Security Policy

Last Updated: November 2025

1. Overview

Synergenica LLC is committed to maintaining a secure environment for all client data, systems, and workflows. This Security Policy outlines the technical and administrative safeguards that protect the confidentiality, integrity, and availability of information entrusted to us.

2. Security Principles

Our security framework is based on industry standards and incorporates the principles of least privilege, data minimization, secure architecture, and continuous monitoring.

3. Data Encryption

We protect client data using strong encryption practices:

  • Encryption in transit using TLS
  • Encryption at rest using industry standard algorithms

Encryption ensures that unauthorized parties cannot read or tamper with data during transfer or storage.

4. Access Control

Access to customer data is restricted to authorized Synergenica personnel only. Access is granted based on role and necessity. The principle of least privilege is applied across all systems:

  • Multi-factor authentication for administrative access
  • Role-based access control
  • Audit logging of access attempts

5. Data Isolation

Client data is logically separated from other clients. Data isolation ensures that one client's information cannot be accessed or viewed by another. This includes segregation within storage systems, databases, and workflow automation environments.

6. Secure Development Practices

All automation workflows and tools are developed following secure coding principles and best practices. Our development process includes code reviews, version control, and testing to reduce vulnerabilities.

7. Vendor and Third Party Security

Synergenica uses trusted infrastructure providers for hosting and authentication. All third parties we work with must meet strong security requirements. They are contractually prohibited from:

  • Selling client data
  • Using client data to train external models
  • Accessing client data for any purpose outside service delivery

8. Monitoring and Incident Response

We maintain monitoring systems to detect unusual activity. If a security incident occurs, Synergenica will:

  • Investigate and contain the issue immediately
  • Notify affected clients within a reasonable timeframe
  • Take corrective actions to prevent recurrence

9. Data Retention and Deletion

Client data is retained only as long as necessary to provide services. Upon request or contract termination, data will be securely deleted from our systems.

10. Client Responsibilities

To maintain a secure environment, clients agree to:

  • Protect login credentials
  • Only upload data they have rights to use
  • Notify Synergenica if they suspect unauthorized account access

11. AI Model Usage

Synergenica does not use client data to train external AI models. Client data is never shared with any third party for training purposes. Any internal model improvements rely on synthetic or non-client data.

12. Updates to This Security Policy

Synergenica may update this policy to reflect best practices or new security requirements. Changes will be posted on our website or communicated to clients.

13. Contact

For security-related questions or reports, contact Synergenica at:
support@synergenica.com