Privacy Policy

Effective Date: June 12, 2026

Synapse Social, Inc. (“Synapse,” “we,” “us,” or “our”) operates the Synapse research platform and the Hera mobile app for personal health cases. This Privacy Policy describes how we collect, use, share, and protect your information when you use synapsesocial.com, our mobile applications, and related services (collectively, the “Services”).

Information We Collect

Depending on how you use the Services, we may collect:

  • Account information — name, email address, sign-in identifiers, timezone, and professional affiliation when you register
  • Health case information (Hera) — case titles and descriptions, chat messages, confirmed health profiles (conditions, medications, symptoms, lab values, notes), and medical records you upload (PDFs, images, text files)
  • Voice input (Hera voice beta) — live microphone audio during an active voice session; raw audio is not stored by Synapse after the session ends
  • Usage data — pages visited, features used, device type, and interaction patterns within the platform

We collect health information directly from you when you type it, upload records, or speak during a voice session. We do not purchase health records from third parties.

How We Use Your Information

We use your information to:

  • Provide, operate, and improve the Synapse and Hera Services
  • Build and update your health case profile from the information and records you provide
  • Generate citation-grounded research briefs, intake summaries, and suggested questions for your clinician
  • Power conversational features (typed chat and voice) within your health case
  • Send optional weekly digest emails when you enable them for a health case
  • Communicate about product updates, support, and account matters
  • Analyze aggregated usage to improve reliability and product experience

We do not use your health information for advertising, and we do not sell your personal information.

Third-Party AI and Service Providers

To provide Hera’s health-case features, we send certain personal data to third-party service providers. Before sending your health information to a third-party AI service, the Hera app asks for your explicit consent and explains what data is sent and who receives it.

Third-party AI providers we use for Hera:

  • Google (Gemini / Google AI APIs) — we send your case description, chat messages, uploaded record contents, confirmed profile details, and live voice audio (during voice sessions) so Gemini can read your records, respond to questions, and generate research briefs. Google processes this data under its enterprise AI terms; we configure our use so your data is not used to train consumer advertising models.
  • Exa — we send search queries derived from your case (not your full medical records) to retrieve recent medical research and news from the public web when generating briefs.

Other service providers that help us operate the platform (under contractual obligations to protect your data):

  • Amazon Web Services (AWS) — encrypted hosting, storage, and databases
  • Firebase (Google) — authentication
  • Sentry — error monitoring (may include technical metadata, not medical record contents)
  • Customer.io — transactional and digest email delivery

We require these providers to protect personal data with safeguards comparable to our own. We share only what is necessary to deliver the feature you requested.

Data Sharing

We may share your information only in these circumstances:

  • With the service providers described above, to operate the Services you use
  • If required by law, regulation, or valid legal process
  • In connection with a merger, acquisition, or sale of assets (with notice where required by law)
  • With your explicit direction (for example, when you request researcher contact)

Data Security

We use commercially reasonable technical and organizational measures to protect your information, including encryption in transit (TLS) and at rest for stored medical records. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Data Retention and Deletion

We retain your account and health case data while your account is active. You may delete your Hera account from within the app, which permanently removes your account, health cases, and associated records from our systems (subject to limited backup retention). You may also request deletion by contacting us at nikko@synapsesocial.com.

Your Rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, or to withdraw consent for AI processing (which may limit Hera features). Contact us at nikko@synapsesocial.com to exercise these rights.

Educational Use Only (Hera)

Hera is an educational and informational tool. It does not provide medical advice, diagnosis, or treatment, and is not a substitute for professional medical care.

Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the effective date. Material changes to how we use health information or share it with AI providers will be communicated in-app where required.

Contact Us

Questions about this Privacy Policy: nikko@synapsesocial.com

Privacy Policy | Synapse