Privacy policy

Privacy Policy

Effective Date: [Month Day, Year]
Applies To: Synapsis NGN Toolkit / Synapsis Medical Education and all associated websites, apps, and services (the “Services”).

Synapsis Medical Education (“Company,” “we,” “us,” or “our”) operates an e-commerce platform that provides educational products and services to students and professionals (“you” or “users”). We are committed to collecting, using, and safeguarding personal information in strict compliance with applicable U.S. laws and regulations.

This Privacy Policy explains what we collect, how we use it, with whom we share it, and the choices you have. By using the Services, you agree to this Policy.

1) Information We Collect

a) Information You Provide

  • Account & Profile: name, email address, phone number, mailing address, password, professional license details, organization/school, and preferences.

  • Transactions: order history, purchased products, billing and shipping details, and limited payment information (see “Payments” below).

  • Support & Communications: messages, survey responses, course submissions, and other content you send us.

b) Information Collected Automatically

  • Device/Usage Data: IP address, device type, browser type/version, operating system, pages viewed, time spent, referring/exit pages, and general location (city/region).

  • Cookies/Tracking: cookies, pixels, SDKs, and similar technologies for authentication, preferences, analytics, and advertising. See Cookies & Tracking below.

c) Information from Third Parties

  • Payments: payment processors (e.g., Stripe/PayPal) may share non-sensitive transaction metadata (e.g., success/failure, last 4 digits, card brand, token).

  • Learning Platforms: learning management systems (e.g., LearnDash) may provide course progress or completion events if integrated.

  • Marketing/Analytics: advertising partners and analytics providers (aggregate user engagement and campaign performance data).

Note on Financial Data: We do not store full credit card numbers or CVV. Payments are processed by PCI DSS-compliant processors. We may store tokens/IDs for recurring billing.

2) How We Use Your Information

We use personal information to:

  • Provide & Improve the Services (account creation, authentication, course access, order fulfillment, customer support).

  • Process Transactions (fraud prevention, taxes, receipts, refunds).

  • Personalize Content (saved preferences, recommended courses).

  • Communicate With You (service notices, transactional emails/SMS, marketing where permitted).

  • Analytics & Security (usage trends, debugging, preventing abuse).

  • Legal & Compliance (recordkeeping, regulatory obligations, enforcing our Terms).

3) Legal Bases & U.S. Compliance

We operate primarily under U.S. law and follow applicable federal and state privacy rules, including (as applicable) CCPA/CPRA (California), VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), UCPA (Utah), and Nevada SB-220. We also follow PCI DSS standards via our payment processors.

Education Data: We are a private education vendor. FERPA typically applies to educational institutions that receive U.S. federal funds. If we act as a service provider to such an institution, we will handle data as required by our agreement with that institution.

Children: We do not knowingly collect personal information from children under 13. If you believe a child under 13 provided data, contact us and we will remove it.

4) When We Share Information

We do not sell your personal information. We share information only as needed to provide the Services or as required by law:

  • Service Providers/Processors: hosting, cloud storage, email, analytics, customer support, LMS integrations, and payment processing (bound by contract to protect data and use it only to perform services for us).

  • Business Transfers: merger, acquisition, financing, or sale of assets (your information may be transferred with appropriate safeguards).

  • Legal/Compliance: to comply with laws, legal process, or to protect rights, safety, and security of users and the Company.

  • With Your Consent: when you ask us to share or connect with third-party services.

5) Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Keep you signed in and remember preferences.

  • Measure site performance and usage.

  • Support advertising/retargeting (where permitted).

You can manage cookies via your browser settings. Some browsers support Global Privacy Control (GPC) signals; where legally required (e.g., California), we treat GPC as a request to opt-out of sale/share of personal information.

6) Data Security

We employ administrative, technical, and physical safeguards designed to protect personal information, including:

  • Encryption in transit (TLS) and at rest where appropriate.

  • Access controls and role-based permissions.

  • Tokenized payment methods via PCI DSS-certified processors.

  • Logging and monitoring to detect abuse.

No system is 100% secure. If we discover a security incident affecting your data, we will notify you and regulators as required by law.

7) Data Retention

We retain personal information only as long as necessary for:

  • The purposes described in this Policy;

  • Legal, accounting, or reporting obligations (e.g., tax/audit);

  • Dispute resolution and enforcement of our Terms.

When retention is no longer necessary, we will delete, de-identify, or aggregate the information per our retention schedule.

8) Your Privacy Choices & State Rights (U.S.)

Depending on your state, you may have rights to:

  • Know/Access what categories/specific pieces of personal information we collected.

  • Correct inaccurate personal information.

  • Delete personal information, subject to legal exceptions.

  • Opt-Out of sale/share/targeted advertising (we do not sell personal info; where “sharing” applies, you may opt out).

  • Portability (receive a copy of your data in a portable format).

  • Appeal a decision if we deny a request (where required).

How to make a request:
Email: info@synapsismedicaledu.org
Toll-Free: 305-490-5701
Webform: [link]

We will verify your identity before fulfilling requests. Authorized agents may submit requests where permitted by law (we may require proof of authorization). We will not discriminate against you for exercising privacy rights.

Notice at Collection (California): We collect identifiers, commercial information, internet activity, geolocation (coarse), professional information, and in some cases sensitive personal information (e.g., payment-related tokens). We use and retain this information as described above for business purposes. We do not “sell” personal information. We may “share” personal information for cross-context behavioral advertising unless you opt out.

9) Payments

We use third-party payment processors (e.g., Stripe/PayPal) that are PCI DSS compliant. We do not store full credit card numbers or CVV. Payment data you enter is transmitted directly to the processor. Their use of your data is governed by their own privacy policies.

10) Marketing Communications

You can opt out of marketing emails at any time by clicking “unsubscribe” in our emails or contacting us. We will still send essential transactional or service messages (e.g., receipts, account notices).

11) Do Not Track

Some browsers transmit “Do Not Track” signals. There is no industry consensus on responding to DNT; we currently do not respond to DNT but honor Global Privacy Control where legally required.

12) International Users

Our Services are operated in the United States. If you access the Services from outside the U.S., you understand your information may be transferred to and processed in the U.S., which may have different data protection laws than your country.

13) Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will post the updated Policy and update the Effective Date. Your continued use of the Services after changes means you accept the updated Policy.

14) Contact Us

Synapsis Medical Education
Attn: Privacy Office
Email: info@synapsismedicaledu.org
Phone: 305-490-5701

Quick Summary (California “Short Notice”)

  • We collect: identifiers, contact info, commercial data, internet activity, coarse location, professional/education info, and limited payment metadata.

  • We use: to provide Services, process transactions, support, security, and lawful business purposes.

  • We share with: service providers, payment processors, and as required by law.

  • We don’t sell personal information. You may opt-out of sharing for targeted advertising.

  • Your rights: access, correct, delete, portability, and opt-out, without discrimination.