SyneMind is committed to protecting your privacy and ensuring the security of your personal information, not only to the extent required by Australian law but well beyond its requirements. This Privacy Policy outlines how we collect, use, store, and protect your data in compliance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the Consumer Data Right (CDR), and owr own privacy-centered philosophy.

We collect the following types of information related to you:

• Information you provide to us when you register at our website.
• Information from social login providers (Facebook, Google etc.) when you choose to connect your account, to the extent that you allow these platform to share data with us.
• Information you provide when uploading data to our website.
• Usage data related to your interactions with our website.

Information that we do not collect, or ever have access to:

• Your payment details, such as credit card numbers or bank accounts (these are handled by the payment processor and not by us).
• Your passwords for login providers (Facebook, Google etc.) - they only inform us that you are the account owner, but handle identification themselves.

Your information and data is used for:

• Providing our services.
• Communicating with you about your account or our services.
• Personalising your experience when you use our services.
• Complying with legal obligations.

All data is stored securely within Australia. We implement strict security measures to protect your information from unauthorised access, alteration, or disclosure.

We do not allow any third-party tracking or profiling on our website. When you communicate with our services, you only communicate with infrastructure we operate and control, none of your data goes elsewhere. There are no third-party tracking scripts or cookies of any kind.

Apart from creating an account directly in our system, you can also authenticate using a "social login provider", such as Facebook or Google. When you do that, a connection is established between our system and that of the provider, allowing us to request information or perform actions on your behalf, to the extent allowed by the respective platform and approved by you.

You can disconnect your social accounts from our site at any time:

• The disconnection can be initiated from our side by removing the connection from your account settings, or it can be done without logging into our site by removing the connection from the respective login provider.
• Disconnection can also be initiated by the login provider itself, if your account with it becomes inactive.
• This action will not delete your account on our site, it will just remove the connection to the social login provider.
• You may need to set a password for your account if social login was your only authentication method. Please make sure to do that before disconnection, if this is the case.
• After disconnection, you can reconnect your social account or use other authentication methods to access our site.
• Data that has been copied from your social account into your profile (e.g. name, email address) will not be deleted. Other data will become inaccessible but may remain archived for security purposes for a while. Access tokens will be deleted immediately, with no option to restore.

As a CDR participant, we adhere to the following principles:

• We only collect and use your data with your explicit consent.
• You can withdraw your consent at any time.
• We comply with the 13 privacy safeguards outlined in the Competition and Consumer Act 2010.

For more information on CDR, please visit the Office of the Australian Information Commissioner's CDR page.

You have the right to:

• Access your personal information.
• Request correction of inaccurate data.
• Withdraw consent for data processing.
• Request deletion of your data, subject to legal requirements.
• Disconnect any social account integrations you may have previously authorised.

We retain your data only for as long as necessary to fulfill the purposes outlined in this policy. When no longer required, we will securely delete or de-identify your information.

We may delete content associated with your account, including uploaded documents and media, if it has been inactive for six months or more.

Before deleting any content due to inactivity, we will attempt to notify you using the email associated with your account. However, failure to provide a working email address or to respond to our notification will not prevent the deletion of your content. It remains your responsibility to ensure that your account stays active if you wish to retain your data.

We may update this policy periodically. Any changes will be posted on this page with a revised effective date.

For any privacy-related inquiries or to exercise your rights, please contact our Privacy Officer using the feedback form on the main page.

If you have a complaint about how we handle your personal information, please contact our Privacy Officer. If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC).