Privacy Policy

At Sync EHS LLC ("Sync EHS," "We," "Us," or "Our"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your data when you use the Sync EHS platform (the "Platform"), which includes our web application, APIs, dashboards, reports, and related services for safety management. By using the Platform, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect the following types of information:

• Account Information: When you create an account, we collect your name, email address, company name, and payment information to set up and manage your subscription.
• Safety Data: You may upload safety-related data, such as employee names, incident details, dates, and descriptions, to track and manage workplace safety. This may include protected health information (PHI) under HIPAA.
• Usage Data: We collect anonymized usage metrics, such as the number of logins, feature usage, and page views, to improve the Platform. This data does not identify you or your employees.
• Technical Data: We collect technical information, such as your IP address, browser type, device type, and operating system, to ensure the Platform functions properly and to diagnose issues.

2. How We Use Your Information

We use your information to:

• Provide and maintain the Platform's functionality, such as generating safety reports and dashboards.
• Process payments and manage your subscription.
• Communicate with you, including responding to inquiries, sending service updates, and providing technical support.
• Improve the Platform by analyzing anonymized usage metrics (e.g., identifying popular features).
• Comply with legal obligations, such as responding to court orders or regulatory requests.

3. How We Share Your Information

We do not sell or share your personal data with third parties for marketing purposes. We may share your data in the following circumstances:

• Service Providers: We share data with trusted service providers (e.g., cloud hosting services, payment processors) to deliver and improve the Platform. These providers are contractually obligated to protect your data.
• Legal Requirements: We may disclose data if required by law, such as in response to a court order, subpoena, or regulatory request.
• Business Transfers: If Sync EHS is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, but we will notify you and ensure continued protection of your data.

4. Data Security

We take data security seriously and implement industry-standard measures to protect your information:

• All data is encrypted at rest and in transit using modern protocols (e.g., AES-256, TLS 1.2).
• We comply with HIPAA requirements for handling protected health information (PHI) and implement administrative, physical, and technical safeguards. We will enter into a Business Associate Agreement (BAA) upon request for covered entities.
• We maintain regular backups, but you are responsible for maintaining your own backups of critical data, as Sync EHS is not liable for data loss due to unforeseen events (e.g., server failures, cyberattacks).

5. Your Data Rights

You have control over your data and the following rights:

• Access and Export: You can request a copy of your account data in a standard format (e.g., CSV) by contacting support@syncehs.com.
• Correction: You can update or correct your account information through the Platform or by contacting us.
• Deletion: You can request deletion of your data at any time by contacting support@syncehs.com. After deletion, data is retained for 30 days for backup purposes and then permanently deleted, unless required by law.
• Opt-Out: You can opt out of non-essential communications (e.g., marketing emails) by clicking the unsubscribe link in those emails or contacting us.

We comply with applicable privacy laws, including GDPR (for EU users) and CCPA (for California residents), ensuring your rights to access, correct, or delete your data.

6. Data Retention

We retain your account data for as long as your account is active. After account termination, data is retained for 30 days, during which you may request an export, and then permanently deleted, unless required by law (e.g., for tax or audit purposes). Anonymized usage metrics may be retained indefinitely for analytics purposes.

7. International Data Transfers

Sync EHS is based in the United States, and your data is stored on servers located in the U.S. If you access the Platform from outside the U.S., your data will be transferred to the U.S., where privacy laws may differ. By using the Platform, you consent to this transfer and agree to the terms of this Privacy Policy.

8. Cookies and Tracking

We use cookies and similar technologies to enhance your experience on the Platform, such as maintaining your login session and analyzing usage patterns. You can manage cookie preferences through your browser settings, but disabling cookies may affect the Platform's functionality.

9. Children's Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have collected such information, please contact us at support@syncehs.com to have it removed.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes via email or in-app notification at least 30 days before they take effect. Continued use of the Platform after the effective date constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at:

Email: support@syncehs.com

We aim to respond to all inquiries within 1–2 business days.