Privacy Policy

Synthetix is an independent publication operated by Bruno Brizolara. Where privacy laws use terms such as controller, business, or controlador, Synthetix is the party that decides why the public site collects and uses the data described here.

Use hello@synthetix.ai for access, deletion, correction, portability, objection, opt-out, consent withdrawal, or other privacy requests. If a request depends on your jurisdiction, identity verification, or legal limits, we will handle it according to the applicable rule and the data we actually hold.

You can read the public content without creating an account. The public site collects data only when you submit a form, subscribe to the newsletter, choose a theme, trigger security checks, or when routine hosting and error-monitoring systems process technical request data.

Admin authentication is separate from ordinary readership. Supabase Auth cookies may be used on admin routes, but public readers are anonymous unless they submit a contact or newsletter form.

We use personal data to operate the site, send and manage newsletter subscriptions, respond to contact requests, prevent spam and abuse, keep admin access secure, diagnose errors, measure launch performance, and support monetization once ads and consent tooling are configured.

Where a legal basis is required, the likely bases are consent for newsletter signups, optional analytics, optional ad personalization, and non-essential cookies; legitimate interest for security, abuse prevention, error diagnostics, service reliability, and basic audience measurement; contract or pre-contract steps when responding to a request you send; and legal obligations where a law requires us to keep or disclose information.

Today, the public app uses the bb_theme cookie for theme preference and first-party browser storage for consent choices. Admin and authentication areas may use Supabase session cookies. GA4 and AdSense are not loaded until the visitor grants the relevant consent and production IDs are configured.

Before serving personalized Google ads to users in the EEA, UK, or Switzerland, the launch plan requires a Google-certified CMP integrated with the IAB Transparency and Consent Framework. Google publisher policies also require clear disclosure that Google and other ad technology providers may use cookies, web beacons, IP addresses, or other identifiers when ads are served.

If any non-Google ad network or additional Google ad technology provider is enabled, the production CMP or vendor list must identify that party and this policy should be updated before that provider serves ads.

The consent controls default Google Consent Mode v2 to denied for analytics storage, ad storage, ad user data, and ad personalization, then update those signals after the visitor chooses.

Synthetix relies on service providers to host the site, store data, send email, monitor errors, protect forms, and, after launch configuration, measure traffic and serve ads. These providers may process data in the United States or other regions.

We avoid promising a specific transfer mechanism unless it is confirmed for the vendor and account. The launch checklist should verify each production vendor's data-processing terms, region selection, sub-processors, and transfer safeguards before AdSense submission.

Depending on where you live, you may have rights to know what data is collected, access it, correct it, delete it, restrict or object to processing, withdraw consent, request portability, opt out of sale or sharing, limit certain sensitive-data uses, or complain to a privacy authority.

Newsletter emails include an unsubscribe path. Browser settings can block or delete cookies. If an ads/CMP layer is enabled, it must provide clear consent choices and revocation instructions for covered regions.

We keep personal data only as long as needed for the purpose collected, security, abuse prevention, legal obligations, dispute resolution, or a valid operational need. The current implementation does not support the older fixed retention claims that appeared in this page.

Newsletter confirmation links expire in app logic after seven days. Subscription records are kept while the status and unsubscribe token are needed to manage consent, delivery, and suppression. Contact messages and diagnostic records should be deleted or anonymized when they are no longer needed or after a valid deletion request unless an exception applies.

Synthetix is a general technical publication for developers and builders. It is not directed to children, and we do not knowingly collect personal data from children. If you believe a child provided personal data, contact hello@synthetix.ai so we can review and delete it where appropriate.

We may update this policy when site features, vendors, legal requirements, or launch configuration changes. The page will keep an updated date and version so readers can see when the policy changed.