Legal

Data Processing Agreement

Roles of the parties

The partner operator acts as the data controller for player data ingested into the Syncora platform. Syncora Lab acts as the data processor for that data, processing it under the controller's documented instructions.

Processing instructions

Syncora processes partner data to operate CRM, journeys, bonuses, gamification, messaging, and analytics on behalf of the partner, and to provide developer API access as configured by the partner. Additional processing purposes require a written instruction.

Confidentiality

Personnel authorised to access partner data are bound by confidentiality obligations. Access follows least-privilege principles and is governed by role-based backoffice controls.

Security measures

Syncora maintains tenant isolation, RBAC, API-key secured server integrations, short-lived widget tokens, and audit logging. See Security & Trust for the current control set.

Sub-processors

Syncora relies on a limited set of infrastructure and messaging sub-processors (hosting, email, SMS, and push providers). A current list is available on request from legal@syncoralab.com.

Data subject requests

Partner operators handle data subject requests as controllers. Syncora provides reasonable technical assistance to fulfil access, correction, and deletion requests relating to data hosted in the platform.

Deletion and return of data

On termination of the partner relationship, partner data can be exported or deleted according to the partner's written instructions and any applicable retention obligations.

Contact

DPA questions and sign-off requests can be sent to legal@syncoralab.com.

Ready to connect your casino platform?

See a live walkthrough of Syncora with your team.

Book a Demo