Syntroper Logo

Privacy Policy

Effective From: 7th Dec, 2025

Last Updated: 7th Dec, 2025

1. Who we are

This Privacy Policy explains how Syntroper AI Limited (trading as Syntroper, “we”, “us”, “our”) collects, uses, and shares personal information when you:

  • visit https//www.syntroper.ai (the “Site”), and
  • use any products, services, or tools we provide, including any connection to your code repositories (the “Services”).

We are a New Zealand–based organisation and our handling of personal information is intended to align with the Privacy Act 2020 and its information privacy principles.

If you do not agree with this policy, you should not use our Site or Services.

2. What “personal information” means

“Personal information” means information about an identifiable individual – for example, your name, contact details, or anything that could reasonably be used to identify you.

This policy covers:

  • Account & contact details (e.g. name, email, company, role)
  • Usage data about how you interact with our Site and Services
  • Repository and code data when you connect your codebases to our Services, to the extent it can be linked to you or your organisation.

3. Information we collect

3.1 Information you provide directly

When you interact with us, you may provide:

Signup / account information

  • Name
  • Work email address
  • Company name
  • Role or job title

Contact & support information

  • Any information you include when you contact us (e.g. support requests, demo requests, feedback).

Testimonials & feedback

  • Your comments about our product
  • Your name
  • Your job title
  • The name of the company you work for
  • (and any other information you choose to include)

We’ll use testimonials and feedback as set out in section 4.6 Testimonials and marketing below.

3.2 Repository and code data

When you choose to connect your codebases or upload code as part of using the Services, we may process:

Repository metadata, such as:

  • repository names, branches, file paths, commit metadata, contributor identifiers, configuration files, and similar information.

Code content, meaning the source code and related files in repositories you connect or upload.

Derived metadata and analysis results, such as:

  • dependency graphs, file activity statistics, code health metrics, and similar technical insights we generate.

Temporary code copies

To operate and improve the Services, we may temporarily create and store copies of your code (for example, in background jobs or analysis pipelines) in order to:

  • index and analyse repository structure and metadata
  • generate metrics, dashboards, and recommendations
  • improve performance and reliability of the Services.

We do not claim ownership of your code. See section 6.2 Service providers & third parties for how we may share it, and section 8.2 Code and repository data for retention.

We do not use your code or metadata for unrelated marketing or to build generic models for third parties without your consent.

3.3 Automatically collected information

When you visit our Site or use the Services, we may automatically collect:

Log data

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and actions taken
  • Date/time of requests
  • Referring/exit pages
  • Error and performance data

Device & usage data

  • Operating system and device type
  • Approximate location (e.g. city or country) based on IP address
  • Session identifiers and similar technical identifiers

We generally use this to secure our systems, troubleshoot issues, and understand usage patterns.

3.4 Cookies and similar technologies

We may use cookies and similar technologies to:

  • keep you signed in
  • remember your preferences
  • measure usage of the Site and Services
  • help us improve our product and marketing.

You can usually control cookies through your browser settings. If you disable cookies, some features may not work properly.

4. How we use your information

4.1 To provide and operate the Services

  • Creating and managing your account
  • Providing access to the Site and Services
  • Connecting to and analysing your code repositories and metadata
  • Running background processes that require temporary copies of your code
  • Providing support and responding to enquiries

4.2 For security and reliability

  • Protecting the Services from abuse and misuse
  • Detecting and investigating errors or incidents
  • Monitoring and improving the stability and performance of our systems

4.3 For analytics and product improvement

  • Understanding how users interact with the Site and Services
  • Analysing usage trends and feature adoption
  • Improving and developing new features and functionality

We may use aggregated or de‑identified information (that does not reasonably identify you) for analytics, benchmarking, and product improvement.

4.4 For communication

  • Sending important service messages (e.g. security notices, feature changes, downtime)
  • Responding to support requests, questions, and feedback
  • Following up on trial signups or demo requests

You cannot opt out of essential service communications that are necessary to operate your account.

4.5 For marketing (with your choices respected)

  • Sending product updates, newsletters, and promotional emails
  • Inviting you to events or webinars
  • Showing you content we think may be relevant

You can opt out of marketing at any time via the “unsubscribe” link in our emails or by contacting us (see Contact us).

4.6 Testimonials and marketing use of your details

If you provide a testimonial, quote, case study, or similar endorsement (for example via email, survey, or conversation that you clearly provide as feedback), you:

  • authorise us to use that testimonial, together with:
  • your name,
  • your job title, and
  • the name and logo of the company you work for (if applicable)
  • in our marketing materials, including:
  • our website,
  • slide decks,
  • social media posts, and
  • other promotional content.

We may lightly edit testimonials for length and clarity, but we won’t change their overall meaning.

You can ask us to stop using your testimonial in new materials at any time by contacting us. We will remove or update it going forward where reasonably practicable, but this will not affect materials already printed, published, or widely distributed.

5. Legal basis and our responsibilities

We collect, use, and share personal information only where we consider it reasonably necessary for our business and in line with our obligations under the Privacy Act 2020, including the information privacy principles on collection, use, disclosure, security, and access/correction.

We do not currently hold or claim any formal certification under foreign privacy regimes such as GDPR, CCPA, or similar laws. Depending on where you are located, those laws may still apply to our handling of your information, and we will comply with any obligations that apply to us.

6. When we share your information

We do not sell your personal information.

We may share personal information with:

6.1 Our group and personnel

Employees, contractors, and advisors who need access to operate, develop, or support the Services and who are bound by confidentiality obligations.

6.2 Service providers and third parties

We use third‑party service providers to help us operate our business and Services, for example:

  • cloud hosting and infrastructure
  • logging, monitoring, and analytics
  • email delivery and communication tools
  • customer support tools
  • (if applicable in future) payment processors.

These providers may process personal information on our behalf and only according to our instructions.

Where these providers may access your code or repository data, we limit this to what is necessary for them to provide their services (for example, secure hosting or log storage).

6.3 Business transfers

If we are involved in a merger, acquisition, financing, or sale of assets, personal information may be transferred as part of that transaction, subject to confidentiality obligations and applicable law.

6.4 Legal and compliance reasons

We may disclose personal information where we reasonably believe it is necessary to:

  • comply with law, regulation, or legal process
  • respond to valid requests from regulators or law enforcement
  • protect the rights, property, or safety of us, our users, or the public
  • detect and prevent fraud, security, or technical issues.

7. International transfers

We may store or process personal information in New Zealand or in other countries where we or our service providers maintain facilities.

Where we disclose personal information to an overseas recipient, we will take reasonable steps to ensure the recipient is subject to privacy protections that, in our view, are comparable to those in New Zealand or we will otherwise act in accordance with the Privacy Act 2020 (for example, by obtaining your express authorisation where appropriate).

8. How long we keep information

8.1 Account and contact information

We keep personal information:

  • for as long as you have an active account or ongoing relationship with us; and
  • for a reasonable period afterwards (for example, to maintain records, comply with legal obligations, resolve disputes, or enforce our agreements).

When information is no longer needed, we will either delete it or de‑identify it (so it can no longer reasonably be linked to you).

8.2 Code and repository data

For code and repository data:

  • Temporary working copies and background processing data are kept only as long as needed to perform the analysis or operation, after which they are deleted or overwritten in the ordinary course of system operations.
  • Derived metadata and analytics (e.g. aggregated metrics and insights) may be retained for longer to support the Services, provided it does not reasonably identify you or expose your confidential code.

If you disconnect a repository or close your account, we will stop collecting new code and repository data. Some derived or backup data may persist for a limited time in our systems, logs, and backups, subject to our retention obligations.

9. How we protect your information

We use commercially reasonable technical and organisational measures to protect personal information from loss, unauthorised access, disclosure, or misuse. These measures include restrictions on access, logical and physical safeguards, and internal policies.

However, no method of transmission or storage is completely secure. We cannot guarantee absolute security, and you are responsible for maintaining the security of your own devices, accounts, and credentials (for example, by choosing strong passwords and keeping them confidential).

We do not currently hold any formal security certifications (such as ISO 27001 or SOC 2).

10. Your rights and choices

Under the Privacy Act 2020, you generally have the right to:

  • Know when your personal information is being collected and for what purposes
  • Access personal information we hold about you
  • Request correction of information that is incorrect, incomplete, or out of date.

To exercise these rights, contact us using the details in Contact us. We may need to verify your identity before acting on your request, and there may be situations where we are permitted or required by law to refuse access or correction (for example, where providing access would unreasonably impact the privacy of others).

If you live in another country, your local laws may give you additional rights (such as the right to deletion or data portability). Where those laws apply to us, we will support you in exercising those rights.

10.1 Marketing communications

You can opt out of marketing emails at any time by:

  • clicking the “unsubscribe” link in our emails, or
  • contacting us directly.

We may still send you non‑marketing messages that are important for the operation of your account or the Services.

11. Children’s privacy

Our Site and Services are designed for use by adults in a business context and are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us so we can delete it.

12. Third‑party sites and services

Our Site and Services may link to third‑party websites, products, and services that we do not operate or control. Their privacy practices are governed by their own policies, not this one. We encourage you to review their privacy statements before providing any information.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our business practices, legal requirements, or the Services.

When we make changes, we will:

  • update the “Last updated” date at the top of this page; and
  • where changes are material, take additional steps to inform you (for example, by email or prominent notice in the product), where reasonably practicable.

Your continued use of the Site or Services after the updated policy takes effect means you accept the changes.

14. Contact us

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal information, please contact:

Arsalan Ellahi

Syntroper AI (trading as Syntroper)

Address: 41 Market Place, Auckland Central, New Zealand, 1010.

Email: privacy@syntroper.com

URL: https://www.syntroper.ai/legal/privacy

If you are in New Zealand and are not satisfied with how we handle your concern, you can also contact the Office of the Privacy Commissioner. Guidance and contact details are available on their website.

Ready to save time in
architecture discovery and diagramming?

icon

FAQs

Read frequently asked questions or reach out to us for any further queries.

icon

Blogs & Articles

Read frequently asked questions or reach out to us for any further queries.

Ready to save time in
architecture discovery and diagramming?

icon

FAQs

Read frequently asked questions or reach out to us for any further queries.

icon

Blogs & Articles

Read frequently asked questions or reach out to us for any further queries.