Legal

Privacy Policy

Last updated: July 2026

Syro reads how minds are wired, which means the data you trust us with is personal by nature. This page explains, in plain language, exactly what we collect and what we do with it.

01What this covers

This policy explains what data Syro (syropersonality.com) collects, why we collect it, where it lives, who processes it on our behalf, and the choices you have. It applies to the website, the web app, and the emails we send.

The short version: we collect what the product needs to work, we don't sell your data, and you can leave and take your account data with you.

02What we collect

  • Account details: email address, name, date of birth, password (stored as a hash, never in plain text), and profile photo if you add one.
  • Your test data: answers, timing, and the resulting personality read (your type, confidence, and derived profile).
  • People you add: names, guessed or verified types, gender markers, relationship context (friend, partner, colleague), and photos, as entered by you.
  • AI conversations: messages you exchange with the Ask AI features, plus the personality context used to answer them.
  • Payment status: your subscription tier and billing state. Card details never touch our servers (see Payments below).
  • Usage data: pages visited and product events (test started, report viewed) via Google Analytics, plus standard server logs.
  • Approximate location: when you complete a test we record your IP address and the coarse location derived from it (country, region, city, approximate coordinates). We use this to understand where Syro is being used and, if you opt into matching features, to suggest compatible people near you. We never track your device's GPS.

03Adding other people

Syro lets you add people you know and estimate how you fit together. Information you enter about someone else (their name, your guess at their type, a photo) is visible only inside your account. It is not shown to them, not made public, and not used to build a profile of them outside your workspace.

If you invite someone and they join, they control their own account and their verified type is shared between you both as part of the connection you accepted with each other.

04How we use your data

  • To run the product: computing your read, scoring compatibility, rendering your circles and reports.
  • To personalize AI features: your type, your people, and your questions are sent to our AI provider to generate answers (see Processors).
  • To email you: transactional email (password resets, verification, invites) and, after you take the test, a short series of onboarding emails. Every non-transactional email has an unsubscribe link that works with one click.
  • To improve the product: aggregate, de-identified analytics on how features are used.

We do not sell personal data, and we do not share it with advertisers.

05AI processing

AI features (Ask Syro, relationship chat, the voice interview) are powered by OpenAI's API. When you use them, the relevant conversation and personality context is sent to OpenAI to generate the response. We use API terms under which OpenAI does not train its models on this data.

06Payments

Payments are handled by Polar (polar.sh) as merchant of record. Your card details go directly to them and their payment processors; Syro only receives confirmation of what plan you're on. Polar's own privacy policy applies to the payment itself.

07Processors we rely on

  • MongoDB Atlas: primary database (account, test results, people, circles).
  • Vercel: hosting and serverless infrastructure.
  • OpenAI: AI answer generation.
  • Polar: payments, as merchant of record.
  • Brevo: sending email.
  • Google Analytics: product usage analytics.
  • AWS S3 / CloudFront: file storage and delivery where applicable.

Each processor receives only what it needs for its job and is bound by its own data processing terms.

08Cookies

We use a session cookie to keep you signed in and analytics cookies from Google Analytics to understand product usage. We don't run third-party advertising cookies.

09Retention and deletion

Your data is kept while your account is active. If you delete your account, or email us asking us to, we delete your account data (profile, test results, people, circles, conversations) from the live database. Backups age out on a rolling schedule.

You can also request a copy of the data we hold about you.

10Security

Passwords are hashed, transport is encrypted (HTTPS everywhere), secrets are stored outside the codebase, and access to production data is restricted. No system is perfectly secure, but we treat the personal nature of this data as the design constraint.

11Age

Syro is not intended for children under 16. We don't knowingly collect data from anyone under 16; if you believe we have, email us and we'll delete it.

12Changes

If this policy changes in a way that matters, we'll update the date at the top and, for significant changes, tell you by email or in the product.

Questions about this document or your data? Email us at team@syropersonality.com and a human will reply.