Privacy Policy
This Privacy Policy applies to KonnektVPN, our iOS and Android mobile application (our “App”). The policy below informs you about the scope of processing your personal data.
General Information
What law applies?
In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular, the Delaware Personal Data Privacy Act (“DPDPA”) and the EU’s General Data Protection Regulation (“GDPR”).
What is Personal Data?
Personal Data is any information relating to personal or material circumstances related to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address and device ID.
What is processing?
"Processing" means any operation or set of operations that are performed upon Personal Data, whether or not by automatic means. The term is broad and covers virtually any handling of data.
Responsible for data processing
The responsible party within the meaning of the DPDPA and the GDPR is Synthia Group LLC of 1111b South Governors Avenue Ste 6711 - Dover - Delaware - 19904, Delaware, USA (“Synthia Group,” “we,” “us,” or “our”). If you have any questions or wish to exercise your rights, please email us at info@synthia.group or use our Contact Form.
The Legal Bases for Processing Personal Data
In accordance with the DPDPA and the GDPR, we have to have at least one of the following legal bases to process your Personal Data: a) you have given your consent, b) the data is necessary for the fulfillment of a contract / pre-contractual measures, c) the data is necessary for the fulfillment of a legal obligation, or d) the data is necessary to protect our legitimate interests, provided that your interests are not overridden.
Processing of Automatically Collected Data
Downloading the App
The App can be downloaded from the "Google Playstore'' a service offered by Google LLC, or the Apple "App Store" a service of Apple Inc. Downloading it may require prior registration with the respective App Store and/or installation of the respective App Store software.
Installing the App
As far as we know, Google collects and processes the following data: License check, network access, network connection, WLAN connections, and location information. However, it cannot be ruled out that Google also transmits the information to a server in a third country. We cannot influence which personal data Google processes with your registration and the provision of downloads in the respective App Store and App Store software. The party responsible in this respect is solely Google, as the operator of the Google Play Store.
As far as we know, Apple collects and processes the following data: device identifiers, IP addresses, and location information, and it cannot be excluded that Apple also transmits the information to a server in a third country. We cannot influence which personal data Apple processes with your registration and the provision of downloads in the respective app store and app store software. The responsible party in this respect is solely Apple as the operator of the Apple App Store.
Device information
Google and Apple may collect information from and about the device(s) you use to access the App, including hardware and software information such as IP address, device ID and type, device-specific and App settings and properties, App crashes, advertising IDs (AAID), information about your wireless and mobile network connection such as your service provider and signal strength; information about device sensors such as accelerometer, gyroscope, and compass.
Authorizations and Access
We may request permission to access your Internet Connection, Network, and your precise location. The legal basis for data processing is our legitimate interest and the provision of contractual or pre-contractual measures. You can deny access to your device via your device's Settings/Notifications/ options; however, this means that our app may not function as intended.
Push messages
When you use our App, you will receive so-called push messages from us, even if you are not currently using our App. These are messages we send you as part of the contract performance. You can adjust or stop receiving push messages at any time via your device settings. Insofar as you consent to use push messages, consent is the legal basis for the processing.
Data processing by us
Contacting us
Personal Data is processed depending on the contact method. In addition to your name and email address, IP address, or telephone number, we usually collect the context of your message which may also include certain Personal Data. The Personal Data collected when contacting us is processed for the purpose of dealing with your request, and the legal basis is your consent. The use of your IP address takes place exclusively in the context of law enforcement and security measures in compliance with our legal requirements.
Account Registration
If you register, we will request mandatory and, where applicable, non-mandatory data in accordance with our registration form. Your data entry is encrypted so that third parties cannot read your data when it is entered. The basis for this processing is our legitimate interest and to fulfill our contractual obligations. Of course, you can delete your account anytime using the Delete Account Feature in our App.
When using our services in general
We process the data of our registered users in order to be able to provide our contractual services as well as to ensure the security of our services and to be able to develop it further. This includes, in particular, our support, correspondence with you, invoicing, and fulfillment of our accounting and tax obligations. Accordingly, the data is processed on the basis of fulfilling our contractual obligations as well as to fulfill our legal obligations.
Shopping with us
We process your first name, last name, e-mail address, billing, and shipping address for the delivery of your order and the data related to your contract with us to handle the contractual relationship.
When you use our VPN service
To protect your privacy, we only collect the minimum information necessary, which is your user ID to let you access our service. We store your encrypted user ID on our secured servers. We keep a temporary log of connection data for troubleshooting purposes, which includes a randomly generated user ID and is securely deleted every few hours. This randomly generated user ID cannot be linked to you. We have deliberately and consistently chosen not to log all other data in order to limit our legal liability. However, we log the Connection status and bandwidth consumption to bill you properly and maintain a high quality of service. All usage data is anonymized and not linked to your real, public IP address. We do NOT log your VPN sessions, browsing behavior, the websites you visit, or any other activity related to your VPN connection. In addition, we NEVER store VPN connection logs and timestamps that are associated with your incoming and outgoing IP address or session duration.
Referrals
To implement our referral program, we process the data of the referrer and the recipient we collected in connection with the referral. The processing is carried out exclusively for implementing our Referral program and is necessary for this purpose, as participation would otherwise not be possible. The personal data will be transmitted and used there exclusively to implement our referral program. The basis for this processing is our legitimate interest, in fulfilling our contractual obligations and your consent.
Account Administration
We process data such as your email and account details, the subscription plan subscribed to (if any), the platform where the subscription is managed through (e.g. IOS, Android,) in the context of administrative tasks as well as organization of our business, and your subscriptions and compliance with legal obligations. In this regard, we process the same data we process while providing our contractual services. The processing bases are our legal obligations and our legitimate interests.
Connecting your Wallet
To use our services, you may connect your crypto wallet and some Personal Data may be collected by the relevant wallet provider (MetaMask or Coinbase). The respective wallet service processes the data transmitted to MetaMask or WallectConnect and is thus subject to MetaMask`s or WallectConnect`s Privacy Policy. We want to point out that we are not responsible for processing Personal Data when connecting your crypto wallet. Establishing and implementing the contract is the legal basis for providing a crypto wallet system.
Purchases and subscriptions
When you make an in-app purchase, our payment service provider, Google, Apple may collect the following data from you to process the desired order: a)user ID; b) Email address; c) Payment confirmation from the payment data collected depending on the payment method; and d) Device IP and device serial number to link the story history to the device. If you make a purchase for our physical products through our App, your payment will be processed via our payment service provider Stripe, or your chosen crypto wallet service provider. Payment data will solely be processed through Stripe or the crypto wallet service provider as selected by you. In both cases, we have no access to any Payment Data you may submit. The legal basis for the provision of a payment system is the establishment and implementation of the contract.
General Principles
Minors
Persons under the age of 18 should not transmit any Personal Data to us without the consent of their parents or legal guardians. We do not request Personal Data from minors and children and do not knowingly collect such data or pass it on to third parties.
Automated decision-making
Automated decision-making, including profiling, does not take place.
Do Not Sell
We do not sell your Personal Data.
Sharing
We will not disclose or otherwise distribute your Data to third parties unless this is a) necessary for the performance of our services, b) you have consented to the disclosure, or c) relevant legal provisions permit the disclosure of data. In addition, we may disclose your Data in connection with law enforcement, fraud prevention, or other legal proceedings as required by law or regulation if Synthia Group (or a part of Synthia Group) is sold to or merged with another company or if we have reason to believe that disclosure is necessary to protect Synthia Group or KonnektVPN.
International Transfer
We may transfer your Personal Data to other companies as necessary for the purposes described in this Privacy Policy. To provide adequate protection for your Data when it is transferred, we have contractual arrangements regarding such transfers. We take all reasonable technical and organizational measures to protect the Personal Data we transfer.
Data Security
Our data processing is subject to the principle that we only process the Personal Data necessary to use our services. In doing so, we take great care to ensure that your privacy and the confidentiality of all Personal Data are always guaranteed.
Nonetheless, databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of the action being taken to reconcile any damage resulting from the data breach. Notices will be provided as expeditiously as possible after discovering the breach.
Your Rights and Privileges
Privacy Rights You can exercise the following rights:
Right to information
Right to rectification
Right to deletion
Right to data portability
Right of objection
Right to withdraw consent
Right to complain to a supervisory authority
Right not to be subject to a decision based solely on automated processing.
If you wish to exercise any of your rights, please get in touch with us.
Updating your information
If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us.
Withdrawing your consent
You can revoke the consent you have given at any time by contacting us. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Access Request
If you want to make a Data Subject Access Request, please contact us. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to
your request within thirty (30) days, we will tell you why and when we will be able to respond to your request. If we are unable to obtain Personal Dtheta or to make the correction you requested, we will tell you why.
Complaint to a supervisory authority
If you believe that the processing of your Personal Data is not lawful, you can lodge a complaint with a data protection supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach any supervisory authority.
Changes
We may update this policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.
Contact us
If you have any questions or wish to exercise your rights, please email us at info@synthia.group or use our Contact Form.
Effective Date:
This Privacy Policy was last updated on Wednesday, February 28th, 2024.
Last updated