Privacy Policy

Last Updated: June 9, 2025

This Privacy Policy describes how SYNDi Group, a division of Indusflow Systems Inc. (“we,” “us,” or “our”), collects, uses, discloses, and protects your personal information in connection with your use of our SYNDi suite of financial software solutions, including iSYNDi, SYNDi Investment Ledger, SYNDi Loan Manager, and SYNDi Mortgage Manager (collectively, the “Services”).

We are committed to protecting your privacy and handling your personal information with care and transparency. By using our website, you hereby consent to our Privacy Policy and agree to its terms.

  1. Information We Collect

When you use our Software Application and, or Services, we may collect various types of information, including:

  • Information You Provide Directly:
    • Account and Contact Information: When you register for an account, purchase our products, subscribe to our Services, or contact us, we may collect your name, company name, address, email address, phone number, and other contact details.
    • Financial and Transactional Data: As our Services relate to financial management, you will input significant financial and transactional data. This may include:
      • Loan/Mortgage Data: Borrower names, addresses, contact information, loan amounts, interest rates, payment schedules, loan terms, collateral details, payment history, default information, and other related financial specifics.
      • Investment Data: Investor names, contact information, investment amounts, security details (e.g., stock symbols, bond identifiers), purchase/sale dates, dividend information, and other portfolio details.
      • Fund Data: Details related to funds, investors, and their transactions.
      • Billing and Payment Information: Information necessary to process payments for our Services, such as billing address and payment method details (though actual payment processing may be handled by third-party processors, as described below).
    • User Content: Any information, data, text, or other materials that you upload, store, or process through the Services. This includes all the financial data you input.
    • Communications: Records of your communications with us, including customer support inquiries, feedback, and other correspondence.
  • Information Collected Automatically:
    • Usage Data: Information about how you access and use the Services, such as your IP address, browser type, operating system, pages viewed, features used, and the dates and times of your visits.
    • Device Information: Information about the device you use to access the Services, including hardware model, operating system version, unique device identifiers, and mobile network information.
    • Log Data: Server logs may include information like your IP address, browser type, referring pages, and the date and time of your requests.
    • Cookies and Similar Technologies: We may use cookies and similar tracking technologies (e.g., web beacons, pixels) to collect information about your Browse activities, preferences, and to enhance your experience. You can typically manage your cookie preferences through your browser settings.
  1. Purpose of Use

We collect and use your information for the following purposes:

  • To Provide and Maintain the Services: To operate, deliver, maintain, and improve the functionality of our SYNDi software solutions, including processing your financial data, managing accounts, and enabling core features like loan servicing, investment tracking, and fund management.
  • Customer Support: To provide technical support, respond to your inquiries, and address any issues you may encounter with the Services.
  • Billing and Payments: To process payments for your purchases, subscription or use of our Services.
  • Personalization: To customize your experience with the Products and, or Services and provide features or content tailored to your needs.
  • Security and Fraud Prevention: To detect, prevent, and address technical issues, security incidents, fraudulent activities, or violations of our terms of service.
  • Analytics and Improvement: To understand how users interact with our Services, analyze usage trends, and improve the functionality, performance, and user experience of our products.
  • Communication: To send you service-related announcements, technical notices, updates, security alerts, and support messages. We may also send you marketing communications about our products and services, where permitted by law and in accordance with your preferences.
  • Compliance with Legal Obligations: To comply with applicable laws, regulations, legal processes, or governmental requests.
  • Business Operations: For internal business purposes, such as auditing, data analysis, and research to improve our offerings.
  1. Disclosure of Information

We may disclose your information in the following circumstances:

  • With Your Consent: We may share your information when we have your explicit consent to do so.
  • Within SYNDi Group and Indusflow Systems Inc.: Your information may be shared with our parent company, affiliates, and subsidiaries for the purposes outlined in this Privacy Policy.
  • Service Providers: We may engage trusted third-party service providers to perform functions on our behalf and help us operate, provide, and improve our Services. These may include:
    • Cloud hosting providers (e.g., for iSYNDi).
    • Payment processors (for billing and subscription fees).
    • Customer support platforms.
    • Analytics providers.
    • IT and system administration services. These service providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.
  • Integration Partners: As our Services integrate with ERP systems, information may be shared with your ERP implementation partners.
  • Legal Requirements and Law Enforcement: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or subpoena).
  • Business Transfers: In the event of a merger, acquisition, sale of assets, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such transfer and the new privacy policy that will govern your information.
  • Protection of Rights and Safety: We may disclose information when we believe it is necessary to protect our rights, property, or safety, or the rights, property, or safety of our users or others.
  • Aggregated or De-identified Data: We may share aggregated or de-identified information that cannot reasonably be used to identify you, for various purposes, including research, analytics, and marketing.
  1. Reasonable Security Practices

We implement reasonable technical, administrative, and physical safeguards designed to protect your personal information from unauthorized access, use, alteration, and disclosure. These practices include:

  • Encryption: We use encryption for data in transit (e.g., TLS/SSL) and, where appropriate, for data at rest, especially for sensitive financial information.
  • Access Controls: Access to personal information is restricted to authorized personnel who need the information to perform their job duties. We implement role-based access controls and the principle of least privilege.
  • Data Minimization: We strive to collect only the personal information that is necessary for the purposes outlined in this Privacy Policy.
  • Regular Security Audits and Vulnerability Assessments: We conduct periodic security assessments and penetration tests to identify and address potential vulnerabilities.
  • Employee Training: Our employees receive regular training on data privacy and security best practices.
  • Backup and Disaster Recovery: We maintain robust backup and disaster recovery plans to ensure the availability and integrity of our systems and data.
  • Physical Security: Our data centers and facilities are protected by appropriate physical security measures.
  • Vendor Due Diligence: We carefully vet our third-party service providers to ensure they maintain adequate security practices and comply with relevant data protection laws.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

  1. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention period will vary depending on the type of information and its purpose. When your information is no longer needed, we will securely dispose of it or anonymize it.

  1. Your Choices and Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information, including the right to:

  • Access: Request access to the personal information we hold about you.
  • Correction/Rectification: Request that we correct any inaccurate or incomplete personal information.
  • Deletion/Erasure: Request the deletion of your personal information, subject to certain exceptions (e.g., legal obligations).
  • Object to Processing: Object to the processing of your personal information in certain circumstances.
  • Data Portability: Request a copy of your personal information in a structured, commonly used, and machine-readable format.
  • Withdraw Consent: Where we rely on your consent to process your information, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided in the “Contact Us” section below. We will respond to your request in accordance with applicable law.

  1. Third-Party Links

Our Services may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated Privacy Policy on our website or through other appropriate communication channels. Your continued use of the Services after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

  1. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

SYNDi Group a division of Indusflow Systems Inc.
2800 14th Ave Suite 403
Markham, Ontario,
L3R 0E4, Canada
info@syndi.ca
+1-905-940-0751