Effective date: 1 January 2026
Welcome to the Syncro Privacy Policy. At Syncro, we believe every relationship begins with trust — and that extends to how we handle your personal information. This Policy explains how Bizcore sp. z o.o. (also referred to as "Syncro", "we", "us" or "our") collects, uses, shares and protects your personal data when you use the Syncro mobile application or website (the "App"). Please also read our Terms and Conditions of Use, which set out the rules governing your use of the App.
We are a limited liability company incorporated under the laws of Poland, registered at Grochowska 207, 04-077 Warsaw, Poland. We are the data "controller" for all personal data collected and processed through the App, within the meaning of Article 4(7) of the General Data Protection Regulation (Regulation (EU) 2016/679, the "GDPR").
Questions? Contact us at feedback@syncro.me or write to our Data Protection Officer at dpo@syncro.me. We are happy to help.
ℹ️ Updates to this Policy
We will update this Policy from time to time. The current version is always available in the App and on our website. We will notify you by email or in-app notice of any material changes before they take effect.
1. What Personal Data We Collect
We collect personal data about you in the following ways, depending on how you use the App:
1.1 Registration Information
When you create a Syncro account, we collect:
Name and username
Gender identity
Location (city or town)
Email address
Date of birth and place of birth
Photographs
Mobile telephone number
Sexual preference / dating preferences
Login credentials for any linked social media accounts (e.g. Facebook)
You can update most of this information at any time through your account settings. You are responsible for keeping your details current.
1.2 Linked Social Media Information
You may register or log into Syncro using a third-party social media account. If you do so:
Facebook: we receive your name, profile picture and, unless you opt out, your email address, date of birth, other profile photos, gender, pages you like, and current city.
Apple ID: we receive your Apple login, a name (which you may edit), and an email address (either your personal email or a randomly generated Apple relay address).
You may also link your Syncro account to Spotify to display your top artists. You control what information is shared when you first link each account. Unlinking a social media account does not automatically remove data already added to your Syncro profile — you must delete that data separately in your profile settings.
1.3 Profile Verification and Identity Verification (including Biometric Data)
To keep the Syncro community safe and to comply with our legal obligations, we require all users to verify their accounts. Verification may involve:
Providing a mobile telephone number, to which we send a one-time verification code;
Photo verification (optional, voluntary): you submit a photo which we scan — which may involve facial recognition technology — to confirm it matches your profile photo. Verification photos are not displayed on your profile. We retain scans only for as long as necessary and never longer than three (3) years after your last interaction with us;
Identity document verification (optional, voluntary): our third-party partner Sumsub Tech Ltd will compare a selfie you take against your identity document, which may involve facial recognition and the collection of biometric data. You may request a manual review if you do not wish facial recognition to be used. Sumsub retains your selfie and document image for up to 72 hours after verification.
Biometric data collected during identity verification is special category data under Article 9 GDPR and is processed only on the basis of your explicit consent. For further details on Sumsub's data practices, please refer to Sumsub's privacy policy.
1.4 Purchase Information
If you purchase any premium services, payment information (such as card details) is processed by our third-party payment processor. We retain transaction records for tax, audit and fraud-prevention purposes. We do not store full payment card numbers ourselves.
1.5 Geolocation Information
If you grant the App access to your device's location services, we collect location data (including GPS coordinates, Wi-Fi access point data, and longitude/latitude) to personalise your experience and show you profiles of people nearby. You can withdraw location access at any time through your device settings:
iPhone: Settings → Privacy & Security → Location Services → Syncro
Android: Settings → Location → Syncro → Permissions → Location
1.6 Device Information
We collect information about the device you use to access the App, including its unique identifier, model, operating system, browser type, and log and usage data (such as pages viewed, time spent, errors encountered). You may also grant us access to your device's address book, which is used only when you add someone to your contacts.
1.7 Profile Photo Data
We analyse data about your profile photos (such as which photos receive the most engagement) in order to arrange them in a way that is likely to be favourable to you. You may opt out of this feature at any time in the App settings.
1.8 Links and Navigation
We track how you interact with links within the App, including links to third-party services, in order to improve App functionality and understand user behaviour.
1.9 Messages
We review the content of messages sent through the App to identify topics, sentiments and trends, and to detect behaviour that may breach our Terms and Conditions of Use. We take steps to remove personally identifying information before conducting such review. We do not share the content of user messages with third parties for commercial purposes. We also use automated moderation systems and human moderators to review messages for harmful or policy-violating content — see Section 3.3 (Moderation) below.
1.10 Research, Surveys and Contributions
We may invite you to participate in surveys, provide feedback or take part in marketing campaigns. Participation is always voluntary. If you do not wish to be contacted for these purposes, please notify us via feedback@syncro.me.
1.11 Customer Support
If you contact our customer support team, we collect your IP address, email address and any information you share with us to resolve your query. We retain records of support communications for six (6) years after account deletion.
1.12 Cookies and Similar Technologies
When you use the App or visit our website, we use cookies and similar technologies to collect certain data automatically. Some cookies are strictly necessary for the App to function. Others are optional (for example, for analytics or marketing purposes) and are set only with your consent. Please see our Cookie Policy for full details of what cookies we use, why, and how to manage your preferences.
2. How We Use Your Personal Data
Our primary goal is to provide you with a safe and enjoyable Syncro experience. We use your personal data to:
Provide, operate and maintain the App and our services;
Create and manage your Account;
Verify your identity and age, and prevent fraud and misuse;
Personalise the App, content and features we deliver to you;
Show you profiles of other users who may be compatible with you, using our matching algorithms (see Section 2.2 below);
Process payments for premium services;
Send you service-related communications, such as updates and security alerts;
Conduct research and analysis to improve the App and develop new features;
Enforce our Terms and Conditions of Use and Community Guidelines;
Detect, investigate and prevent fraudulent, harmful or unlawful behaviour;
Comply with our legal obligations;
Send you marketing communications about our products and offers, where you have given your consent or where we have another lawful basis to do so — you may opt out at any time.
2.2 Our Use of Matching Algorithms
We use matching algorithms to predict your compatibility with other users and recommend profiles to you. These algorithms take into account factors including:
Information you share in your profile (demographics, interests, preferences);
Your activity on the App (swipes, matches, messages);
Whether you have verified your photo;
Your approximate location, to show you people nearby.
We also use automated tools to keep the platform safe, including systems that detect and blur potentially inappropriate images shared in chat, and tools that flag potentially fraudulent behaviour. Decisions made by our automated systems that significantly affect you may be appealed — please see Section 6.8 below.
2.3 Moderation
We use a combination of automated systems and human moderators to monitor and review accounts, profiles and messages for content that may breach our Terms and Conditions of Use or Community Guidelines. This process involves personal data such as photos, profile information, and message content. Where a breach is identified, we may issue a warning or restrict or close the relevant account. Affected users may appeal these decisions — see Section 2.4 below.
2.4 Lawful Bases for Processing (GDPR)
Under the GDPR, all processing of personal data must have a lawful basis. The table below sets out the lawful bases on which we rely for each main processing activity. Bizcore sp. z o.o. is the sole data controller for all personal data processed through the App.
ℹ️ Consent
Where we rely on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal. Where we rely on legitimate interests, you have the right to object — see Section 6.
Purpose of Processing
Personal Data Used
Source
Legal Basis & Retention
Providing the App and creating your Account
Name, email, date of birth, phone number, location, device/app data
You / your device
Contractual necessity. Retained 6 years from account deletion.
Enabling profile creation and personalisation features
Optional profile data: dating intention, gender preference, religion, photos, interests, etc.
You
Contractual necessity; consent for special category data. Deleted 28 days after account deletion.
Predicting compatibility and recommending profiles
User ID, location, profile features, vote history, photos
You / your device
Legitimate interests (improving meaningful connections). Retained 6 years from account deletion.
Identity verification, fraud prevention and safety
Name, IP address, phone number, photo, ID document and selfie (where applicable)
You / your device
Legal obligation; legitimate interests. ID retained 90 days from verification. Blocking records retained 6–15 years.
Processing payments for premium services
Payment card details (processed by payment provider)
You
Contractual necessity. Retained as required by tax law (typically 5 years under Polish law).
Sending service and marketing communications
Name, email address, mobile number
You
Consent (marketing); contractual necessity / legitimate interests (service comms). Until withdrawal of consent or objection.
Research, analytics and product improvement
Log/usage data, survey responses, profile data
You / your device
Legitimate interests. Retained 1 year from end of relevant survey or research activity.
Moderation and enforcement of Community Guidelines
Registration and profile data, message content, photos, device data, off-platform conduct reported to us
You / others who report you
Legal obligation; contractual necessity. Moderation results retained 90 days; investigations 1 year; blocked accounts 6–15 years.
Responding to customer support requests
Email, phone, IP address, query content
You
Legitimate interests; legal obligation. Retained 6 years from account deletion.
Detecting fraudulent payment transactions
Name, IP, email, phone, payment data, device ID, app activity
You / your device
Legal obligation. Retained 6 years (15 years for serious cases).
Sharing targeted Syncro advertising on third-party networks
Gender, age, device ID, estimated location, app/site activity
You / your device
Consent. Until withdrawal of consent.
Displaying third-party advertisements in the App
Gender, age, IP address, coarse location
You / your device
Consent (via cookie banner). Until withdrawal of consent.
Security monitoring and incident response
Device ID, IP addresses, access logs, geolocation metadata
Your device
Legitimate interests. Retained 12 months.
Responding to and evaluating legal claims
Case details, correspondence, evidence, profile/account data
You / App data
Legitimate interests. Retained 7 years from closure of claim.
3. What Information Can Others See?
Syncro is designed to help people connect, which means certain information you provide will be visible to other users. Please think carefully about what you share. You should assume that anything you post or submit on the App may be seen by other users, and potentially by non-members if content is shared externally.
We recommend you do not post on your profile any of the following:
Email addresses, URLs or instant messaging handles;
Telephone numbers or postal addresses;
Full legal name or national identity number;
Payment card details or bank account information;
Driver's licence or passport details.
Be thoughtful about sharing sensitive information such as religious beliefs, political views, sexual preferences or health information. While you may choose to include such details on your profile, doing so is entirely voluntary and constitutes your explicit consent to making that information visible to other users.
When you upload photos, please ensure you have the consent of anyone else depicted. Photos may reveal additional personal information about you beyond what you intend to share.
If another user uses our "Share Date" safety feature, your Syncro name and profile photo may be shared with that user's trusted contact, along with the time and location of your arranged meeting.
4. With Whom We Share Your Personal Data
We share your personal data only as necessary and in the limited circumstances described below. We do not sell your personal data to third parties for their own commercial purposes.
4.1 Other Syncro Users
Information you voluntarily include on your profile or share with other users via the App is visible to those users. Where required by law or our policies, we may inform users who have reported a breach of our Terms and Conditions of Use of the action we have taken in response to their report.
4.2 Service Providers (Processors)
We share personal data with third-party service providers who process data on our behalf, strictly for the purposes set out in this Policy. All service providers are subject to written data processing agreements meeting the requirements of Article 28 GDPR, and are permitted to use personal data only as necessary to provide their contracted services. Our current key service providers include:
Identity verification: Sumsub Tech Ltd (Cyprus) — document and biometric checks for identity verification.
Payment processing: Third-party payment processors — to process subscription and in-app purchase payments.
Communications & authentication: Twilio — SMS/voice verification codes. Phone numbers and verification codes are processed to confirm user identity.
Authentication: Prove — device-based authentication using IP address to confirm identity.
Social media integration: Facebook, Spotify — to enable account linking and display of relevant social media information on your profile.
Customer support: Zendesk — support ticket management; Sierra — automated support responses.
Content moderation: Cinder — review and action on reported or policy-violating content.
Research & surveys: Typeform — survey tools; Kantar — market research analytics (aggregated/anonymised data).
Cloud infrastructure: Google Cloud — cloud hosting and data storage.
AI messaging tools: OpenAI — powering AI-assisted conversation features (inputs retained by OpenAI for a maximum of 30 days).
We carry out due diligence on all service providers to confirm they have adequate data protection and information security measures in place.
4.3 Legal Enforcement and Protection
We may disclose personal data to law enforcement, regulatory authorities or courts where we are required to do so by law, court order or other binding legal process, or where we have a good faith belief that disclosure is necessary to:
comply with applicable law or a binding order;
protect the safety, vital interests or rights of any person;
prevent or address fraud, security threats or technical issues;
protect our rights, property or those of third parties.
4.4 Business Transfers
In the event of a merger, acquisition, reorganisation, sale of assets or insolvency proceeding affecting Bizcore sp. z o.o. or any of our affiliates, your personal data may be transferred to the relevant successor or acquiring entity, subject to the same protections described in this Policy.
4.5 Anti-Spam and Anti-Fraud
We may share certain personal data (email address, phone number, IP address, payment data) with affiliated companies for the purpose of blocking fraudulent accounts and transactions across our platforms.
4.6 Advertising Partners
Where you have given your consent through our cookie banner or App settings, we may share limited personal data (device ID, estimated location, age, gender, and App/site activity) with marketing service providers to:
promote the App on third-party platforms and measure the effectiveness of our campaigns;
create targeted advertising audiences (including "lookalike" audiences based on user characteristics);
display relevant third-party advertisements within the App.
You may withdraw your consent at any time through Settings → Privacy & Security. A full list of our marketing service providers is available in those settings.
4.7 Aggregated and Anonymised Data
We may share aggregated or anonymised information (which does not directly identify you) with third parties for industry analysis and demographic profiling.
5. International Transfers of Personal Data
Syncro operates globally. Your personal data may be transferred to and processed in countries outside the European Economic Area ("EEA"), including in the United States and other jurisdictions where some of our service providers are located.
Where we transfer personal data outside the EEA, we ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR. These safeguards include, as applicable:
Standard Contractual Clauses (SCCs) approved by the European Commission;
Adequacy decisions adopted by the European Commission in respect of the destination country; or
Other lawful transfer mechanisms recognised under the GDPR.
For further information about the safeguards applicable to a specific transfer, please contact our Data Protection Officer at dpo@syncro.me.
6. Your Rights as a Data Subject
Under the GDPR and applicable Polish data protection law (the Act of 10 May 2018 on the Protection of Personal Data), you have the following rights in relation to your personal data. These rights are subject to certain conditions and exceptions under applicable law.
6.1 Right to be Informed
You have the right to receive clear and transparent information about how we process your personal data. This Policy is our primary means of fulfilling that obligation.
6.2 Right of Access
You have the right to request a copy of the personal data we hold about you, together with supplementary information about how we use it (a "subject access request").
6.3 Right to Rectification
You have the right to have inaccurate personal data corrected and incomplete personal data completed. You may update most profile data directly within the App.
6.4 Right to Data Portability
Where processing is based on your consent or on a contract, and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used and machine-readable format, and to transmit it to another controller where technically feasible.
6.5 Right to Erasure ("Right to be Forgotten")
You have the right to request the deletion of your personal data where, for example, it is no longer necessary for the purpose for which it was collected, you withdraw your consent (where processing is based on consent), or you object to processing based on legitimate interests and there are no overriding compelling grounds. We may retain certain data where required by law or for legitimate purposes (such as fraud prevention).
6.6 Right to Restriction of Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances — for example, while we verify the accuracy of data you have contested, or where you have objected to processing pending verification of our legitimate interests.
6.7 Right to Object
Where we process your personal data on the basis of our legitimate interests, you have the right to object to that processing at any time. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or where processing is necessary for the establishment, exercise or defence of legal claims. You have an absolute right to object to processing for direct marketing purposes — if you do, we will stop processing your data for that purpose immediately. To exercise this right, contact us at feedback@syncro.me.
6.8 Rights Related to Automated Decision-Making
You have the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal or similarly significant effects on you. Where such automated decisions are made (for example, in the context of fraud detection or account moderation), you have the right to request human review, to express your point of view, and to contest the decision. Please contact us at feedback@syncro.me to exercise this right.
6.9 Right to Lodge a Complaint
If you are not satisfied with how we handle your personal data or a rights request, you have the right to lodge a complaint with the competent supervisory authority. In Poland, this is the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, "UODO"), ul. Stawki 2, 00-193 Warsaw, Poland, www.uodo.gov.pl. You may also lodge a complaint with the supervisory authority of your EU Member State of habitual residence or place of work.
6.10 How to Exercise Your Rights
To exercise any of the rights above, please contact us via: (a) our in-app support feature; (b) email at feedback@syncro.me; or (c) by writing to our Data Protection Officer at dpo@syncro.me or at Grochowska 207, 04-077 Warsaw, Poland. We may need to verify your identity before processing your request. We will respond within one (1) month of receipt, or within three (3) months for complex or multiple requests (with notice of extension within the first month).
7. How Long We Retain Your Personal Data
We retain personal data only for as long as necessary for the purposes described in this Policy, and no longer than required by applicable law. Key retention periods are set out in Section 2.4 (the lawful basis table) above. In summary:
Most profile data is deleted within 28 days of account deletion;
Core account and transactional data is retained for 6 years from account deletion (to comply with legal obligations and to defend legal claims);
Payment records are retained as required by Polish tax law (typically 5 years from the end of the tax year in which the transaction occurred);
Blocked account records are retained for 6 years, or up to 15 years in serious cases, to prevent re-registration;
Identity verification biometric scans are retained for a maximum of 3 years from your last interaction with us;
Customer support records are retained for 6 years from account deletion;
Security and fraud logs are retained for 12 months;
If your account is inactive for 4 years, we will begin the process of deleting your personal data.
When your account is deleted, it remains restorable for 28 days in case of accidental deletion. After that period, deletion of personal data from our systems begins, subject to the exceptions above.
8. How We Keep Your Personal Data Secure
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, alteration or disclosure. These include:
Use of encrypted and secured servers protected by firewalls;
Access controls limiting data access to authorised personnel only;
Regular security testing and monitoring;
Data minimisation and pseudonymisation where practicable.
However, no method of transmitting or storing data over the internet is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security. If you suspect that your account has been compromised, please contact us immediately and change your password.
To help protect your data, we recommend that you:
Always log out of your account when you are done;
Never share your password with anyone;
Use a strong, unique password and update it regularly;
Enable any two-factor authentication options we make available.
9. Children's Privacy
Syncro is not directed at or intended for use by persons under the age of 18. We do not knowingly collect personal data from anyone under 18. If we become aware that a person under 18 has registered an account and provided personal data, we will take immediate steps to terminate that account and delete the relevant data. If you believe a child under 18 has provided us with personal data, please contact us at feedback@syncro.me.
10. Cookies and Similar Technologies
We use cookies and similar tracking technologies (such as pixels, web beacons and local storage) to collect data when you use the App or visit our website. Cookies are small files placed on your device or browser that help us recognise you and remember your preferences.
We use the following types of cookies:
Strictly necessary cookies: essential for the App to function. These cannot be switched off.
Analytical/performance cookies: help us understand how users interact with the App so we can improve it. Set only with your consent.
Functional cookies: enable enhanced features and personalisation. Set only with your consent.
Targeting/advertising cookies: used to show you relevant advertisements. Set only with your consent.
You can manage your cookie preferences at any time through our cookie consent banner in the App, or through your browser or device settings. Withdrawing consent for non-essential cookies will not affect your ability to use the core features of the App. For full details, please refer to our Cookie Policy.
11. How to Contact Us
If you have any questions, concerns or requests regarding this Policy or our data protection practices, please contact us:
By email: feedback@syncro.me
Data Protection Officer: dpo@syncro.me
By post: Bizcore sp. z o.o., Data Protection Officer, Grochowska 207, 04-077 Warsaw, Poland
If you are located in the EU and wish to raise a GDPR-related matter, you may also contact our EU data protection representative or contact the UODO (ul. Stawki 2, 00-193 Warsaw, www.uodo.gov.pl) directly.
We will acknowledge all requests within 72 hours and respond substantively within one month.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the App, or applicable law. If we make material changes, we will notify you by email and/or by a prominent notice in the App at least thirty (30) days before the changes take effect, where required by law. The date of the most recent update is shown at the top of this Policy. We encourage you to review this Policy periodically.