- Data Security -

SyncSign takes your privacy very seriously and adopts appropriate security measures to protect against unauthorized access, disclosure, alteration, or destruction of data.

Data center
SyncSign Cloud runs on AWS, with high-level data center hosting. For more compliance information, please visit AWS Security and AWS Compliance.

Principle of least privilege
We only collect the minimum information necessary to provide our service. Our professionally trained team can only access data that is required to perform their job.

Data residency
All application servers are located in the United States, but can be accessed internationally via the Internet. The communication between the SyncSign devices (Hub, Node), the SyncSign Applications and the online calendar is managed through Google/Microsoft’s official standard calendar API and authentication, authorized access rights and storing certain credentials in encrypted form for certain calendars. At the same time, no calendar or event information is stored on SycnSign servers. The servers only store emails of room resources, and all other information is obtained through API calls, parsed, and sent directly to the devices. This information is temporarily stored in our cache, just to ensure that the events will still be displayed even if the calendar service is down.

Encryption
All transmissions between Nodes (Display and Sensors) and Hub are encrypted with AES-128.
The connection between Hub and cloud server are WPA2/WPA3/TLSv1.2 protected.

Decommissioning and data removal
All user data is stored on the AWS, which follows the strict deactivation policy outlined on page 8 of its security white paper: “AWS uses the techniques detailed in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process.”

Uptime and reliability
We constantly monitor our service performance and have automatic notifications to ensure rapid response for service interruptions. All code is audited and approved by engineers before deploying to production servers. We also monitor updates from the security community and immediately update our systems when vulnerabilities are discovered.

- Privacy Policy on Products -

At SyncSign, protecting your personal data is our top priority. We have implemented robust and effective security measures to ensure that any personal information you share with us through SyncSign applications remains confidential and secure. Additionally, we are committed to maintaining the anonymity of our user’s data and will take all necessary steps to protect their privacy.

The entire SyncSign solution can be set up via free SyncSign Applications (App/Web Portal). Devices (IoT Hub, Node) are configured by the SyncSign Cloud service, which only runs on servers located in AWS.

All data stored in the SyncSign Cloud is completely anonymous. It does not permit any conclusion about the user’s identity and the individual usage behavior. In addition, all communications between Hub, Node, Cloud and Applications are encrypted.