Privacy Policy

We collect information you provide directly: your name, email address, and any URLs or content you submit through the Service. We also collect usage data (pages visited, features used, AI requests made) and technical data (browser type, IP address, device information) to improve the Service.

We use your data to provide and improve the Sync AI service, process payments, send service-related communications, and diagnose technical issues. We do not sell your personal data to third parties. We do not use your data to train AI models without your explicit consent.

Your account data, projects, and sync history are stored securely using Supabase (PostgreSQL), hosted on secure cloud infrastructure. Generated code and preview data are stored server-side and linked to your account. We retain your data for as long as your account is active, or as required by law.

Sync AI uses the following third-party services, each with their own privacy policies:

• Stripe — payment processing. Stripe handles all card data; we never store card numbers.
• Supabase — database and authentication storage.
• OpenRouter / Anthropic / OpenAI — AI model inference for code generation and analysis. Prompts may be processed by these providers.
• Google — OAuth authentication (if you sign in with Google).
• Vercel — hosting and edge delivery.

We use cookies to maintain your session (authentication), remember your preferences, and measure usage via analytics. You can disable cookies in your browser settings, but this may affect Service functionality. We do not use advertising or tracking cookies.

If you are in the European Economic Area or UK, you have the right to: access the personal data we hold about you, request correction of inaccurate data, request deletion of your data, object to or restrict processing, and request data portability.

To exercise any of these rights, email us at sycore.app@gmail.com. We will respond within 30 days. You can also delete your account directly from Settings → Privacy & Security.

We implement industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords, and access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security but take all reasonable precautions.

The Service is not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe we have collected data from a child, contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a notice in the Service. The "Last updated" date at the top of this page indicates when this policy was last revised.