Privacy notice.

Who we are

Synthology Healthcare Solutions Group, LLC (“Synthology”, “we”) is a Florida limited liability company developing non-device software under FD&C Act §520(o)(1)(D) and ISO 13485–aligned quality discipline. This privacy notice covers personal information you provide or that we collect through synthologysolutions.com, the related .net staging environment, and the email inboxes published on this site.

This notice does not cover protected health information (PHI) handled by our products in customer deployments. Customer use of XyDromatics products is governed by Business Associate Agreements (BAAs) and the customer’s own privacy program — not by this notice.

What we collect

We collect personal information in three ways:

• Web-form submissions — when you complete the demo-request form or any other web form on this site, we receive what you submit (typically name, work email, organization, role, and a short message describing what you’re trying to solve). The form provider in staging is Formspree; production uses our own SynthQMS lead-capture endpoint.
• Email correspondence — when you email any of our published mailboxes (sales@, support@, security@, regulatory@, services@, compliance@, partners@), the messages and any attachments arrive in our Microsoft 365 tenant and are processed per DOC-2026-198 (Email Monitoring Policy). We capture sender / recipient / subject / timestamp / message body and any attached files.
• Site analytics — Cloudflare Insights measures aggregate page-view metrics (which pages are loaded, browser type, country-level geography). This telemetry is not tied to individual identity. We do not run third-party advertising trackers.

Why we use it

Personal information you provide is used to respond to your specific inquiry, scope a possible engagement, deliver services we’ve agreed to, and meet our regulatory and contractual obligations. We do not add web- form submitters to a marketing email list, sell contact information to third parties, or use form submissions for advertising-targeting.

Aggregate site analytics are used for capacity planning, content-improvement decisions, and basic measurement of whether the site is working.

Who else sees your information

We use the following service providers, each under their own privacy program:

• Cloudflare — DNS, content delivery, hosting (Cloudflare Pages), aggregate analytics (Cloudflare Insights). Cloudflare’s privacy policy applies to data they process on our behalf.
• Microsoft (Microsoft 365) — email, identity, and shared mailboxes for the published inboxes. Microsoft’s privacy program governs their handling.
• Formspree (staging only) — receives demo-request form submissions during the staging phase. Production deployment replaces Formspree with our own SynthQMS endpoint.
• Intuit (QuickBooks Online) or Xero — accounting integration for invoiced engagements. Only customer-billing-relevant data flows here, not web-form submissions.
• IES-Advisors — when an engagement involves IES-Advisors consultants under our Partnerships disclosure, relevant engagement details are shared between Synthology and IES-Advisors. Both organizations are under common control of Michael Danson; see the Partnerships section on /about for the full disclosure.

We do not sell your personal information. We do not transfer it to third parties for their own marketing or advertising use.

How long we keep it

Web-form submissions and email correspondence are retained per DOC-2026-198 (Email Monitoring) and DOC-2026-199 (CRM Activity Capture). Operational records related to active customer engagements are kept for the duration of the engagement plus the longest applicable regulatory window (typically 6 years for general commercial records; longer where our ISO 13485–aligned quality discipline calls for extended complaint-record retention). Aggregate site analytics are retained for 90 days.

Your rights

You can ask us to:

• Tell you what personal information we hold about you
• Provide a copy of that information
• Correct inaccurate information
• Delete information that isn’t required for ongoing regulatory or contractual obligations
• Restrict or object to particular uses

To exercise these rights, email compliance@synthologysolutions.com . We acknowledge requests within 5 business days and complete them within 30 days where reasonably possible.

Children

This site is intended for healthcare-IT professionals and organizational decision-makers. We don’t knowingly collect personal information from children under 13. If we learn we have, we’ll delete it.

Cookies and similar technologies

This site uses minimal client-side technology. The Cloudflare Insights beacon collects aggregate analytics without setting persistent identifiers. No advertising cookies, retargeting pixels, or third-party trackers are present.

Changes to this notice

We may update this notice as our practices evolve or as regulations change. Material changes are dated at the top of this page; minor edits may not be flagged. The authoritative version of this notice always lives at /privacy on the production site.

Contact

Questions about this notice or about how we handle your information: