymized or aggregated data to recipients outside the
EEA. Where personal data is transferred, appropriate safeguards are applied in accordance with
applicable data protection laws.
Who we share your personal data with
Depending on where you live, we may share your personal data but just in exceptional cases.
We do not share your personal data with other people or organizations that are not directly
linked to us, but Syno may disclose personal data, profiling data, or other data to third parties as
follows:
We may disclose your personal data to any law enforcement agency, court, regulator,
government authority or other organization if we are required to do so to meet a legal or
regulatory obligation, or otherwise to protect our rights or the rights of anyone else;
With agents, consultants, contractors, or partners of Syno in connection with services that these
individuals or entities perform for, or with, Syno. These agents, consultants, contractors or
partners are restricted from using this information in any way other than to provide services for
Syno;
We may reveal your personal data to any other organization that buys, or to which we transfer
all, or substantially all, of our assets and business. If this sale or transfer takes place, we will use
reasonable efforts to try to make sure that the organization we transfer your personal data to
uses it in line with our Privacy policy;
We may share your personal data in other specific cases, when we have the right to provide this
data, and the other party has the right to receive this data;
We may share personal data with communication service providers (e.g., Twilio Inc.) for the
purpose of delivering SMS messages or facilitating two-factor authentication (2FA). These
providers may be located outside the EEA; in such cases, if relevant, appropriate safeguards,
including Standard Contractual Clauses (SCCs), are implemented to ensure the protection of
your data;
When we believe that disclosure is necessary or appropriate to prevent physical harm or
financial loss or in connection with suspected or actual illegal activity;
We will not share your personal data with anyone else in other cases unless we have your
permission / consent to do this.
CCPA Privacy notice
Under the CCPA, California residents have certain special rights related to their personal
information.
Under CCPA, “personal information” includes, but is not limited to names, postal and addresses,
IP addresses, and social security or other identification numbers. “Sell” is broadly defined under
CCPA. Its meaning includes “…renting, releasing, disclosing, disseminating, making available,
[and] transferring…”
If you’re a California resident, some of your interactions with Syno will be governed by CCPA.
Specifically, in connection with services we provide to our clients, we might, from time to time,
provide some personal information about you to our clients or other collaboration partners,
such as your contact information or certain combinations of anonymized or pseudonymized
demographic and other information.
As a California consumer, you have the right to opt-out of this “sale” of your personal
information. You may exercise this right by filling out the form below, or by submitting request
via email to data.protection@synoint.com, or by contacting us via post addressing it to DPO
attention: UAB “Syno International”, Address: Vilniaus str. 35, Vilnius, 01119, Lithuania.
If you choose to exercise your right to opt-out (either directly or via an authorized agent), we
may request certain personal information such as email address and postal code to verify that
you (and, as applicable, your agent) do in fact authorize the request.
Do not sell my personal information.
For clarity, Syno does not sell personal information for monetary consideration. Any data
sharing described above is conducted for research, analytics, or service delivery purposes in
accordance with applicable law.
In Syno systems, platforms and services you can see the consents and permissions which we ask
you to mark.
Below we provide a broader and more detailed explanation of these consents and permissions:
“I confirm that I have read the Privacy Policy and agree to the Terms and conditions for clients”
means you have read all these documents, and you agree with the content and conditions set in
these documents.
“I confirm that I have read the Privacy Policy and agree to the Terms and conditions for panelists
and related policies” means you have read all these documents, and you agree with the content
and conditions set in these documents.
“I agree to get newsletters and notifications” means you agree to get information from us on
behalf of the panel owner about services, panel related offers, suggestions, news, and changes.
“I agree to share my profile information with third parties for market research purposes” means
that you agree that we pseudonymized share your profile information with third parties. This
means that you can get more surveys and surveys that might be more relevant for you.
“I agree that third-party data is added to my profile for market research purposes” means you
agree that information related to your personal data received from a third-party can be added
to your profile information.
“I agree to share my sensitive data for market research purposes” means you agree that there
could be questions about your special categories of personal data in your profile. In this case,
the surveys would be more adapted for you and more informative for us. It is likely that you will
receive more surveys that are relevant to you.
Most of your consents can easily be revoked at any time by writing an email to
data.protection@synoint.com (if it is related to the processing of your personal data) or
info@synoint.com (if it is related to other topics), or you can easily revoke most of your
consents in Syno systems and platforms by yourself.
Data protection officers (DPO)
In adherence to the GDPR, Syno has assigned the following Data protection officers:
General counsel Jurgita Sakalauskienė (on legal side)
CTO Albertas Jurgelevičius (on IT side).
You can read more about our Data protection officers on https://www.synoint.com/dpo/.
If you would like to contact Syno Data protection officers, if you have questions related to the
processing and protection of your personal data, or regarding other matters related to personal
data, please contact us by e-mail data.protection@synoint.com.
General data protection regulation (current version):
https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=LT
Law on the legal protection of personal data of the Republic of Lithuania (current version):
https://www.e-tar.lt/portal/lt/legalAct/TAR.5368B592234C/VCRurdZydD
International data transfers using model contracts:
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
About General data protection regulation: https://eugdpr.org/
Amazon (AWS) Privacy notice: https://aws.amazon.com/privacy/
UAB Interneto vizija Privacy policy: https://sutartys.iv.lt/preview/privatumo_politika.php
UAB Rakrejus Privacy policy: https://www.rackray.com/lt/privatumo-politika/
Cint Privacy notice: https://www.cint.com/participant-privacy-notice
Google Privacy policy: https://policies.google.com/privacy?hl=en
Syno is committed to protecting the privacy and security of all Personal Data collected or
received by Syno. Syno strives to conform its privacy practices with applicable international,
national and/or local laws and regulations. This Privacy policy is governed by the laws of the
Republic of Lithuania.
Syno may update or modify this Privacy Policy from time to time to reflect changes in legal,
technical, or business requirements. The most recent and authoritative version of this Privacy
Policy is always available in English at https://www.synoint.com/legal-and-quality/.
Where the changes are material or affect how Syno processes Personal Data, Syno will provide
appropriate notice — for example, by posting a prominent notice on its website, within the
Syno Cloud platform, or by other suitable means of communication — before the changes take
effect. The “Last Updated” date at the top of this Privacy Policy indicates when it was most
recently revised.
By continuing to use Syno Services, participate in Syno platforms, or otherwise engage with
Syno after the effective date of any update, you acknowledge and agree to the revised Privacy
Policy.
www.synoint.com,
www.synorewards.com
www.surveyo24.com
https://app.synopanel.com/
Effective date: 2018/05/18
Last updated and revised version: 2026/01/26