How we protect your data and how we use AI wisely — the things that matter most, in one place, in plain language.
This page is not a legal document. It’s a guide that explains, in plain language, the points of the Synomi Privacy Policy and the Synomi Terms of Service that matter most to you. Those two documents are the binding ones — you’ll find the details and the precise legal wording in their respective sections.
Under the GDPR (in the Netherlands: the AVG), Synomi acts in two roles:
The agreement covering how we handle your data (verwerkersovereenkomst — a data processing agreement) is built into the Synomi Terms of Service (section 9) — you don’t need to sign a separate document.
Under the GDPR / AVG you have the right to: access your data, have it corrected or erased (“the right to be forgotten”), restrict its processing, take it with you (data portability), object, and withdraw your consent at any time.
How do you use these rights? Email hello@synomi.ai — that’s all it takes. You also have the right to lodge a complaint with the Dutch supervisory authority: the Autoriteit Persoonsgegevens.
You can delete your account yourself, in the app (Profile → Delete account). You can also request deletion by email: write to support@synomi.ai from the email address linked to your account — before we start the procedure, we’ll confirm your request with a reply.
From that moment a 30-day grace period begins — during that time you can change your mind simply by logging in again. After 30 days your data is deleted permanently and irreversibly.
Before you delete, download your data (PDF/XML/Excel exports) — the obligation to keep your own accounting records for 7 years rests with you. Details: Privacy Policy, section 9.
Only trusted sub-processors, only for the features you actually use — and only the data without which a given feature simply wouldn’t work:
Transfers outside the European Economic Area rely on Standard Contractual Clauses (SCC). We do not sell data. The full list and details: Privacy Policy, section 6.
We use only essential technical cookies (logging in, security, preferences) — no analytics and no advertising cookies. Details: Privacy Policy, section 5.
From 2 August 2026 the EU's AI transparency rules (the AI Act) will apply across the Union — Synomi already meets these requirements today. At Synomi, artificial intelligence works in a few places: Daisy answers questions and suggests expense categories, Voice-to-Invoice turns your voice into an invoice, and OCR reads receipts and invoices from a photo.
Our overriding principle in every process is human in the loop — a human always has the final say, and everything requires your conscious approval. In practice:
Under the AI Act's classification, Synomi's features are limited-risk systems — none of them evaluates people or decides about credit, employment or anything of the kind. Which data is sent out for processing by the AI features (and that it is never linked to you) — see section 5.
NIS2 is the EU cybersecurity directive — implemented in the Netherlands as the Cyberbeveiligingswet, which will come into force on 15 August 2026. It directly covers medium and large organisations in key sectors. Synomi, as a small company, is not directly subject to it — and we say so openly, instead of pinning a fashionable label on ourselves.
There is another side, though: organisations covered by NIS2 must keep an eye on the security of their suppliers. If you or your client fall under NIS2 and need a supplier that won't be the weak link — here is what you'll find at Synomi:
Supply-chain security questions? Write to us: support@synomi.ai.
Synomi
's-Gravelandseweg 397
3125 BJ Schiedam, Nederland
Email: hello@synomi.ai
Support: support@synomi.ai
KvK: 64597237
BTW: NL002503698B85