Synology Privacy Policy: Data Collection & Protection Practices

Understanding Personal Data Collection

At Synology, we prioritize transparency and accountability regarding the collection of personal data. In general, Synology collects personal information when users interact with our website, purchase products, register for services, or contact our support team. This information may include, but is not limited to:

• Contact Information: Names, email addresses, phone numbers, and mailing addresses.

• Account Credentials: Usernames, passwords, and security questions.

• Payment Information: Billing details, credit card information, and transaction history.

• Device and Usage Data: IP addresses, browser types, operating systems, and visit timestamps.

• Preferences and Behavior: Browsing patterns, service preferences, and usage interactions with Synology products.

This collection allows us to personalize user experiences, enhance service quality, and maintain the highest standards of product security.

How Synology Uses Personal Data

We use collected personal data for multiple purposes, ensuring that all processing complies with applicable data protection regulations:

1. Service Provisioning and Support
   Personal information is used to fulfill user requests, manage accounts, and provide efficient technical support. This ensures that product updates, notifications, and troubleshooting guidance reach the intended recipients.

2. Improving User Experience
   Data regarding user interactions and browsing behavior allows Synology to optimize our website interface, tailor content recommendations, and deliver relevant communications based on user interests.

3. Marketing and Communication
   With explicit consent, personal data may be used to inform users about new products, promotional campaigns, and service enhancements. Users have full control over subscription preferences and may opt out at any time.

4. Compliance and Security
   Personal data helps Synology safeguard against fraudulent activities, enforce legal obligations, and maintain operational security. Data is monitored and processed to detect anomalies, unauthorized access attempts, and potential threats.

Data Sharing and Third-Party Collaboration

Synology maintains strict standards when sharing personal information with third parties:

• Service Providers: Collaborators handling logistics, payment processing, cloud storage, or customer support.

• Legal Authorities: Only when required by law or in response to legitimate regulatory requests.

• Business Partners: Strategic partners may access aggregated, non-identifiable data to support research, marketing analysis, or service enhancement initiatives.

All third-party partners are contractually obligated to protect personal data and process it solely for defined purposes.

Cookies, Tracking Technologies, and User Consent

Synology uses cookies and similar tracking technologies to enhance user experience and website functionality:

• Essential Cookies: Necessary for website operation and security verification.

• Analytics Cookies: Monitor usage patterns, traffic sources, and engagement metrics.

• Marketing Cookies: Facilitate targeted promotions and user-specific recommendations.

Users can manage cookie preferences through browser settings or the Synology cookie management interface, ensuring full control over data collection.

Data Retention and Security Measures

Synology implements robust security measures to protect personal information from unauthorized access, disclosure, or destruction:

• Encryption: Data is encrypted both in transit and at rest using industry-standard protocols.

• Access Control: Strict role-based permissions limit data access to authorized personnel only.

• Regular Audits: Continuous security audits and penetration testing verify the integrity of our systems.

• Retention Policies: Personal data is stored only as long as necessary for operational, legal, or regulatory purposes, after which it is securely deleted or anonymized.

User Rights and Data Management

Synology empowers users with the following rights to manage their personal information:

• Access and Correction: Users may request access to or correction of their personal data.

• Data Portability: Users can obtain their data in a structured, commonly used format for portability purposes.

• Deletion Requests: Personal data can be deleted, subject to legal and contractual obligations.

• Consent Management: Users may withdraw consent for marketing communications or cookie usage at any time.

Requests are handled efficiently, and dedicated contact channels are provided to facilitate user rights.

International Data Transfers

Personal data may be transferred across borders for operational purposes. Synology ensures:

• Compliance with GDPR and other international data protection regulations.

• Implementation of standard contractual clauses and additional safeguards to guarantee privacy and security.

• Transparency about the location and security measures applied to international transfers.

Continuous Commitment to Privacy

Synology remains committed to evolving our privacy practices in line with regulatory developments, technological advancements, and user expectations. Regular policy reviews ensure that privacy, transparency, and data protection remain integral to all Synology operations.

Key Takeaways

• Synology collects only necessary personal data to provide secure, personalized services.

• Users retain full control over their information, including access, correction, and deletion rights.

• Data security is ensured through encryption, access control, and continuous auditing.

• International data transfers comply with strict regulatory standards.

• Synology employs cookies and tracking technologies responsibly, with user consent.

This comprehensive approach ensures Synology remains a trusted provider for secure storage, cloud services, and personalized digital experiences.