Privacy Policy

This Privacy Policy explains how earli ApS (“Syncast”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when you visit our websites, interact with us, or use our products and services.

We are committed to protecting your privacy and handling your personal data in a transparent and secure way.

1. Who we are and how to contact us

Controller:
earli ApS
Farvergade 17, 1463 Copenhagen
CVR: 44229323

For privacy questions, or to exercise your data protection rights, you can contact us at:

If we have appointed a Data Protection Officer (DPO) or a primary EU/EEA contact, their details can be added here:

  • Data Protection Officer: Asger Conradsen

2. Scope of this Privacy Policy

This Privacy Policy applies to:

  1. Our websites and marketing activities

    • e.g. syncast.io and any other sites where this policy is displayed

    • newsletters, webinars, events, and other marketing touchpoints

  2. Our products and services

    • including the Syncast platform and related applications, integrations, and APIs

This policy covers personal data about:

  • Visitors to our websites

  • Prospective customers and business contacts

  • Users of the Syncast platform (e.g. employees of our customers)

3. Our role: Controller vs. Processor

We play two different roles under data protection law:

  1. Data Controller

    • For data we collect and use for our own purposes, such as:

      • Operating our website

      • Managing customer accounts and billing

      • Sending product updates and marketing (where allowed)

      • Hiring and HR (if applicable)

  2. Data Processor

    • When customers connect their systems (e.g. Microsoft 365 email and calendar) to the Syncast platform, we process personal data on their behalf.

    • In that case:

      • The customer is the data controller.

      • Syncast is the data processor.

      • Our processing is governed by the Data Processing Agreement (DPA) between us and the customer.

If you are an end-user of Syncast because your employer or organization uses our platform, please note:
Your organization’s privacy notice and policies primarily govern how your data is used. We process your data based on their instructions.

4. Personal data we collect

4.1 Data you provide to us

We may collect personal data that you choose to provide, for example:

  • Account and profile data

    • Name, job title, role, company name

    • Work email address and password (or SSO ID)

    • Profile preferences and settings

  • Contact and communication data

    • Contact details you provide through forms or sign-up flows

    • Content of messages you send us (support requests, feedback, survey responses)

  • Commercial and billing data

    • Company billing details

    • Payment-related information (usually handled via a payment processor)

    • Subscription plan and transaction history

4.2 Data we collect automatically

When you use our website or platform, we may automatically collect:

  • Device and technical data

    • IP address, browser type, operating system

    • Device identifiers and language settings

    • Log data such as timestamped requests, error logs

  • Usage data

    • Features and pages you access

    • Actions taken within the platform (e.g. views, clicks, searches)

    • Session duration and interaction patterns

We use this data to operate, secure, and improve our services.

4.3 Data we process from connected systems (as a processor)

When a customer connects systems like Microsoft 365 or other tools to Syncast, we process data such as:

  • Email and calendar content and metadata

    • Sender and recipient names and email addresses

    • Email subjects, bodies, attachments (if configured)

    • Calendar event titles, participants, dates, times, and locations

  • Contact and account data

    • Names, roles, email addresses, phone numbers

    • Company/organization details

  • Sales activity and pipeline

    • Interactions between your organization and your customers/prospects

    • Opportunities, stages, amounts, timelines and related activities

The exact data set depends on how the customer configures integrations and permissions. We only process this data for the purpose of providing the Syncast platform to the customer, in line with our DPA.

4.4 Data from third parties

We may receive personal data from:

  • Your employer or colleagues

    • When they add you as a user or provide your details as a contact

  • Partners and service providers

    • For example, if we co-host webinars, or use third-party tools for emails, CRM, or analytics

  • Public or professional sources

    • Business contact information from professional networks or public websites to help identify potential customers

5. Why we use your personal data (purposes & legal bases)

Where GDPR (or similar laws) applies, we rely on specific legal bases for processing.

5.1 Contractual necessity

We process data where it is necessary to enter into or perform a contract with you or your organization, including to:

  • Create and manage accounts

  • Provide and operate the Syncast platform

  • Offer support and respond to requests

  • Handle billing and subscription management

5.2 Legitimate interests

We use personal data where it is necessary for our legitimate interests, and where these interests are not overridden by your rights. For example:

  • Securing and protecting our services and users

  • Preventing misuse, fraud, or security incidents

  • Understanding how our services are used to improve them

  • Contacting business contacts about Syncast and related products (B2B marketing in line with local rules)

You have the right to object to processing based on legitimate interests (see Section 11).

5.3 Consent

We rely on consent where required by law, for example:

  • Placing or reading certain cookies or similar technologies on your device

  • Sending certain types of marketing communications (where not covered by legitimate interests or soft opt-in rules)

You can withdraw your consent at any time (for example by managing cookie preferences or unsubscribing from emails).

5.4 Legal obligations

We may process certain data to comply with our legal obligations, for example:

  • Tax and accounting duties

  • Responding to lawful requests from authorities

  • Record-keeping requirements

6. How we share personal data

We do not sell personal data.

We may share personal data with:

  1. Service providers (sub-processors)

    • Cloud hosting providers

    • Email delivery services

    • Analytics, logging, and monitoring tools

    • Payment processors and billing platforms

    These providers only process data on our instructions and under data protection agreements.

  2. Customers / your organization

    • If you use Syncast as part of an organization, certain data (e.g. activity logs, usage, sales interactions) may be visible to your employer or team, depending on your role and their configuration.

  3. Professional advisors and authorities

    • Lawyers, auditors, or insurers where necessary

    • Public authorities where required by law or valid legal process

  4. Business transfers

    • In connection with a merger, acquisition, reorganization, or sale of assets, personal data may be transferred as part of the transaction. We will take steps to ensure your rights continue to be protected.

We take care to only share the minimum data necessary and ensure that recipients protect your personal data appropriately.

7. International data transfers

We may process and store personal data in countries outside your own, including outside the EU/EEA.

Where we transfer personal data from the EU/EEA or the UK to a country that is not recognized as providing an adequate level of protection, we will:

  • Use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or UK authorities, and/or

  • Rely on other valid transfer mechanisms under applicable law.

You can contact us if you would like more information about these safeguards.

8. Data retention

We retain personal data for as long as necessary for the purposes described in this policy, including:

  • For as long as we have an ongoing relationship with you or your organization

  • For the period required to comply with legal obligations (e.g. tax, accounting)

  • For the period necessary to resolve disputes or enforce our agreements

For data we process on behalf of customers as a processor:

  • Retention periods are governed by our agreement with the customer and their instructions

  • After the end of the service, we delete or anonymize customer data within the timeframes set out in the DPA, subject to any legal retention obligations

9. Security

We use appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.

These measures include, among others:

  • Encryption in transit and at rest (where applicable)

  • Access controls and authentication (including least-privilege principles)

  • Logging and monitoring of critical systems

  • Secure software development and change management processes

  • Regular backups and business continuity procedures

No system is completely secure, but we continually work to strengthen our security posture. If we become aware of a personal data breach affecting your personal data, we will act in accordance with our legal obligations and contractual commitments.

10. Your rights

Depending on your location and applicable law (e.g. GDPR in the EU/EEA or UK GDPR), you may have the following rights:

  • Right of access – to obtain a copy of personal data we hold about you

  • Right to rectification – to correct inaccurate or incomplete data

  • Right to erasure – to request deletion of your data in certain circumstances

  • Right to restriction of processing – to limit how we use your data in certain cases

  • Right to data portability – to receive your data in a structured, commonly used, machine-readable format and/or request we transmit it to another controller

  • Right to object – to object to processing based on legitimate interests, and to direct marketing

  • Right not to be subject to decisions based solely on automated processing, including profiling, that significantly affect you (subject to certain exceptions)

To exercise your rights, please contact us using the details in Section 1. We may need to verify your identity before responding.

If we process your data as a processor on behalf of a customer (e.g. your employer), we may need to redirect your request to that customer, who is primarily responsible for handling it.

You also have the right to lodge a complaint with your local data protection authority, for example:

  • In the EU/EEA: the data protection authority in your country of residence or workplace

  • In the UK: the Information Commissioner’s Office (ICO)

11. Cookies and similar technologies

We use cookies and similar technologies on our websites and, where relevant, in our product to:

  • Remember your preferences and settings

  • Authenticate you and keep you logged in

  • Understand how our sites and products are used

  • Tailor content and improve user experience

Where required by law, we will:

  • Ask for your consent before placing non-essential cookies

  • Provide a cookie banner or preference center where you can manage your choices

You can also control cookies through your browser settings. Please note that disabling some cookies may impact the functionality of our websites or services.

12. Children

Our services and websites are not intended for children under 16 (or lower age provided by local law for valid consent), and we do not knowingly collect personal data from children in this age group.

If you believe we have collected personal data from a child in violation of this policy, please contact us and we will take appropriate steps to delete such data.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.

When we make material changes, we will:

  • Update the “Last updated” date at the top; and

  • Provide additional notice where required (e.g. via email, in-app notification, or prominent banner)

We encourage you to review this Privacy Policy periodically.

14. How to contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of personal data, you can contact us at:

If you are an end-user and your data is processed through your employer’s use of Syncast, you may also wish to contact your employer or organization’s data protection contact.