When we talk about information security, we don’t just mean protecting the transmissions between your computer and Syno systems and platforms. We do far more to help safeguard your information.
At Syno, data subjects’ trust is our top and the most important priority. Syno has implemented appropriate technical and organisational controls to protect your personal data and information against unauthorised processing and against accidental loss, damage or destruction.
Below is information relating to how Syno works in the area of security, what security measures have been implemented and what security standards are applicable.
However, please be sure you’re comfortable with our security measures and this Security policy before using services in Syno platforms and systems and accessing your account online.
When collecting data, it is important that the tool of collection, the survey, is of a high standard. This section covers how Syno work with ensuring a high-quality data collection.
Syno ensures that network, systems, databases, applications, network components and other computing devices are protected from malicious activity and unauthorised access.
Syno has implemented the appropriate controls such as anti-virus, firewalls, login control and some intrusion prevention systems.
Anti-virus software and firewalls on all computer devices, servers and networks are updated in accordance with the software providers’ recommendations and our network provider ensures that access to sensitive data is limited to properly authorised requests.
All Syno data and information are stored on encrypted and licensed servers.
We use third-party servers from Amazon (AWS).
For data recovery we use automatic database snapshots provided by Amazon.
Amazon (AWS) represents, warrants and covenants that according to Amazon (AWS) policies, security is the their highest priority and they comply with all applicable international laws and rules for personal and non-personal data protection and information security. You may also visit https://aws.amazon.com/ and https://aws.amazon.com/compliance/data-privacy-faq/ for details on Amazon (AWS) services and compliance with data privacy.
For some other data processing (storage) cases, Syno uses UAB Rakrejus server services. You may also visit https://www.rackray.com/ and https://www.rackray.com/lt/privatumo-politika/for details on UAB Rakrejus services and compliance with data privacy.
All the premises of the Syno provide the highest level of security.
The following security features are available on all premises of the Syno:
Syno treats that all e-mails received and sent must be kept confidential and can only be accessed by the people indicated in the e-mails.
The e-mails services used by Syno meet the data security requirements of the business.
Syno connects to the electronic mailboxes with a secure and recognized SSL / TLS protocol that ensures reliable information encryption. Also, electronic mailboxes are protected against spam.
All outgoing and incoming e-mails are encrypted, so there is a very small probability that it could be taken over by third parties.
So, you can safely send e-mails to us and open e-mails where the sender is Syno.
Before recruiting, Syno investigates that candidates were not punished and/or suspected of any breach in the past for offenses of data protection, information security, confidential information and/or commercial secrets.
Syno strives that all employees of the Syno would be of impeccable reputations.
Also, all employees performing their tasks and working with software and/or personal data are educated about information security, proper use of software, and keeping the highest standards to protect personal data. Based on internal Syno rules and applicable legal requirements Syno employees are provided by special training on personal data protection and information security.
All employees’ actions with personal data in Syno systems and platforms are reviewed from time to time using the “log files”. Also, employees’ access to personal and non-personal data is provided through a special system that is called “System access management”.
Syno is responsible for confidentiality and security from the moment the personal data is received. Despite best efforts, we cannot always guarantee absolute security because many aspects also depend on you.
In case a threat has been determined or justifiable suspicions arise for your personal data, Syno informs you about such an event.
Syno reserves the right to inform and notify law enforcement authorities about any security breaches.
However, you should note that Syno, to date have never had any security breach.
Despite all the efforts that organizations and companies devote to identifying and addressing external and internal problems related to security, protection of personal data, and business continuity, they are constantly faced with unexpected, emerging threats and incidents. The smallest threat / incident can pose a risk to the organization’s and company’s operations, threaten its reputation, ruin management structures, cause significant financial difficulties, or even compromise the company’s survival.
In view of this, Syno is in the final phases of preparation of a Business continuity and recovery plan.
Syno activities may be suspended, terminated, but only temporarily. Following the estimated Business continuity and recovery plan, Syno shall be able to ensure quick return and continuance of its operational activities. to. The main purpose of the Business continuity and recovery plan shall be to ensure uninterrupted activity of Syno and identify actions and responsibilities in order to protect against threats and if threats occur, how to eliminate the consequences of threats.
In adherence to the best practises on information security, Syno has assigned the following Chief information security officer (CISO):
If you would like to contact Syno CISO, you have questions related to the information security or other matters related to information security, please contact by e-mail [email protected] and in part “Subject” indicate “CISO”.
Information security includes three main aspects:
In order to ensure the confidentiality, integrity and availability of information processed by the Syno, Syno is in the process of creating an information security management system.
Syno intends to open the information security management system in the second part of 2021 and start certifying according to ISO 27001 (LST ISO/IEC 27001:2013) by the end of 2022.
The main and always updated version of this Security policy is posted in English on www.synoint.com/legal.