Privacy Policy

SyncDisplay ("we", "us", "our"), a product of PT Services UK Limited, is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website (www.syncdisplay.uk), our digital signage platform, mobile applications, and related services (collectively, the "Services"). We are registered in England and Wales and comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR). Registered company: PT Services UK Limited, London, United Kingdom. Parent website: www.ptservices.uk Data Protection Officer contact: [email protected]

We collect and process the following categories of personal data: Account Information: When you create an account, we collect your name, email address, company name, phone number, and billing information. Usage Data: We automatically collect information about how you interact with our Services, including device information, IP addresses, browser type, pages visited, features used, and timestamps. Device Management Data: When you connect screens to our platform, we collect device identifiers, hardware specifications, network information, location data (if enabled), and operational metrics such as uptime and content playback logs. Content Data: Content you upload to our platform, including images, videos, and text, is stored securely on our servers. Communication Data: When you contact us via email, phone, or our contact form, we retain records of those communications. Payment Data: Payment processing is handled by Stripe. We do not store full credit card numbers on our servers. We retain transaction records and billing history. Cookies and Tracking: We use essential cookies for platform functionality and analytics cookies (with your consent) to improve our Services. See our Cookie Policy section below for details.

We process your personal data for the following purposes and legal bases: Service Delivery (Contract): To provide, maintain, and improve our digital signage platform, process transactions, and deliver customer support. Account Management (Contract): To create and manage your account, authenticate your identity, and communicate service updates. Analytics and Improvement (Legitimate Interest): To analyse usage patterns, diagnose technical issues, and improve our platform's performance and features. Marketing Communications (Consent): To send you newsletters, product updates, and promotional materials. You can opt out at any time. Legal Compliance (Legal Obligation): To comply with applicable laws, regulations, and legal processes, including tax obligations and data protection requirements. Security (Legitimate Interest): To detect, prevent, and respond to security incidents, fraud, and abuse of our Services.

We do not sell your personal data. We share data with the following categories of third parties only as necessary: Service Providers: Cloud hosting (AWS, UK/EU regions), payment processing (Stripe), email delivery, and customer support tools. All providers are contractually bound to protect your data. Business Partners: If you use our white-label or MSP features, limited data may be shared with your reseller partner as necessary for service delivery. Legal Requirements: We may disclose data when required by law, court order, or government request, or to protect our rights, safety, or property. Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, with appropriate safeguards. All third-party data processors are vetted for GDPR compliance and bound by Data Processing Agreements (DPAs).

Your data is primarily stored and processed within the United Kingdom and European Economic Area (EEA). Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place, including: - UK International Data Transfer Agreements (IDTAs) - Standard Contractual Clauses (SCCs) approved by the ICO - Adequacy decisions where applicable You may request information about the specific safeguards applied to your data by contacting our Data Protection Officer.

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy: Account Data: Retained for the duration of your account plus 2 years after closure, unless longer retention is required by law. Usage and Analytics Data: Retained for 26 months in aggregated/anonymised form. Payment Records: Retained for 7 years to comply with UK tax and accounting regulations. Communication Records: Retained for 3 years after the last interaction. Content Data: Deleted within 30 days of account closure or content removal. You may request earlier deletion of your data, subject to our legal obligations.

Under the UK GDPR, you have the following rights regarding your personal data: Right of Access: Request a copy of the personal data we hold about you. Right to Rectification: Request correction of inaccurate or incomplete data. Right to Erasure: Request deletion of your data where there is no compelling reason for continued processing. Right to Restrict Processing: Request that we limit how we use your data in certain circumstances. Right to Data Portability: Receive your data in a structured, machine-readable format. Right to Object: Object to processing based on legitimate interests or direct marketing. Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time. Rights Related to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing. To exercise any of these rights, contact us at [email protected]. We will respond within one month. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Our website uses the following types of cookies: Essential Cookies: Required for the website to function properly. These cannot be disabled. They include session management, security tokens, and load balancing. Analytics Cookies: Help us understand how visitors interact with our website. We use privacy-focused analytics that do not track individual users across websites. These are only set with your consent. Preference Cookies: Remember your settings and preferences, such as language and display options. Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness. These are only set with your explicit consent. You can manage your cookie preferences at any time through the cookie settings panel on our website. Most browsers also allow you to control cookies through their settings.

We implement appropriate technical and organisational measures to protect your personal data, including: - Encryption in transit (TLS 1.3) and at rest (AES-256) - Role-based access controls and multi-factor authentication - Regular security audits and penetration testing - SOC 2 Type II compliance - Automated threat detection and incident response procedures - Employee security training and background checks While we take every reasonable precaution, no system is completely secure. We encourage you to use strong passwords and enable two-factor authentication on your account.

Our Services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us at [email protected].

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by email or through a prominent notice on our website. The "Last Updated" date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically.

If you have any questions about this Privacy Policy or our data practices, please contact us: Email: [email protected] Phone: +44 (0) 20 1234 5678 Post: PT Services UK Limited, London, United Kingdom Parent company: www.ptservices.uk For data protection enquiries, you may also contact our Data Protection Officer directly at [email protected].