Data & Compliance

We collect what the apps need to work, we keep it for as long as we have a reason to, and we delete it when we don't. We don't sell it. This page explains how we secure it and which rules we follow. For the full picture of what we collect and why, read our Privacy Policy.

We protect the data in our apps with measures including:

• Encryption. Data is encrypted while moving between your device and our servers, and encrypted at rest where stored.
• Access controls. Only the people who need access to do their jobs have it, and that access is logged and reviewed.
• Hardened infrastructure. We host with a major cloud provider that maintains its own physical and network security, including network segmentation and secrets management.
• Testing. We run regular vulnerability scans and review code for security issues before release.
• Monitoring. We watch for unusual activity and have a process for responding when something looks wrong.

No system is completely secure, and we won't claim otherwise. What we can promise is that we take it seriously and we'll be honest with you if something goes wrong.

Depending on where our users are, several privacy laws apply to us:

• GDPR for users in the EU and UK. We process personal data on a lawful basis, honor data-subject rights, and use approved safeguards for any international transfers.
• CCPA/CPRA for users in California, including the rights to know, delete, correct, and opt out.
• Other applicable laws — including other US state privacy laws and regulations relevant to the jurisdictions we operate in.

We use a small set of trusted providers to run the apps. Each one is bound by a contract that limits how they can use the data and requires them to protect it. Our current sub-processors:

We'll update this list before adding or changing a provider that handles personal data.

We store data in [country/region]. When data moves across borders, we rely on safeguards like Standard Contractual Clauses so that your protections travel with it.

If your organization uses Fleet App, a few things are worth being clear about:

• Roles. For the data your organization puts into the app, your organization is the controller and Syntari is the processor. We handle that data on your instructions.
• Data Processing Agreement. We offer a DPA that covers how we process your data, including GDPR terms and our sub-processor commitments. Request one at compliance@syntarisystems.com.
• Driver and location data. If you collect location or other driver data through the app, you're responsible for telling your drivers and for following the employment and privacy laws that apply to you. We give you the tools; how you use them is your call.

If a security incident affects your personal data, we'll investigate, contain it, and notify you and the relevant authorities within the timeframes the law requires. We'll tell you what happened, what data was involved, and what we're doing about it. We'd rather give you an awkward, honest update than a polished, late one.

To see, correct, delete, or get a copy of your data — or to ask a question about any of this — email privacy@syntarisystems.com. We'll confirm it's really you, then respond within the timeframe the law sets (usually 30–45 days). Business customers with a DPA should use the contacts in that agreement.

Bet Tracker records betting activity you do elsewhere. It doesn't take bets or hold money, but we know the subject matter is sensitive. We don't share your logged betting data with advertisers, and we don't use it to push you toward gambling more.

If betting is becoming a problem for you, help is available — the National Problem Gambling Helpline is available at 1-800-522-4700. You can delete your data and account at any time.

Security, data, or compliance questions: