Trust, Security & Privacy

SyntheStudio is the app owner and controls page content, account access, integrations, and any data submitted through forms on this site. Our website is built and hosted on the Lovable platform, which provides the underlying infrastructure, managed database, authentication primitives, and edge runtime. Platform-level capabilities described below are provided by Lovable; how we use and configure them is our responsibility.

• Admin areas require sign-in; sessions are issued and validated by the platform's managed auth.
• Role-based access separates super-admin, admin, and content-editor permissions; sensitive configuration (such as payment gateway settings) is restricted to super-admin.
• Row-Level Security policies gate database reads and writes on a per-role basis. Public reads are limited to safe, non-contact fields.
• Passwords are never stored by SyntheStudio directly — credential handling is performed by the platform's authentication service.

The site runs on Lovable's managed infrastructure with an edge runtime for page delivery and a managed Postgres database for application data. Data in transit is served over HTTPS. Backups, patching, and physical security of the underlying infrastructure are handled by the platform provider.

• Contact submissions: name, email, and any message you choose to send via the contact form.
• Account data (admin/staff only): email address and role assignments used to access the admin area.
• Operational logs generated by the hosting platform for reliability and abuse prevention.

We use this data to respond to inquiries, operate the site, and improve our services. We do not sell personal information.

We rely on a small set of vendors to operate this site. The current list includes our hosting platform (Lovable) and its managed database/auth provider. When we add analytics, email, or payment processors we will list them here. If you need the current detailed subprocessor list for a procurement review, contact us at support@synthestudio.com.

We use only the cookies required to keep authenticated sessions working and to remember basic preferences. See our Cookies Policy for the full breakdown.

Contact form submissions are retained while they are useful for following up with you, and then removed on a periodic basis. Admin accounts persist while the account holder is active and are removed when access is no longer required. You can request deletion of your personal data at any time using the contact below.

To exercise privacy rights (access, correction, deletion, or to opt out of any future processing we add), email support@synthestudio.com from the address tied to your request. See our Privacy Policy and CCPA / CPRA notice for details specific to your region.

If you believe you've found a security issue affecting this site, please email security@synthestudio.com with a description of the issue and steps to reproduce. We will acknowledge receipt and work with you on a fix. Please give us a reasonable window to remediate before any public disclosure.

General questions about this page or our practices: support@synthestudio.com. For a full list of our policies, visit our Legal Center.