Help Desk : (816) 300-1399
Get Started

Get In Touch

Email support@sydkic.com
Phone (816) 300-1399
Location 2340 W Bell Rd Ste 124 Phoenix AZ 85023

Privacy Policy

Terms of Service
Data Processing Addendum
Privacy Policy
Cookies Statement
Service Level Agreement
AI Product Terms
Effective date: February 8, 2024

At sydkic, Inc. ("sydkic," "we," or "us"), we place a high priority on the privacy and security of personal data.

We handle personal data in two ways: (1) for our own purposes and (2) according to the instructions of our customers who use the sydkic service ("Service") and store certain information in it. In the latter case, we strictly follow our customers' instructions and only use the data to provide the Service, as detailed in the Data Processing Addendum.

This Privacy Policy outlines how we process personal data for our own purposes, including data related to:

  • Our customers, their end users, and representatives,
  • Website visitors,
  • Newsletter subscribers,
  • Potential customers,
  • Our business partners and their representatives.

It applies to information collected through the Service, our website www.sydkic.com, other sydkic-administered websites where this Privacy Policy is posted, our mobile apps, and other sources.

If you have any questions or suggestions about our privacy practices, please contact us at privacy@sydkic.com. You can also reach out to request data access, deletion, or to exercise other rights as a data subject.

Table of Contents

  1. Methods of Collecting Personal Data
  2. Categories of Personal Data We Handle
  3. Google Calendar OAuth Data Collection and Usage
  4. Reasons We Use Personal Data
  5. Ways We Share Personal Data
  6. Your Rights & Choices Regarding Data Protection
  7. Duration of Personal Data Retention
  8. Transfer of Personal Data Across Borders
  9. Information About Children
  10. Security Practices
  11. Legal Justifications for Processing Personal Data (For EEA Visitors/Customers)
  12. Specific Information for California Residents
  13. Updates to Our Privacy Policy
  14. How to Reach Us

1. Methods of Collecting Personal Data

Using sydkic Service: When you use our Service, we store all the content you provide, including details about you as a customer or end user. This information is gathered either directly from you or through integrations with services like Facebook or Instagram. If you request us to sign a Data Processing Agreement (DPA) or other documents, we also collect relevant data about you and your representatives.

Emails or Messages: If you send us emails or messages via chat, we store the content of those communications, including any attachments and your contact details.

Submitting Forms or Attending Events: When you fill out forms on our Site (such as contact forms, subscriptions, demo requests, or event registrations), we collect your contact information and any details you provide. For joint events with partners, we may also receive information from them.

Using the Site: We collect certain information when you use our Site, including cookies, which might, on their own or combined with other data, be considered personal data.

Joining Communities: When you join our Facebook groups or other online communities, we can view your profile data and process comments you post. However, we don’t collect or store this information, but rather have access to it as part of the group interaction.

2. Categories of Personal Data We Handle

Customer Account Information: To set up or update your account and deliver the Service, we gather details from you and third-party integrations (e.g., Facebook, Instagram). This includes your ID, name, email, status, linked pages/accounts, products in use, and location.

Financial Information: For processing payments related to the Service subscription, we require your credit card details (last four digits), account information, and payment details.

Contact and Business Information: We collect data about our customers and potential customers for communication and cooperation purposes, such as your full name, job title, company, email, and other contact details as needed.

Requests, Messages, and Form Submissions: We process messages, support requests, emails, and information you provide via online forms or social media. This includes the content of these communications and any contact details you share.

Usage Data and Technical Information: When interacting with the Service, we automatically collect metadata and log files. This may include your IP address, browser type and settings, usage dates and times, browser configuration, language preferences, pages viewed, time spent on pages, and device information if accessed from a phone (e.g., device type, operating system, and identifiers).

Email Performance Data: To measure engagement with our newsletters, we may use tracking technologies like a ‘clear image’ (gif). Most of this data is aggregated. You can disable this tracking by turning off images in the email.

Website Cookies and Similar Technologies: We use cookies on our Site. For details, please refer to our Cookie Statement.

Customer Content: As you use our Service, you may import personal data from your users, customers, or contacts. We process this data solely on your behalf, as our customer. We do not have a direct relationship with your Subscribers or other individuals, so it’s your responsibility to ensure you have the necessary permissions and legal grounds for us to handle this information. For details on processing Subscriber data, refer to our Data Processing Addendum.

Sensitive Personal Data: Please avoid sending or disclosing sensitive personal data (e.g., social security numbers, racial or ethnic origin, political opinions, religion, health, biometric or genetic data, criminal records, or union membership) through the Service.

3. Google Calendar OAuth Data Collection and Usage

We integrate with Google Calendar OAuth to provide seamless scheduling and appointment management within the Sydkic platform. When you connect your Google Calendar, we may collect and use:

Calendar events and metadata: Event titles, dates, times, attendees, and reminders.

Basic user profile data: Email address and time zone.

Authentication tokens: Secure OAuth tokens that allow access without storing passwords.

How We Use Google Calendar Data:

Sync Events: To create, update, or delete events on your behalf.

Manage Appointments: Automate scheduling, notifications, and follow-ups.

Provide a Better Experience: Optimize services based on calendar interactions.

Data Privacy and Compliance:

We only request the minimum permissions necessary to perform these tasks.

Your calendar data is not shared with third parties without your consent.

You can revoke access at any time by managing connected apps in your Google account.

We comply with Google’s Limited Use Policy by only using the data for the intended purpose.

4. Reasons We Use Personal Data

Service Operation: We use your data to fulfill our agreement with you, manage your account, and communicate with you about account-related matters, such as announcements, technical notices, updates, security alerts, and support. We also use your data for billing purposes.

Service Provision: We process Customer Content on your behalf as outlined in the Data Processing Addendum.

Communication and Marketing: If you request information, register for the Service, fill out forms, or participate in surveys, promotions, or events, we may send you marketing communications related to Manychat, provided this is allowed by law. You can opt out of these communications at any time.

Event Management: We use the data you provide when registering for events to send reminders, updates, and information about the event and our services. We may also seek your feedback and offer an opt-out option in all communications.

Legal Compliance: We use your data to meet legal obligations, including compliance with sanctions, accounting, tax requirements, legal processes, and responses to subpoenas or government requests. We carefully verify the legitimacy of such requests before disclosure.

Contractual Obligations: We collect and process information about our counterparties and their representatives to negotiate, establish, and fulfill agreements.

Safety and Compliance: We use your data as needed to enforce the Service’s terms and conditions, protect our and others' rights, privacy, safety, and property, and prevent, investigate, and address fraudulent or illegal activities.

5. Ways We Share Personal Data

We do not sell your data to third parties for commercial or advertising purposes. We only share your data as described in this Privacy Policy or with your explicit consent.

Service Providers: We engage third-party companies and individuals to assist with various functions, such as payment processing and data management (e.g., CRM systems, email services, cloud storage). For a list of these service providers and their roles, visit www.manychat.com/legal/serviceproviders. We also use third-party cookies on our Site, detailed further in our Cookie Statement. These parties can only use your data to carry out their tasks as specified in our agreements and not for other purposes.

Professional Advisors: We may share your data with professional advisors, including lawyers, bankers, auditors, and insurers, when necessary for their services.

Third-Party Applications and Integrations: To provide our Service, we exchange data with integrations and apps linked by customers (e.g., Facebook, Instagram, Stripe, PayPal), as well as apps developed through the “Sydkic Developer Program.”

Business Transfers: As our business evolves, we may buy or sell businesses or assets. In the event of a corporate transaction like a sale, merger, or reorganization, personal data may be transferred as part of the assets. Any successor or buyer of Sydkic (or its assets) will retain the right to use your data in line with this Privacy Policy. We might also disclose aggregated data to describe our Service to potential buyers or partners.

Legal Compliance and Law Enforcement: We may disclose your data to comply with legal obligations, respond to legal requests, enforce our Service’s terms, protect our and others' rights and safety, and address fraudulent or illegal activities.

Corporate Affiliates: We may share personal data with our affiliated companies. For more details, visit www.sydkic.com/legal/serviceproviders.

6. Your Rights & Choices Regarding Data Protection

You have several rights regarding your personal data:

Access: You can request access to the personal data Manychat holds about you at any time by contacting us.

Update or Delete: You can also ask us to update, correct, or delete information in your account. For more details on account deletion, please refer to our specific instructions.

Rights for EEA, UK, or Switzerland Residents: If you are in the European Economic Area (EEA), the UK, or Switzerland, you can object to the processing of your personal data, request restrictions on how your data is processed, or ask for your data to be transferred to another organization where technically feasible. Additionally, if we have processed your data based on your consent, you can withdraw that consent at any time. This withdrawal will not affect the legality of any processing done before your withdrawal or processing done on other legal grounds.

Complaints: You have the right to file a complaint with a data protection authority about how we handle your personal data. Contact details for data protection authorities in the EEA, Switzerland, and other countries, including the U.S. and Canada, can be found here.

Request Submission: You can submit your requests through the "Privacy & Security" section of our Support Page or by emailing privacy@sydkic.com. We will respond to all requests in line with applicable data protection laws.

Access to Data Controlled by Our Customers: We do not have a direct relationship with the subscribers whose data is managed by our customers using the Service. If you wish to access, correct, amend, or delete personal data that our customers control, please contact the customer directly.

7. Duration of Personal Data Retention

We will keep and process your personal data for as long as the Agreement between us remains active, as detailed in our Terms of Service.

In addition, we may retain certain data for longer periods if required by law or if necessary to address any disputes, prevent misuse, or uphold our agreements. This means that even after the termination of our Agreement, we might continue to hold onto your personal data for a duration specified by legal requirements or for resolving any ongoing issues.

8. Transfer of Personal Data Across Borders

Your personal data may be stored and processed in any country where Sydkic operates or where we utilize service providers, including the United States.

By agreeing to the terms of this Privacy Policy, you acknowledge and consent to (1) the transfer and processing of your personal data on servers located outside of your country of residence and (2) our collection and use of your personal data as outlined here and in compliance with the data protection laws of the countries where we have facilities or engage service providers, which may differ from or be less protective than the laws in your country.

EU-U.S. Data Privacy Framework Compliance

Sydkic adheres to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as established by the U.S. Department of Commerce. Sydkic has certified to the Department of Commerce that it complies with the EU-U.S. DPF Principles regarding the processing of personal data received from the European Union, and the UK Extension to the EU-U.S. DPF Principles regarding data received from the United Kingdom (including Gibraltar). Sydkic is also certified under the Swiss-U.S. DPF Principles for personal data from Switzerland.

In line with the EU-U.S. DPF, Swiss-U.S. DPF, and the UK Extension, Sydkic commits to resolving any unresolved complaints about our handling of personal data received under these frameworks by referring them to the ICDRAAA DPF IRM Service, an alternative dispute resolution provider based in the U.S. If you do not receive a prompt acknowledgment of your complaint or if it is not resolved to your satisfaction, visit ICDRAAA DPF IRM Service for more details or to file a complaint. This service is provided at no cost to you.

To learn more about the Data Privacy Frameworks and to view our certification, visit Data Privacy Framework. We are dedicated to applying the Principles of the Data Privacy Frameworks to all personal data received from the EU, EEA, UK, and Switzerland, including with respect to onward transfers. We also commit to addressing complaints related to our data collection or use practices, and individuals with such inquiries should contact us at privacy@sydkic.com. If you do not receive a timely acknowledgment or resolution, please reach out to the relevant data protection authorities for further assistance. These services are available at no cost to you.

Sydkic will cooperate with and comply with the guidance of the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) regarding unresolved complaints about our data handling practices under the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF.

In certain situations, the Data Privacy Frameworks provide the right for EU, Swiss, and UK individuals to seek binding arbitration to resolve complaints not settled through other means, as described in Annex I of the Frameworks.

Sydkic is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) concerning compliance with the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF. We may also be required to disclose personal data to meet lawful requests by public authorities, including for national security or law enforcement purposes.

In the event of any conflict between this privacy statement and the EU-U.S. DPF Principles or Swiss-U.S. DPF Principles, the Principles will take precedence.

If the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF do not apply, Sydkic relies on other data transfer mechanisms, such as Standard Contractual Clauses, to transfer personal data outside the EEA, UK, and Switzerland (see Annex 3 to the Data Processing Addendum).

9. Information About Children

At Sydkic, we prioritize the safety and protection of children online. We urge parents and guardians to actively engage with their children while they are online, to observe, participate in, and monitor their online activities. Our Site and Service are designed for users who are at least 18 years old, and we do not knowingly collect or seek to collect personal information from individuals under the age of 18.

If you are under 18, please do not attempt to register for the Service or provide us with any personal information such as your name, address, phone number, or email address. Should we discover that we have inadvertently collected personal data from someone under 18 without verifying parental consent, we will promptly delete that information. If you are a parent or legal guardian and suspect that we might have information about your child under 18, please contact us. We do not sell any personal data of our customers, including those between the ages of 13 and 18.

10. Security Practices

Protecting Your Information

We implement reasonable and appropriate measures to safeguard personal data against loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures are tailored to the risks associated with data processing and the nature of the personal data involved. For a detailed list of our security measures, please refer to Annex 2 of the Data Processing Addendum.

While we strive to store personal data securely on our Site, Service, and other systems in a protected environment, we cannot guarantee absolute security. The transmission and storage of personal data carry inherent risks, and despite our best efforts to maintain data integrity and security, we cannot ensure that our security measures will completely prevent unauthorized access by third parties, such as hackers. We do not make any guarantees regarding the protection of your personal data from loss, misuse, or alteration by unauthorized entities.

Our credit card processing vendor employs its own security measures to protect your information during and after transactions.

If you have any concerns or questions about the security of your personal data, please reach out to us at privacy@sydkic.com.

Notification of Security Breach

In the event of a security breach that results in unauthorized access to our systems and materially affects you or your Subscribers, we will promptly inform you and provide details about the actions we have taken in response.

11. Legal Basis for Processing Personal Data (For EEA and UK Visitors/Customers)

If you are located in the EEA or the UK, the legal basis for our collection and use of personal data depends on the specific purpose and type of data being processed:

We process personal data to fulfill our contractual obligations with you related to the use of our Service, in accordance with Article 6(1)(b) of the GDPR or UK GDPR.

We also process personal data based on our legitimate interests, as outlined in Article 6(1)(f) of the GDPR or UK GDPR, in the following scenarios:

  • To communicate with you and provide updates about our Service
  • To adhere to legal obligations
  • To organize events and keep you informed
  • To negotiate, enter into, and execute agreements
  • For compliance and safety purposes

Some data processing, such as the use of cookies, is based on your consent, in line with Article 6(1)(a) of the GDPR or UK GDPR. Details about this can be found in our Cookie Statement.

When we require personal data to meet a legal obligation or enter into a contract with you, we will inform you clearly at that time, indicating whether the provision of your data is mandatory and what might happen if you choose not to provide it. If we process your data based on our legitimate business interests, we will also explain those interests to you at the relevant time.

12. Specific Information for California Residents

If you are a California resident, you have specific rights under California Civil Code Section 1798.83, which allows you to request details on how we have shared your personal data with third parties for their direct marketing purposes over the past year. To make such a request, please contact us at privacy@sydkic.com. We will respond to your request within 30 days of receiving it, and we are only obligated to respond to each individual request once per calendar year.

Additionally, California's data protection laws, including the California Consumer Privacy Act of 2018 and the California Privacy Rights Act of 2020 (as updated or replaced), grant you the following rights:

  1. Requests to Know
    You can request information on:
    • The categories of personal data we have collected about you.
    • The categories of personal data we have sold or disclosed for business purposes.
    • The sources from which we have collected your personal data.
    • The business or commercial purposes for selling, sharing, or collecting your personal data.
    • The categories of personal data sold or shared and the categories of third parties who received this data.
    • The specific pieces of personal data collected.
    You may submit a request to know via the "Privacy & Security" section on our Support Page or by emailing us at privacy@sydkic.com. We will respond electronically or by mail, and we are not required to respond to more than two such requests within a 12-month period.
  2. Requests to Delete
    You have the right to request deletion of your personal data that we have collected. Upon receiving a verified request, we will delete the data unless legally required to retain it. Submit your request to delete personal data through the "Privacy & Security" section on our Support Page or by contacting us at privacy@sydkic.com.
  3. Authorized Agents
    You may designate an authorized agent to submit requests on your behalf. Written permission is required for the agent to act on your behalf, and we may ask you to verify your identity directly with us and confirm the agent's authorization. This verification is not necessary if the agent has a power of attorney under Cal. Prob. Code §§ 4121 to 4130.
  4. Submitting Requests and Our Response
    Requests for access and deletion of personal data can be made via the "Privacy & Security" section on our Support Page or by email at privacy@sydkic.com. We may request additional information to verify your identity, which will be used solely for that purpose.

    We will acknowledge receipt of your request within ten business days and aim to respond within 45 calendar days. If more time is needed (up to 90 days), we will notify you of the reason and extended timeframe in writing. Our response will cover the 12-month period prior to your request and explain any reasons for noncompliance, if applicable.

    We do not charge a fee for processing verifiable consumer requests unless they are excessive, repetitive, or unfounded. If a fee is necessary, we will provide a cost estimate before proceeding.

    We do not currently alter our practices in response to "Do Not Track" signals due to the absence of a formal standard. For information on opting out of targeted advertising, visit www.aboutads.info/choices.

  5. The Right to Non-Discrimination
    You have the right to be free from discrimination for exercising your California privacy rights. Unless permitted by the California Consumer Privacy Act, we will not:
    • Deny you goods or services.
    • Charge different prices or rates, including through discounts or other benefits, or impose penalties.
    • Provide a different level or quality of goods or services.
    • Suggest that you may receive different pricing or quality of goods or services.

Feel free to contact us if you have any questions regarding these rights.

You are not obligated to provide your personal data. However, if the data is necessary to enter into or fulfill a contract, failure to provide it may prevent us from completing the contract.

For any questions or further information about the legal basis for our data processing, please contact us at privacy@sydkic.com.

13. Updates to Our Privacy Policy

We may periodically update this Privacy Policy to address legal, technical, or business changes. Whenever we make significant updates, we will notify you in advance, in line with the importance of the changes. If required by applicable data protection laws, we will seek your consent for any substantial modifications to the Privacy Policy.

You can find the most recent update date by checking the “EFFECTIVE DATE” at the top of this Privacy Policy. The updated Privacy Policy will apply to both current and past users of the website and will supersede any previous notices that are inconsistent with the new policy.

13. How to Reach Us

If you need further information or have any questions regarding our privacy policy, please contact us via email at support@sydkic.com