Skip to content

Privacy Policy

Effective date: 12 May 2026 · Last updated: 12 May 2026

This Privacy Policy explains how Synapseia Network ("Synapseia", "we", "us") collects, uses, and protects personal data when you visit synapseia.network (the "Site") and when you run the Synapseia desktop node application (the "Node App"). It complies with the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act (CCPA).

We aim to collect as little data as possible. We do not sell or rent personal data. We do not use third-party advertising trackers.

1. Data controller

The data controller responsible for processing your personal data is Synapseia Network. For any privacy-related question or request, contact us at support@erslabs.net.

2. Data we collect

2.1 Site analytics (Umami)

We use Umami, a privacy-focused, cookieless analytics tool, to understand how the Site is used. Umami does not set cookies, does not use browser storage to track visitors, and does not collect personally identifiable information. For each page view, Umami records:

  • Page URL and referrer URL.
  • Browser, operating system, and device type.
  • Country (derived from a salted, daily-rotated hash of the IP address - the IP itself is not stored).
  • Anonymous session indicator (also salted and rotated daily).

This information cannot, on its own, identify you as an individual. Because Umami operates without cookies and without persistent identifiers, the French data protection authority (CNIL) and equivalent EU regulators consider this kind of analytics exempt from prior consent requirements.

2.2 Server and infrastructure logs

Our hosting provider (Cloudflare) automatically records minimal request metadata (IP address, request URL, timestamp, user agent, response status) for security, abuse prevention, and basic reliability. These logs are retained for a short rolling window and are not used for profiling or advertising.

2.3 Downloads

When you download the Node App, the request is served as a redirect to GitHub Releases. We do not record who downloads which version on our side. GitHub processes the download request under its own privacy terms.

2.4 Node App

The Node App connects to the Synapseia coordinator to receive work orders and report results. When you operate a node, we process:

  • Your node identity (Ed25519 public key).
  • Your Solana wallet address (public on the blockchain).
  • Operational telemetry: heartbeats, work-order submissions, peer-review scores, hardware capability flags, software version.
  • Network metadata (IP address) required to route peer-to-peer traffic and to enforce abuse rate limits.

We do NOT collect or transmit the contents of files outside the work-order scope, your private keys, personal documents, or any content unrelated to network participation.

2.5 Contact and support

If you email us, open a GitHub issue, or join our community channels, we process the information you choose to share (name, email address, message content) for the sole purpose of responding to you.

  • Legitimate interests (GDPR Art. 6(1)(f)) - cookieless analytics, security logs, abuse prevention, and basic operation of the Site and the Node App.
  • Contract performance (GDPR Art. 6(1)(b)) - issuing rewards, validating submissions, and operating the economic incentives of the network when you run a node.
  • Consent (GDPR Art. 6(1)(a)) - any optional feature that we add later requiring explicit opt-in (newsletters, optional telemetry) will ask for consent and let you withdraw it at any time.

4. Cookies and similar technologies

The Site does not set any tracking, advertising, or analytics cookies. We may set strictly necessary cookies if and when required to make the Site work (for example, a session token if we add a login flow). Strictly necessary cookies are exempt from prior consent under the EU ePrivacy Directive.

5. Data retention

  • Umami aggregated analytics: up to 24 months.
  • Cloudflare access logs: short rolling window (typically less than 30 days).
  • Node operational telemetry: kept while the node is active and for up to 24 months after last activity, for fraud prevention and reward auditability.
  • Support correspondence: up to 36 months from the last interaction.
  • On-chain data (Solana transactions, reward claims): permanent by design - we cannot delete or modify it.

6. Sharing and sub-processors

We share data only with the following categories of recipients, each acting as a processor or independent controller under appropriate agreements:

  • Cloudflare, Inc. - hosting, CDN, DDoS protection for the Site.
  • Umami - privacy-focused analytics. We use Umami configured to anonymize data; no cookies are set.
  • Fly.io - hosting of the coordinator service that powers the Node App.
  • GitHub, Inc. - hosting of the open source repositories and the binary release artifacts you download.
  • Solana validators and RPC providers - process on-chain transactions when you claim rewards or stake tokens.

We do not sell, rent, or trade personal data. We may disclose information when required by law, court order, or to protect the rights, property, or safety of users and the network.

7. International data transfers

Some sub-processors listed above are based outside the European Economic Area (e.g. in the United States). Transfers rely on the European Commission's Standard Contractual Clauses or other valid transfer mechanisms recognised under GDPR.

8. Your rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data (subject to the on-chain caveat in section 5).
  • Object to or restrict processing based on legitimate interests.
  • Withdraw any previously granted consent at any time.
  • Request a portable copy of the data you provided to us.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at support@erslabs.net. We will respond within 30 days.

9. California residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, to request deletion, and to opt-out of the sale of personal information. We do not sell personal information.

10. Security

We protect data with industry-standard measures: TLS for all network traffic, encryption at rest where supported by our hosting providers, signed (Ed25519) messages for every authority claim on the network, and the principle of least privilege for internal access. No system is ever 100% secure; we cannot guarantee absolute security, but we work to minimise risk.

11. Children

The Site and the Node App are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at support@erslabs.net and we will delete it.

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be announced on the Site or by other reasonable means before they take effect.

13. Contact us

Questions, requests, or complaints about this Privacy Policy or our data practices? Reach us at support@erslabs.net.