Privacy Policy

Introduction

This Privacy Policy (the “Policy” or “Statement”) describes how Vy Labs Technologies Private Limited (“Company”, “Synaptic”, “we”, “us” or “our”) collects, uses, discloses, transfers, stores and otherwise processes Personal Data of users of Canonical and any related websites, mobile applications, application programming interfaces, content, features and functionality made available by us in connection with Canonical (collectively, the “Service”). This Policy forms part of, and should be read together with, our Terms of Service (the “Terms”) and our Refund and Return Policy. Capitalised terms not defined in this Policy have the meanings given in the Terms.

By accessing or using the Service, creating an Account, or otherwise providing Personal Data to us, you acknowledge that you have read this Policy and consent to the processing of your Personal Data as described in it.

Scope and Applicability

This Policy applies when you (a) access, use or interact in any manner with the Service, including through our websites, mobile applications, APIs and other interfaces; (b) communicate with us in relation to the Service (including by email, support requests or surveys); or (c) attend any virtual or physical events organised by us in connection with the Service.

Other terms may also apply to your use of the Service or your interactions with us, including the Terms, the Refund and Return Policy, any order form or supplemental terms, and the terms and privacy practices of any third-party services you choose to integrate with the Service. We are not responsible for the privacy practices of such third parties.

Where the Service is provisioned to you on behalf of an organisation (for example, your employer or an entity that has subscribed to the Service for your use), that organisation may have additional rights and obligations in respect of your data, and we may share your data with that organisation in connection with the administration of the Service.

Synaptic Entity Details

In this Policy, references to “Synaptic”, “we”, “us” or the “Company” are references to Vy Labs Technologies Private Limited, a company incorporated under the laws of India and having its registered office at WeWork 7B, Sector-28, Platina Tower, MG Road, Near Sikandarpur Metro, Gurugram, Sadar Bazar, Haryana, India – 122001, and its relevant affiliates.

Definitions

For the purposes of this Policy:

• Company (referred to as either “the Company”, “We”, “Us” or “Our”) refers to Vy Labs Technologies Private Limited.
• Data Controller for the purposes of the GDPR, refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.
• EU means the European Union.
• EEA means the European Economic Area.
• GDPR means the General Data Protection Regulation.
• Personal Data means any information that identifies or relates to a particular individual and includes information referred to as ‘personal information’ (or analogous terms) under Applicable Law. For the purposes of GDPR, Personal Data means any information relating to you such as a name, an identification number, location data, online identifier or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity.
• Standard Contractual Clauses (SCCs) means the legal instruments ratified by the European Commission, as updated in 2021, to safeguard personal data transferred outside the EEA.
• Submissions has the meaning given in the Terms and includes queries, prompts, search terms, configuration inputs, files, comments and similar materials you submit to the Service.
• You / User means the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service. Under GDPR, you may be referred to as the Data Subject.

Children’s Privacy

The Service is not aimed at children. To validly access or use the Service, or attend any of our events, you must be at least eighteen (18) years of age. We do not separately identify, knowingly collect or intend to collect, any information that is specific to children, and we use reasonable efforts to verify that individuals under the age of 18 do not provide us with Personal Data. If you become aware that a child has provided us with Personal Data, please contact us at support@trycanonical.ai.

Information We Collect

Information that you provide

We receive and store certain Personal Data that you provide to us. If you request a trial of the Service, sign up for an Account, enter into an agreement with us, download content (including any reports), subscribe to communications (for example, through any ‘Contact Us’ or similar feature), register for an event, participate in a survey, or request customer or technical support, we may ask you to share your contact and identification information, including your name, job title, company name, postal address, phone number, email address, username and password.

Information collected through your use of the Service

If you use or interact with the Service or our emails, we collect information about your device and your usage of the Service or emails using cookies, web beacons, pixels, log files and similar technologies, and we may use third-party analytics services on the Service. The information so collected may include Personal Data and includes:

• identification and contact data such as your name and email address;
• Account, billing and transaction data, including subscription plan, billing address and tax-related information (payment instrument data is processed by our payment processors and is not retained by us in plain form);
• usage and analytics data, including IP address, device identifiers, browser type, operating system, referrer, pages and features accessed, clicks, hovers, search and query terms, session duration, performance and error data, and similar telemetry;
• Submissions and other content you provide through the Service, including queries, prompts, configuration inputs and files; and
• communications you have with us, including support requests, survey responses, and, if you contact us by phone or internet-based voice or video call, recordings or monitoring records of such calls (including for support, sales and quality-assurance purposes).

Information that we collect from others

We may also collect information about you from third parties, which may include Personal Data. Such third parties are responsible for their own compliance with Applicable Law. For example, the person arranging your access to the Service (such as your employer) may give us access to your information, including to set up an Account for you and enable you to access the Service.

Purposes and Legal Bases for Processing

We process Personal Data for the following purposes and on the following legal bases:

• Performance of a contract such as our contract with you to provide the Service. For example, we use your name and email address to enable your Account, process your subscription, deliver the Service and credits to you under the Refund and Return Policy, and respond to support requests.
• Our legitimate interests including (i) providing, operating and securing the Service; (ii) handling enquiries, complaints and providing customer and technical support; (iii) survey and research purposes; (iv) understanding usage patterns and developing, maintaining, troubleshooting and improving the Service, including the development of new features; (v) marketing and engagement; (vi) enforcing the Terms and protecting our rights, property and users; (vii) detecting, preventing and addressing fraud, abuse, chargeback behaviour and security incidents; and (viii) participating in and finalising arrangements for any sale, merger, acquisition, restructuring, joint venture or other disposition (including in bankruptcy or similar proceedings) or any similar transaction.
• Compliance with Applicable Law including responding to lawful requests from judicial, regulatory or governmental authorities and complying with our tax, accounting and audit obligations.
• Your consent such as when you sign up to receive marketing, promotional or informational communications from us, or where Applicable Law otherwise requires consent for a specific processing activity.

AI and machine learning

Except where we obtain your consent, we will not use your Personal Data, or your Submissions, to train, fine-tune or develop our or any third party’s machine learning or artificial intelligence models for any of the purposes outlined in this Policy. We may, however, use your Submissions to improve and provide a more personalised experience for you, including enhancing the relevance, accuracy, and usability of the services made available to you. We may also use Submissions that have been irreversibly de-identified and aggregated with data from other users so that they cannot reasonably be used to identify you or your business.

How We Share and Protect Your Information

We may share your Personal Data for the purposes set out in this Policy with the following categories of recipients:

• our affiliates, group companies and service providers, including hosting, infrastructure, analytics, payment processing, communications and customer support providers;
• the person arranging your access to the Service (such as your employer or the entity that has subscribed to the Service for your use);
• any person you have asked us to share information with;
• certain third-party vendors engaged by us to optimise the Service, conduct analytics, security testing or fraud prevention;
• judicial, regulatory and governmental authorities, in response to valid requests or where required by Applicable Law; and
• third parties in connection with any sale, merger, acquisition, restructuring, joint venture or other disposition (including in bankruptcy or similar proceedings) or any similar transaction involving the Company.

Your Personal Data may be processed outside your jurisdiction. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into appropriate back-to-back agreements and, where required, Standard Contractual Clauses or an alternative mechanism for the transfer of data. We implement technical and organisational measures, such as data encryption, access controls and regular security audits, to protect your Personal Data. For data transfers outside the EU/EEA, we ensure appropriate safeguards (such as the Standard Contractual Clauses) and comply with applicable data protection laws.

Except where we obtain your consent, we will not use your Personal Data to help improve, train or develop our or any third party’s machine learning or artificial intelligence models for any of the purposes outlined in this Policy.

Your Rights

Subject to and depending on Applicable Law, you may have certain rights in relation to your Personal Data, including the rights of access, rectification, erasure, restriction, objection, portability, and the right to withdraw any consent given. To submit a request to exercise your rights, please write to us at support@trycanonical.ai. We aim to respond within one month of receipt of your request. If an extension is needed, we will inform you of the reason for and the duration of the extension. We may require additional information to verify your identity before acting on a request.

Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal and may, in certain cases, prevent you from continuing to use all or part of the Service.

You also have the right to lodge a complaint with a Data Protection Authority about our collection and use of your Personal Data. If you are in the EEA, please contact your local data protection authority for more information.

Cookies, Tracking Technologies and Online Advertising

We and our service providers use first-party and third-party cookies, web beacons, pixels and similar or related technologies (collectively, “cookies”) to (i) ensure the appropriate functioning of the Service; (ii) store and manage user preferences; (iii) engage in marketing activities; (iv) personalise the Service; and (v) gather, analyse and report on analytics and usage data.

When you visit or log in to the Service, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email address. We (or service providers acting on our behalf) may then send communications and marketing to those email addresses. You may opt out of receiving this advertising by writing to us at support@trycanonical.ai.

Please note that the disclosures above are intended to explain how cookies and similar technologies used by our online data partners or vendors may enable us (or service providers acting on our behalf) to send communications and marketing. Our service providers do not directly contact individuals on our behalf based solely on this data collection.

Further details, including the specific categories of cookies used and your choices in relation to them, are set out in our cookie banner (where displayed) and in any cookie notice made available through the Service.

Marketing and Engagement

We may deliver marketing and event communications to you across various platforms, including email, telephone, text messaging, direct mail and online. Where required by Applicable Law, we will ask you to explicitly opt in to receive marketing from us. In some cases, our online data partners or vendors may use cookies and similar technologies on the Service to associate your visits or logins with other personal information they or others have about you (including your email), and we (or service providers acting on our behalf) may then send communications and marketing to such email addresses. You may opt out of receiving this advertising by writing to us at support@trycanonical.ai.

We may also engage in marketing activities on third-party platforms, but such activities are subject to the privacy statements and other terms applicable to such platforms. We use tracking technologies to determine engagement metrics and the impact of our marketing communications, and to analyse user engagement on the Service, including by tracking hovers, clicks, word searches and information entered on forms.

Service-related and transactional communications (for example, communications about your Account, billing, security and changes to the Service or this Policy) are not subject to opt-out so long as you have an Account. You may opt out of marketing communications at any time by using the “unsubscribe” link in our messages or by writing to support@trycanonical.ai.

Data Security

We take appropriate precautions and reasonable security practices and procedures, including organisational, technical and physical measures, to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorised disclosure of, or access to, the information we process or use. However, no method of storage or transmission is fully secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of the Service. We retain your Personal Data only as long as necessary for the purposes outlined in this Policy and as required by law. For information on specific retention periods, please contact us at support@trycanonical.ai.

Representatives

The Company is based in India and we have appointed the below to be its representative within the European Union:

Rickert Rechtsanwaltsgesellschaft mbH, Colmantstraße 15, 53115 Bonn, Germany. Email: art-27-rep-vy@rickert.law

The following is the UK representative of the Company:

Rickert Services Ltd UK, PO Box 1487, Peterborough PE1 9XX, United Kingdom. Email: art-27-rep-vy@rickert-services.uk

Third-Party Services and Links

The Service may contain links to, integrations with, or otherwise interoperate with websites, applications, products and services operated by third parties. Such third-party services are provided for your convenience only and are not under our control. Your use of any third-party service is governed by the terms and privacy practices of the relevant third party. We are not responsible or liable for any third-party service or for any loss or damage arising from your use of, or reliance on, any third-party service.

Changes to this Policy

We reserve the right to modify this Policy at any time. We will generally make such changes by distributing and/or posting an updated Policy on the Service with a revised “Last updated” date. Where the changes are material, we will use reasonable efforts to provide additional notice (for example, by email or in-product notification). We encourage you to review this Policy on a regular basis so that you are aware of any changes to it.

We will, on a best-efforts basis, align this Policy with our cookie banner and consent management practices to provide clear, up-to-date information about how your data is handled. Website administrators are responsible for ensuring that disclosures, cookie settings and consent preferences are implemented correctly. We encourage regular compliance checks to verify continued alignment with applicable privacy regulations and our operational practices.

Your continued use of the Service after the effective date of any updated Policy shall be deemed your acceptance of the updated Policy.

Contact Us

If you have any questions about this Policy, wish to exercise any of your rights under it, or want to report a potential data breach, please reach out to us at: