This document outlines the strict technical and legal protocols under which user telemetry, account states, local device permissions, and digital service logs are processed. This policy applies comprehensively to all websites, mobile applications, software, games, and digital products (collectively, the "Services") published by SyncMax Technologies.
Corporate Entity Identification: This Global Privacy Charter forms a legally binding covenant governed by SYNCMAX TECHNOLOGIES PRIVATE LIMITED, an Indian Private Limited company incorporated under Corporate Identification Number (CIN) U62012RJ2026PTC110981, having its D-U-N-S® Registration Number 772001986, and its registered office located at C/O Rajesh Kumar Sharma, S/O Shyamlal Mehndi Kabas, Amer, Amer, Jaipur, Rajasthan 302028, India.
Statutory Frameworks: Our processing operations strictly align with the Digital Personal Data Protection Act (DPDPA), 2023 (India) regarding minor data, the Children's Online Privacy Protection Act (COPPA) (USA), the EU GDPR-K (General Data Protection Regulation for children), and the California Consumer Privacy Act (CCPA).
Our digital Services are designed for users of all ages, including children aged 3 and above. We are deeply committed to protecting minor privacy in strict compliance with COPPA and global regulatory requirements:
We process data categorized into explicit architectural tiers to maintain our operational integrity:
Information submitted voluntarily during contract establishment, onboarding workflows, or portal signup by adult administrators. This includes full legal names, active corporate email addresses, authorized company phone numbers, and physical billing addresses. We prohibit children under 13 from establishing accounts directly.
Technical connection vectors captured programmatically upon domain or app interaction. This includes device configurations, browser engine versions, hardware operating system signatures, and transmission latency measurements. This data is entirely aggregated and is never linked to an individual child.
We share specific, non-personal client telemetry with validated third-party sub-processors solely for secure hosting, analytics, and service diagnostics. These partners are legally bound to uphold equivalent security controls:
Our mobile applications request specific hardware-level system permissions. We process all inputs strictly on-device to ensure privacy:
Analytical Services: We use Google Analytics and Mixpanel to collect metrics regarding site performance, page load boundaries, interaction heatmaps, and diagnostic events to constantly tune our latency protocols.
Diagnostic Telemetry: System analytics collect information relating to network bottlenecks, client-side javascript exceptions, and server load thresholds.
Contextual-Only Advertising (Kids Sections): For children’s applications and family-rated apps (ages 3+), we enforce strict, age-appropriate, contextual advertising protocols. We partner solely with COPPA-compliant, family-safe ad networks that deliver static, contextual-only ads. We strictly prohibit behavioral retargeting, interest-based tracking, or demographic profiling for minor users.
Adult Analytics & Opt-Out: For adult-facing portals and corporate domains, we use Google Ads and Meta Pixel cookies to measure client acquisition, which can be completely turned off inside our central cookie consent panel.
All data processing is grounded in explicit, recognized statutory bases:
Physical Data Residency: Core user profiles, transactional metadata, and access databases are securely housed in Indian local cloud infrastructures. Active service clusters are mirrored on SOC 2 Type II certified Amazon Web Services (AWS) nodes globally.
Cryptographic Standards: Information transfers utilize TLS 1.3 encryption. At-rest archives utilize hardware-level AES-256 block encryption with rotatable master key standards.
Every user of our Services holds absolute authority over their personal footprint and active registration status. In strict accordance with Apple App Store Connect Rule 5.1.1(v) and Google Play Console mandates, you have the right to completely delete your account, purge active credentials, erase transactional records, and remove telemetry histories.
Account deletion requests can be initiated within your mobile app settings panel, user dashboard, or sent directly to our dedicated secure data purge intake mailbox. This immediately flushes user authentication tables, active credentials, database shards, sub-processors, and secondary cloud mirrors.
Data Retention Schedule: Upon account deletion, personal records are permanently scrubbed within 14 business days, except where we are legally obligated to retain specific transaction indices for corporate tax, auditing, or law enforcement mandates under Indian corporate laws (retained for up to 8 financial years in secure, cold storage).
Under Indian IT Act 2000 and DPDPA Rules, we maintain a designate Compliance Grievance Officer desk to handle legal escalations and regulatory audits:
Nodal Grievance Officer
Email: grievance@syncmax.in
Physical Address: C/O Rajesh Kumar Sharma, S/O Shyamlal Mehndi Kabas, Amer, Jaipur, Rajasthan 302028, India
For immediate technical support, corporate partnerships, or basic inquiries: