Trust Center
Verify platform credibility in under 5 minutes. Full transparency on how we protect your data, meet compliance requirements, and secure our infrastructure.
GDPR Compliant
Full EU regulation adherence
EU Data Residency
Frankfurt, Germany
AES-256 + TLS 1.3
Encryption at rest & transit
SOC 2 In Progress
Expected Q3 2026
GDPR Compliant & EU Data Residency
All data stored in EU (Frankfurt). SOC 2 in progress.
Active Certifications
EU Data Residency
All Synapse Q data is stored exclusively within the European Union (Frankfurt region), ensuring full GDPR compliance and eliminating cross-border data transfer requirements.
Full compliance with EU General Data Protection Regulation
Continuously compliant
All data stored within EU jurisdiction via Supabase EU region
Continuously compliant
Security, availability, and confidentiality certification in progress
Expected Q3 2026
Information security management system certification
Planned Q4 2026
EU (Frankfurt) via Supabase — EU-only storage, no cross-border transfers
Certifications
GDPR Compliance
User consent obtained for all data processing activities
Article 6, Article 7
Full support for access, rectification, erasure, portability, and objection rights
Article 15-22
Privacy-first architecture with minimal data collection and default privacy settings
Article 25
DPA templates available for all enterprise customers
Article 28
End-to-end encryption, access controls, and regular security audits
Article 32
24-hour breach notification procedure with documented incident response plan
Article 33-34
EU-only data storage eliminates cross-border transfer requirements
Chapter V
Security Controls
Access Control
Role-Based Access Control (RBAC)
Granular permissions system ensuring users only access resources appropriate to their role
Multi-Factor Authentication (MFA)
Optional additional security layer for sensitive account operations
Data Protection
Encryption at Rest (AES-256)
All stored data encrypted using industry-standard AES-256 encryption
Encryption in Transit (TLS 1.3)
All data transfers protected with modern TLS 1.3 protocol
Monitoring & Response
Audit Logging
Comprehensive audit trail with cryptographic hash chain for tamper detection
Vulnerability Management
Automated dependency scanning and regular security updates
Incident Response
24-hour breach notification procedure with documented escalation path
Incident History
No security incidents reported
Clean security record with proactive monitoring and threat detection.
Data Processing
Account info, challenge submissions, performance metrics, usage analytics. Data minimization principles applied.
Platform services, submission evaluation, leaderboards, and UX improvement.
User consent (GDPR Art. 6) and contractual necessity for service delivery.
Your Data Rights
Data Retention
Privacy inquiries: privacy@synapseq.io|Full privacy policy
Data Processing Agreement (DPA)
Download a customized DPA for your organization under GDPR.