Skip to main content

Our Commitment to Privacy

At Synta MCP, we take your privacy seriously. This policy outlines how we handle your data and protect your information.

Security & Compliance

SOC 2 Compliant

We follow enterprise-grade security practices and maintain SOC 2 compliance standards

No AI Training

We have opted out from any training by AI model providers. Your data is never used to train AI models

Data Protection

What We Collect

  • API Authentication: Your Synta MCP API key for service authentication
  • Usage Metrics: Anonymous usage statistics to improve our service
  • Error Logs: Diagnostic information when errors occur (no workflow data included)

What We Don’t Collect

  • Workflow Contents: Your n8n workflows and configurations remain private
  • Credentials: We never store your n8n API keys or instance credentials
  • Personal Data: We don’t collect personal information beyond what’s necessary for authentication

Data Storage

  • All data is encrypted in transit using TLS 1.3
  • API keys are hashed and securely stored
  • Usage logs are retained for 90 days for diagnostic purposes
  • No workflow data is stored on our servers

Third-Party Access

  • We do not sell, rent, or share your data with third parties
  • We do not allow AI model providers to train on your data
  • Your n8n instance credentials are only used for direct API calls and never logged

Your Rights

You have the right to:
  • Access: Request information about data we hold about you
  • Deletion: Request deletion of your account and associated data
  • Portability: Export your usage data in a machine-readable format
  • Correction: Update or correct your account information

Security Measures

We implement industry-standard security practices:
  • Encrypted data transmission (TLS 1.3)
  • Secure credential storage with hashing
  • Regular security audits
  • Access controls and authentication
  • Monitoring for suspicious activity
Your Responsibility: Keep your API keys secure. Never share them publicly or commit them to version control. Rotate keys immediately if compromised.

Updates to This Policy

We may update this privacy policy from time to time. We will notify users of any material changes through:
  • Email notifications (if you’ve provided an email)
  • Updates on our website
  • In-app notifications
Last Updated: January 2025

Contact Us

For privacy-related questions, concerns, or requests, please contact us:

Privacy Inquiries

Email: [email protected]We aim to respond to all privacy inquiries within 48 hours.

Additional Information

GDPR Compliance

For users in the European Union, we comply with GDPR requirements:
  • Lawful basis for processing: Legitimate interest and contractual necessity
  • Data minimization: We only collect what’s necessary
  • Right to be forgotten: Contact us to delete your data
  • Data portability: Export your data at any time

California Privacy Rights

For California residents (CCPA):
  • We do not sell personal information
  • You have the right to opt-out of data collection
  • You can request disclosure of collected information
  • You can request deletion of your information

Data Breach Protocol

In the unlikely event of a data breach:
  1. We will notify affected users within 72 hours
  2. Provide details about what data was affected
  3. Offer guidance on protective measures
  4. Work with authorities as required by law
Transparency: We believe in being transparent about our data practices. If you have questions not covered here, please reach out.
This privacy policy was last updated on November 19, 2025.