Privacy Policy
Effective: 25 June 2025 · Responsible: Schäfer Services
This privacy policy explains what data the mobile app “Synapse Chat” (hereinafter “the app”) processes when you use it on your iPhone, iPad, Mac, or Apple TV. The app is a client for the standalone server “Synapse”, which is operated at synapse.schaefer.zone.
1. Controller
Responsible within the meaning of the General Data Protection Regulation (GDPR):
Schäfer Services
Michael Schäfer
Email: synapse@schaefer.zone
2. What data we collect
2.1 Account data
- Email address — used as login identifier and for notifications.
- Password — stored encrypted (hash) exclusively on the Synapse server. The app itself does not store the password in plain text.
2.2 Chat content
All chat messages, file attachments, and metadata (timestamps, reply references) are stored exclusively on the Synapse server you choose. The app keeps a local copy in your device’s app storage to enable offline access and smooth scrolling.
2.3 Push token
To deliver push notifications about new AI responses, iOS generates an Apple Push Notification Service (APNs) token and transmits it to the Synapse server. The token is device-specific and is automatically removed on logout or when the app is uninstalled.
2.4 Technical metadata
- Device model and iOS version (for compatibility checks)
- App version and preferred language
- Last-seen timestamp (for online status)
3. What we do NOT collect
✓ No location data
The app does not request location permission and does not collect GPS data or IP-based locations.
✓ No contact data
The app does not access your address book or contacts.
✓ No photo or camera data
The app has no access to your photo library. File attachments are shared exclusively via the explicit file picker.
✓ No tracking data
The app contains no advertising SDKs, no analytics tools, and uses no cross-device tracking. No Advertising Identifier (IDFA) is queried.
✓ No health or sensor data
The app does not read HealthKit, motion, or sensor data.
4. Legal basis (Art. 6 GDPR)
- Art. 6(1)(b) GDPR — Performance of pre-contractual measures and fulfilment of a contract (provision of the chat service).
- Art. 6(1)(f) GDPR — Legitimate interests (security logging, troubleshooting).
- Art. 6(1)(a) GDPR — Consent for push notifications (revocable at any time in iOS settings).
5. Disclosure to third parties
Your personal data is disclosed to third parties only:
- to Apple Inc. for the delivery of push notifications via the Apple Push Notification Service (APNs),
- where required by law or necessary for the enforcement of legal claims.
There is no transfer to countries outside the EU/EEA, with the exception of the push token transmission to Apple (USA). Apple has appropriate safeguards (Standard Contractual Clauses).
6. Retention period
Account data and chat content are stored until you delete your account. When the account is deleted, all personal data is immediately removed from the Synapse server.
7. Your rights
Under the GDPR you have the following rights:
- Access (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection (Art. 21 GDPR)
- Withdrawal of consent given (Art. 7(3) GDPR)
To exercise your rights, please contact us at synapse@schaefer.zone.
8. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data.
9. Security
All communication between the app and the Synapse server takes place over HTTPS (TLS 1.2+). Passwords are hashed with bcrypt. Push tokens are stored encrypted in the database.
10. Changes to this privacy policy
We reserve the right to adapt this privacy policy so that it always meets current legal requirements. The current version is always available at synapse.schaefer.zone/privacy.
Contact
Schäfer Services
Michael Schäfer
Email: synapse@schaefer.zone
Web: synapse.schaefer.zone
Last updated: 25 June 2025