1. Introduction

Synaptica ("we", "our", or "us") is committed to protecting the personal information of individuals who interact with our website, services, and products. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage with our advisory, technology, or training services.

By accessing our website or services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our services.

2. Information We Collect

2.1 Information You Provide Directly

• Name, email address, phone number, and organisation when you contact us or submit a form
• Professional information such as job title, industry, and business needs shared during advisory engagements
• Payment and billing information when purchasing Academy programmes or services
• Communications and correspondence you send to us

2.2 Information Collected Automatically

• Log data including IP address, browser type, pages visited, and time spent
• Device information including hardware model, operating system, and unique device identifiers
• Usage data about how you interact with our website and digital products
• Cookies and similar tracking technologies (see Section 7)

2.3 Information from Third Parties

• Business contact information from professional networks and partners
• Analytics data from third-party service providers

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service delivery — to provide advisory services, AI solutions, and Academy training programmes you have engaged us for
• Communication — to respond to enquiries, send service updates, and provide support
• Marketing — to send newsletters, event invitations, and information about our services (with your consent where required)
• Improvement — to analyse usage patterns and improve our website, products, and services
• Legal compliance — to meet regulatory obligations and enforce our terms
• Security — to detect, investigate, and prevent fraudulent or unauthorised activity

4. Legal Basis for Processing (GDPR)

Where applicable under the General Data Protection Regulation (GDPR) or similar regional legislation, we process your data on the following legal bases:

• Contract performance — processing necessary to deliver services you have contracted
• Legitimate interests — business development, service improvement, and security
• Consent — for marketing communications and non-essential cookies
• Legal obligation — where required by applicable law

5. Data Sharing and Disclosure

We do not sell your personal information. We may share it with:

• Service providers — trusted third parties who assist us in operating our business (cloud hosting, analytics, payment processing), bound by confidentiality obligations
• Professional advisors — legal, accounting, and consulting firms under professional secrecy obligations
• Regulatory authorities — where required by applicable law, court order, or government authority in Qatar, UAE, or other applicable jurisdictions
• Business transfers — in connection with a merger, acquisition, or sale of business assets

6. International Data Transfers

Synaptica operates primarily in the Gulf Cooperation Council (GCC) region, including Qatar and the UAE. Where data is transferred outside your jurisdiction, we ensure appropriate safeguards are in place, including standard contractual clauses or equivalent protections recognised by applicable law.

7. Cookies

We use cookies and similar technologies to enhance your browsing experience. These include:

• Essential cookies — required for the website to function
• Analytics cookies — help us understand how visitors use the site
• Preference cookies — remember your settings and choices
• Marketing cookies — used to deliver relevant advertising (with consent)

You may control cookies through your browser settings. Disabling certain cookies may affect website functionality.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Client engagement data is typically retained for seven (7) years in compliance with GCC commercial regulations. Marketing data is retained until you withdraw consent or request deletion.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request deletion of your personal data ("right to be forgotten")
• Object to or restrict certain processing activities
• Request portability of your data in a structured, machine-readable format
• Withdraw consent at any time where processing is consent-based
• Lodge a complaint with a relevant data protection authority

To exercise any of these rights, please contact us at info@synaptica.global.

10. Data Security

We implement industry-standard technical and organisational measures to protect your information against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure and we cannot guarantee absolute security.

11. Children's Privacy

Our services are directed at business professionals and organisations. We do not knowingly collect personal information from individuals under the age of 18. If you believe we have inadvertently collected such information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting a notice on our website or contacting you directly. Continued use of our services after changes constitutes acceptance of the revised policy.

13. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy, please contact:

1. Agreement to Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you ("Client", "you") and Synaptica ("Company", "we", "our", "us") governing your access to and use of our website, advisory services, AI products, Academy training programmes, and any related services (collectively, "Services").

By accessing our website or engaging our Services, you confirm that you have read, understood, and agreed to be bound by these Terms. If you are agreeing on behalf of an organisation, you represent that you have authority to bind that organisation.

2. Description of Services

Synaptica provides the following categories of services:

• AI Advisory Services — strategic consulting, AI transformation roadmaps, readiness assessments, governance frameworks, and enterprise AI architecture advisory
• AI Products — including AI Tutora (education platform), AI Insurance (claims automation), and XIEM (trade intelligence), provided under separate product agreements
• Academy Training — structured AI training programmes delivered as individual enrolments, corporate group sessions, or organisation-wide licensing
• Website — informational content, resources, and contact services available at synaptica.global

3. Eligibility and Account Registration

Our Services are intended for business professionals and organisations. By using our Services you represent that:

• You are at least 18 years of age
• You have the legal capacity to enter into binding agreements
• Any registration information you provide is accurate and current
• You will maintain the confidentiality of any account credentials

4. Engagement and Scope of Work

Specific advisory or product engagements will be governed by a separate Statement of Work (SOW) or Service Agreement, which will detail deliverables, timelines, fees, and acceptance criteria. In the event of conflict between these Terms and a specific SOW, the SOW shall prevail for that engagement.

5. Fees and Payment

• Fees for Services are set out in the relevant SOW, proposal, or Academy programme pricing
• Invoices are payable within thirty (30) days of issue unless otherwise agreed
• Late payments may attract interest at the rate of 1.5% per month or the maximum rate permitted by applicable law
• All fees are exclusive of applicable taxes, which you are responsible for paying
• Academy programme fees are non-refundable once course materials have been accessed, unless otherwise specified

6. Intellectual Property

6.1 Synaptica IP

All intellectual property rights in our Services, website content, methodologies, frameworks, software, and training materials remain the exclusive property of Synaptica or our licensors. Nothing in these Terms transfers any IP rights to you.

6.2 Client IP

You retain all intellectual property rights in data, documents, and materials you provide to us. You grant Synaptica a limited, non-exclusive licence to use such materials solely for the purpose of delivering the Services.

6.3 Deliverables

Upon full payment, Synaptica grants you a non-exclusive, non-transferable licence to use deliverables created specifically for your engagement for your internal business purposes.

7. Confidentiality

Each party agrees to keep confidential all non-public information received from the other party and to use it only for the purposes of the engagement. Confidentiality obligations survive termination of these Terms for a period of five (5) years. These obligations do not apply to information that is publicly available, independently developed, or required to be disclosed by law.

8. Data Protection

Where we process personal data on your behalf in delivering Services, we will do so in accordance with our Privacy Policy and applicable data protection laws, including those of Qatar and the UAE. Where required by law, parties will execute a separate Data Processing Agreement.

9. Warranties and Representations

Synaptica warrants that:

• Services will be performed with reasonable skill and care by qualified professionals
• We have the authority to enter into these Terms and deliver the Services

We do not warrant that Services will be uninterrupted or error-free, or that any specific business outcomes will be achieved. AI systems and recommendations are advisory in nature; business decisions remain your responsibility.

10. Limitation of Liability

To the maximum extent permitted by applicable law:

• Synaptica's total liability for any claim arising out of or related to these Terms shall not exceed the total fees paid by you in the three (3) months preceding the claim
• We shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profit, data, or business opportunity
• Nothing in these Terms excludes liability for fraud, wilful misconduct, or death or personal injury caused by our negligence

11. Indemnification

You agree to indemnify, defend, and hold harmless Synaptica and its officers, directors, employees, and agents from any claims, damages, or expenses (including reasonable legal fees) arising from your use of our Services, violation of these Terms, or infringement of any third-party rights.

12. Term and Termination

• These Terms remain in effect while you access our Services or have an active engagement
• Either party may terminate an engagement for material breach, provided thirty (30) days' written notice and an opportunity to cure
• Synaptica may suspend or terminate access to the website immediately for violations of these Terms
• Upon termination, provisions relating to IP, confidentiality, payment, and liability survive

13. Acceptable Use

You agree not to:

• Use our Services for any unlawful purpose or in violation of any regulations
• Reproduce, distribute, or create derivative works from our training materials without written consent
• Attempt to reverse-engineer, decompile, or extract source code from our software products
• Use our website to transmit malware, spam, or harmful content
• Misrepresent your identity or affiliation when engaging with our Services

14. Governing Law and Dispute Resolution

These Terms are governed by the laws of Qatar. Any disputes arising from these Terms shall first be subject to good-faith negotiation. If unresolved within thirty (30) days, disputes shall be referred to binding arbitration under the rules of the Qatar International Court and Dispute Resolution Centre (QICDRC), or such other arbitration body as agreed in writing by the parties.

15. Force Majeure

Neither party shall be liable for delays or failures in performance resulting from circumstances beyond their reasonable control, including acts of God, war, pandemic, government action, or infrastructure failures, provided the affected party notifies the other promptly.

16. General Provisions

• Entire Agreement — These Terms, together with any applicable SOW, constitute the entire agreement between the parties
• Severability — If any provision is found unenforceable, the remaining provisions continue in full effect
• Waiver — Failure to enforce any provision does not constitute a waiver of future enforcement
• Amendments — We may update these Terms with reasonable notice; continued use constitutes acceptance
• Assignment — You may not assign these Terms without our prior written consent

17. Contact

For any questions regarding these Terms, please contact:

1. Our Commitment

Synaptica is an AI company operating at the intersection of technology, regulation, and enterprise transformation. We believe that artificial intelligence must be developed and deployed responsibly, not as a compliance obligation, but as a foundational design principle. This Responsible AI Policy sets out the values, standards, and practices that govern how we build, deploy, and govern AI systems across our products and advisory engagements.

This policy applies to Synaptica's internal AI development, the products we deliver to clients, and the advisory frameworks we provide to organisations undergoing AI transformation.

2. Guiding Principles

Our responsible AI framework is built on six core principles:

2.1 Transparency

We are committed to explainability in AI decision-making. Where AI systems produce outcomes that affect individuals or business decisions, we design those systems to surface reasoning, confidence levels, and supporting evidence. We do not deploy "black-box" systems in contexts where explainability is operationally or legally required.

2.2 Fairness and Non-Discrimination

AI systems built or advised upon by Synaptica are designed to avoid producing outputs that unfairly discriminate on the basis of race, nationality, gender, age, religion, disability, or any other protected characteristic. We conduct bias assessments as a standard step in model evaluation and require clients to adopt equivalent practices when deploying our frameworks.

2.3 Human Oversight and Control

AI augments human judgement. It does not replace it in high-stakes decisions. Our systems are designed with human-in-the-loop mechanisms where outcomes carry significant consequences. We actively work against the inappropriate automation of consequential decisions without meaningful human review.

2.4 Privacy and Data Minimisation

We apply data minimisation principles to all AI development. Systems are built to function with the least invasive data footprint necessary to achieve their purpose. Where personal data is used in model training or inference, it is handled in compliance with applicable data protection regulations including those of Qatar, the UAE, and the GDPR where relevant.

2.5 Accountability

Synaptica takes responsibility for the AI systems it develops. We maintain clear documentation of model design decisions, training data provenance, evaluation criteria, and known limitations. Our clients receive governance frameworks that enable them to fulfil their own accountability obligations under applicable regulation.

2.6 Safety and Reliability

AI systems deployed by Synaptica are subject to rigorous pre-deployment testing, including adversarial evaluation and out-of-distribution performance assessments. We monitor live systems for performance drift, anomalous outputs, and unintended consequences, with defined remediation protocols.

3. Regulatory Alignment

Synaptica operates primarily in the Gulf Cooperation Council (GCC) region and aligns its responsible AI practices with the emerging regulatory frameworks of our primary markets:

• UAE National AI Strategy 2031 — we support the UAE's vision for ethical, human-centred AI and design our products in alignment with MBZUAI guidance on trustworthy AI
• Qatar National AI Strategy — our advisory and product work within Qatar is designed to support Digital Agenda 2030 objectives, including responsible digital transformation across government and regulated industries
• EU AI Act — where Synaptica systems are deployed in contexts that interact with EU data subjects or fall within EU jurisdiction, we apply the risk classification and conformity assessment requirements of the EU AI Act
• ISO/IEC 42001 — we align our internal AI management practices with the ISO AI management system standard and encourage clients to adopt equivalent frameworks

4. Prohibited Uses

Synaptica will not develop, deploy, or advise upon AI systems designed for any of the following purposes:

• Social scoring or mass surveillance of individuals by governments or private entities
• Manipulation of individuals through subliminal or deceptive techniques that exploit psychological vulnerabilities
• Autonomous weapons systems or AI-enabled tools designed to cause physical harm
• Discriminatory profiling based on protected characteristics in employment, credit, housing, or education
• Circumvention of legal processes, judicial oversight, or regulatory compliance obligations
• Generation of synthetic media (deepfakes) intended to deceive, defame, or defraud individuals

Engagements presented to Synaptica that involve any of the above will be declined regardless of commercial consideration.

5. AI Development Standards

5.1 Model Documentation

All AI models developed by Synaptica are accompanied by internal model cards documenting: purpose, intended use cases, out-of-scope uses, training data sources, evaluation results, known limitations, and bias audit outcomes. This documentation is updated with each significant model version.

5.2 Bias Auditing

Before deployment, AI systems undergo structured bias assessments covering representational fairness across relevant demographic and operational variables. Where bias is identified, we apply mitigation techniques including re-sampling, re-weighting, or post-processing corrections before deployment.

5.3 Model Monitoring

Deployed systems are monitored for performance degradation, distributional shift, and unexpected output patterns. Our monitoring protocols define alert thresholds and escalation procedures, with designated responsible AI reviewers assigned to each live system.

5.4 Incident Response

Synaptica maintains an AI incident response procedure for cases where deployed systems produce outputs that are harmful, discriminatory, inaccurate, or otherwise contrary to their intended purpose. Incidents are logged, investigated, and where relevant disclosed to affected parties in accordance with applicable law.

6. Client Responsibilities

When clients engage Synaptica to develop or implement AI systems, they accept shared responsibility for responsible deployment. Clients are expected to:

• Use AI systems only for the purposes for which they were designed and documented
• Maintain human oversight mechanisms appropriate to the risk level of the application
• Notify Synaptica promptly if they become aware of harmful, discriminatory, or unintended outputs from systems we have delivered
• Adopt the governance frameworks provided as part of advisory engagements and not disable or circumvent recommended safeguards
• Ensure that their use of Synaptica-delivered AI complies with applicable law in their jurisdiction

7. Third-Party AI and Open-Source Components

Where Synaptica incorporates third-party AI models, APIs, or open-source components into our products, we conduct responsible AI due diligence on those components as part of our standard evaluation process. We do not integrate third-party AI components whose licensing terms, known biases, or documented limitations are incompatible with the responsible AI standards set out in this policy.

8. Governance and Accountability

Synaptica's responsible AI programme is overseen at the executive level. Our Responsible AI function is responsible for maintaining this policy, conducting internal audits, managing the bias assessment programme, and responding to responsible AI concerns raised by clients, employees, or third parties.

This policy is reviewed and updated at least annually, and whenever significant changes occur in our product portfolio, regulatory landscape, or operational context.

9. Contact

For questions, concerns, or reports regarding this Responsible AI Policy, including to report a potential AI incident involving Synaptica systems, please contact:

1. What Are Cookies

Cookies are small text files placed on your device (computer, tablet, or mobile phone) when you visit a website. They are widely used to make websites function correctly, improve user experience, and provide information to website operators. Cookies may be set by the website you are visiting ("first-party cookies") or by third-party services operating on that site ("third-party cookies").

This Cookie Policy explains what cookies Synaptica uses on our website (synaptica.global), why we use them, and how you can control them.

2. How We Use Cookies

Synaptica uses cookies to:

• Ensure the website functions correctly and securely
• Remember your preferences and settings across visits
• Understand how visitors use our website so we can improve it
• Measure the effectiveness of our content and communications
• Deliver relevant content to users based on their browsing behaviour

3. Types of Cookies We Use

3.1 Strictly Necessary Cookies

These cookies are essential for the website to function. They enable core features such as page navigation, access to secure areas, and form submission. The website cannot function properly without these cookies and they cannot be disabled.

• Session cookies — maintain your session state as you navigate between pages; deleted when you close your browser
• Security cookies — protect against cross-site request forgery and other security vulnerabilities
• Load balancing cookies — ensure consistent performance by routing your requests to the same server

3.2 Preference Cookies

These cookies allow the website to remember choices you make (such as your language preference or region) and provide enhanced, personalised features. They may be set by us or by third-party providers whose services we have added to our pages.

• Language preference — remembers your preferred language or locale setting
• Interface preferences — stores display and accessibility preferences you have set

3.3 Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. This data helps us improve our website, content, and user experience.

• Google Analytics — tracks page views, session duration, referral sources, and user behaviour patterns. Data is anonymised and aggregated. You can opt out via Google Analytics Opt-out
• Performance monitoring — measures page load times and technical performance metrics to identify optimisation opportunities
• Error tracking — logs JavaScript errors and broken links to improve website reliability

3.4 Marketing and Targeting Cookies

These cookies are used to deliver advertisements and content that are relevant and engaging to you. They may be set by our advertising partners and used to build a profile of your interests. We use these cookies only where you have given explicit consent.

• LinkedIn Insight Tag — enables conversion tracking and retargeting for LinkedIn advertising campaigns. Governed by LinkedIn's Privacy Policy
• Meta Pixel — supports conversion tracking and audience building for Meta advertising platforms, where enabled. Governed by Meta's Data Policy
• Remarketing cookies — allow us to show relevant Synaptica content to previous visitors across other websites

4. Cookie Duration

Cookies are either session cookies — which expire when you close your browser — or persistent cookies — which remain on your device for a set period or until you delete them. The table below summarises the retention periods for key cookies:

• Strictly necessary cookies: Session (deleted on browser close) to 1 year
• Preference cookies: Up to 12 months
• Analytics cookies: Up to 26 months (Google Analytics default)
• Marketing cookies: Up to 90 days, depending on the platform

5. Third-Party Cookies

Some cookies on our website are set by third parties. We do not control these cookies and they are governed by the privacy policies of the respective third parties. Third-party services that may set cookies on our website include:

• Google LLC — analytics and advertising (Google Analytics, Google Ads)
• LinkedIn Corporation — professional network advertising and conversion tracking
• Meta Platforms Inc. — social media advertising and pixel tracking (where enabled)
• Hotjar Ltd — session recording and heatmap analytics (where enabled)
• HubSpot Inc. — CRM, contact form tracking, and marketing automation (where enabled)

We recommend reviewing the privacy policies of these providers to understand how they use the data collected through their cookies.

6. Managing Your Cookie Preferences

You have several options for controlling how cookies are used on your device:

6.1 Browser Settings

Most browsers allow you to view, manage, block, and delete cookies through their settings. Please note that disabling certain cookies may affect the functionality of our website. Instructions for managing cookies in common browsers:

• Google Chrome: Settings → Privacy and Security → Cookies and other site data
• Mozilla Firefox: Options → Privacy & Security → Cookies and Site Data
• Apple Safari: Preferences → Privacy → Manage Website Data
• Microsoft Edge: Settings → Cookies and site permissions → Cookies and site data

6.2 Opt-Out Tools

You can opt out of specific third-party analytics and advertising cookies using the following tools:

• Google Analytics:Google Analytics Opt-out Browser Add-on
• Interest-based advertising:Your Online Choices (EU/UK) or NAI Opt-out (US)
• LinkedIn: LinkedIn account Settings → Ads → Opt out of interest-based advertising

6.3 Cookie Consent Banner

When you first visit our website, you will be presented with a cookie consent banner that allows you to accept or decline non-essential cookies. You can withdraw or update your consent at any time by clicking the "Cookie Preferences" link in the footer of our website.

7. Do Not Track

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your browsing activity tracked. Our website currently does not respond to DNT signals, as no universally accepted standard for DNT compliance has been established. We encourage you to use the opt-out tools listed in Section 6 to manage your tracking preferences.

8. Cookies and Children

Our website is not directed at children under the age of 16. We do not knowingly use cookies to collect information from children. If you are a parent or guardian and believe your child has provided personal data through our website, please contact us and we will take steps to remove that information.

9. Changes to This Policy

We may update this Cookie Policy from time to time to reflect changes in technology, regulation, or our business practices. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website after changes are posted constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions about this Cookie Policy or wish to exercise your rights regarding cookies and data tracking, please contact: