SYNTEX Privacy Shield από SYNTEX Security

🛡️ SYNTEX Privacy Policy: Zero Data Collection

Last Updated: September 4, 2025

Our Philosophy: Privacy First

Our core principle is simple: We don't want your data. We want attack data. SYNTEX Privacy Shield is designed to protect your privacy through local, zero-knowledge threat detection. Our commitment to zero personal data collection is fundamental to our mission.

1. Zero Collection Guarantee: Personal Data

Because the SYNTEX Privacy Shield extension operates locally, we are committed to not collecting, storing, or transmitting any user personal information.

| Category of Data | Status |
| :--- | :--- |
| Personal Identifiers (Name, Email, Address, Phone) | NEVER COLLECTED |
| Sensitive Financial Data (Login credentials, Passwords, Payment Info) | NEVER COLLECTED |
| Online Activity (Browsing History, Search Queries, Communications) | NEVER COLLECTED |
| Device Identifiers (IP Addresses, Geolocation, Cookies, Tracking IDs) | NEVER COLLECTED |

1. Local Data Processing & Functionality

All core threat detection and privacy protection functions occur locally on your device. This local processing minimizes your exposure to cloud-based data risks.

Real-Time Analysis: Network requests are analyzed for threat patterns in real-time without storing the content of the requests remotely.
Local Storage Only: We store minimal non-personal data necessary for functionality, including user preferences, settings, and local performance statistics. This data is encrypted and isolated using your browser's secure storage APIs and never leaves your device.
Zero External Dependencies: The core function does not rely on external databases (like Redis or RabbitMQ) or general analytics platforms (like Google Analytics).

1. Threat and Attack Pattern Data (Anonymous)

To fulfill our purpose of improving global security for all users, we anonymize and aggregate non-personal threat intelligence.

Data Collected: Only anonymous, aggregated technical data related to detected attack patterns is collected. This includes characteristics like script hashes, malicious domain categories, and attack vectors.
Anonymity Guaranteed: This data contains no personally identifiable information (PII) and is analyzed solely to enhance the threat protection model for all SYNTEX users.
Focus: We focus exclusively on the technical characteristics of the threat itself, not the user's context.

1. Premium Subscription Processing

We use a trusted third-party service to manage premium subscriptions without ever touching your financial data.

Payment Processor: Payment processing is handled entirely by Stripe (subject to Stripe's privacy policy).
SYNTEX Data Received: We only receive and store your subscription status (active/inactive) and a unique, non-PII token required to unlock premium features.
Data Storage: Your subscription tokens are stored locally on your device for fast access and on our secure backend without linking to PII.

1. Third-Party Services and Data Sharing

We strictly limit third-party services to essential functions and do not share or sell any user data because we do not collect any personal data to begin with.

| Third Party Service | Purpose | Data Shared by SYNTEX |
| :--- | :--- | :--- |
| Stripe | Payment processing for premium subscriptions. | None. Stripe collects data directly from the user/browser. |
| Chrome Web Store / Google | Extension distribution and installation. | None. Subject to Google's standard policies. |
| Analytics/Advertising | None. We use no analytics, tracking, or advertising services. | None. |

1. Your Data Rights and Controls

Since we do not collect personal data, your typical data access, correction, or deletion rights do not strictly apply to SYNTEX. However, you maintain full control over the application:

Disable: You can disable the extension at any time via your browser's extension manager.
Clear Data: You can clear all local settings, preferences, and stored non-personal statistics through the extension management panel.
Uninstall: Uninstalling the extension completely removes all associated local data.

1. Compliance and Legal Framework

This policy and our zero-data practices ensure compliance with global privacy standards.

General Data Protection Regulation (GDPR): Our commitment to Data Minimization (Article 5) and Privacy by Design is fulfilled by not processing or storing personal data.
California Consumer Privacy Act (CCPA) / CPRA: Since we do not collect PII, the requirements for data disclosure, access, and the Right to Opt-Out of Sale are superseded by our fundamental zero-collection practice.
Children's Privacy (COPPA/GDPR): We do not knowingly collect any data, personal or otherwise, from children under the age of 16.

1. Changes to This Policy

We will update this Privacy Policy to reflect changes in our practices or legal requirements. Major changes to our data collection practices (e.g., if we ever started collecting PII) would be communicated clearly and require explicit user consent via an extension update prompt.

Effective Date: September 4, 2025

www.syntexsecurity.com/privacy-policy