← Back to Synclat

Synclat Ltd

Synclat Privacy Policy

Effective 11 July 2026 · Last updated 11 July 2026

Synclat Ltd ("Synclat", "we", "our" or "us") respects your privacy. This Privacy Policy explains how we collect, use, share and protect personal information when you use synclat.com, synclat.ai, our mobile interfaces, SABIA and our other services (together, the "Platform").

1. Who we are

Synclat Ltd is the controller of the personal information described in this policy.

  • Company number: 16430271
  • Registered office: 28a Whittington Road, London, N22 8YD, United Kingdom
  • Privacy contact: [email protected]

Privacy questions, rights requests and complaints should be sent to the privacy contact above.

2. Information we collect

Information you give us

We may collect:

  • your name, email address, telephone number, professional role and organisation;
  • account details, login information and profile preferences;
  • company, tax, payment and billing details;
  • catalogue and rights information, including artist and songwriter details, ownership shares, territories, ISRC, ISWC, IPI and other metadata;
  • music, audio, artwork, images, documents and other files you upload;
  • licence briefs, quotations, negotiations, approvals, contracts, signatures, cue-sheet information and transaction records;
  • messages, support requests, feedback, waitlist details and marketing preferences; and
  • prompts and information you submit to SABIA or another AI-assisted feature.

Please only provide personal information about another person when you are authorised to do so and have given them any required notice.

Information collected automatically

When you use the Platform, we may collect:

  • IP address, browser type, device and operating-system information;
  • login records, pages viewed, searches, clicks, listening activity and feature interactions;
  • cookie identifiers, preferences and analytics information; and
  • security, error, fraud-prevention and system logs.

Information from other sources

We may receive information from rights-holders, licensees, music supervisors, business partners, payment providers and publicly available sources. We may also analyse public streaming links from services such as Spotify, YouTube or Apple Music for internal music discovery and similarity matching. We do not redistribute or commercialise those links.

We do not intentionally collect special-category information, such as health, biometric, political or religious information. Please do not submit it unless we specifically request it and explain why it is needed.

3. How we use information

We use personal information to:

  • create and manage accounts;
  • host, organise, search and display authorised catalogues;
  • connect rights-holders, music supervisors, brands, agencies and other licensees;
  • operate music discovery, briefing, negotiation, licensing, signature, payment and reporting features;
  • provide SABIA and other AI-assisted search, metadata and recommendation tools;
  • process payments and prevent fraud;
  • respond to support requests and service messages;
  • send marketing or waitlist communications where permitted;
  • understand and improve Platform performance;
  • protect the Platform, users and rights-holders;
  • establish, exercise or defend legal claims; and
  • comply with tax, accounting, regulatory and other legal duties.

4. Our legal reasons for using information

Under UK data-protection law, we rely on:

  • Contract: to create accounts and provide discovery, licensing, payment and related services requested by you or your organisation.
  • Legitimate interests: to operate and improve the Platform, support users, analyse performance, protect security, prevent misuse and conduct appropriate business-to-business communications. We consider the impact on your rights before relying on this basis.
  • Consent: for waitlist communications, certain marketing, non-essential cookies and any optional processing that requires consent. You may withdraw consent at any time.
  • Legal obligation: to meet tax, accounting, fraud-prevention, regulatory, court-order and rights-claim requirements.

Where another lawful basis is required, we will identify it before processing the information.

5. SABIA and other AI features

SABIA helps users search music, interpret briefs, suggest metadata, compare tracks and prepare licensing communications. It may process prompts, catalogue metadata, public streaming links and authorised audio to provide these functions.

Synclat does not use uploaded catalogues or private audio files to train Synclat models, public AI models or third-party AI models. Catalogue content is processed only to provide authorised Platform services such as ingestion, tagging, discovery, matching and licensing.

Prompts and AI interaction logs may be processed by contracted AI service providers to return the requested output and may be kept for limited security, support and quality-control purposes. We require service providers to protect this information and use it only as authorised by Synclat.

AI output may be incomplete or inaccurate and should be reviewed by a person. SABIA is a decision-support tool. Synclat does not use SABIA to make solely automated decisions that have legal or similarly significant effects on individuals.

6. How we share information

We may share information with:

  • rights-holders, music supervisors, licensees and other users when needed for an interaction or licensing transaction;
  • infrastructure and hosting providers, including Vercel;
  • payment providers, including Stripe. Payment-card details are generally collected and processed directly by the payment provider;
  • email and newsletter providers, including Beehiiv;
  • AI service providers accessed through OpenRouter or similar contracted services;
  • analytics, security, customer-support, electronic-signature and professional-service providers;
  • banks, accountants, auditors, insurers, lawyers and advisers;
  • regulators, courts, law-enforcement bodies or other parties when legally required; and
  • a buyer, investor or successor in connection with a merger, financing, sale or reorganisation, subject to appropriate confidentiality and notice where required.

Service providers may only process information for agreed purposes and under appropriate contractual safeguards. Synclat does not sell or rent personal information.

When Synclat processes personal information solely on behalf of a business customer, that customer may be the controller and its privacy notice may also apply.

7. International transfers

Synclat operates internationally, and some providers or users may be outside the United Kingdom. When personal information is transferred to a country without UK adequacy regulations, we use an approved safeguard where required, such as the UK International Data Transfer Agreement, the UK Addendum to approved Standard Contractual Clauses, or another lawful mechanism. Where EU data-protection law applies, we may use the European Commission's Standard Contractual Clauses.

You may contact [email protected] for more information about safeguards relevant to your data.

8. How long we keep information

We keep information only for as long as needed for the purposes described above:

InformationNormal retention period
Waitlist informationUntil Platform access is offered or you ask us to delete it. If you join the Platform, relevant details become part of your account record.
Account and profile informationWhile the account is active and normally up to 24 months after closure.
Uploaded catalogue, audio and artworkWhile the account or catalogue agreement remains active. Withdrawn content is disabled and normally removed from active systems within 90 days, except where needed for an existing licence, dispute or legal duty.
Licensing, contract, signature, payment and tax recordsNormally up to six years after the transaction or relevant agreement ends.
SABIA prompts and AI interaction logsNormally up to 12 months for service, security and support purposes. Catalogues and private audio are not retained for model training.
Support messages and business communicationsNormally 12 months after the last interaction, unless they form part of a contract, dispute or legal record.
Security, fraud and technical logsNormally up to 24 months.
Marketing informationUntil you opt out or after 24 months without meaningful engagement. We may keep a minimal suppression record so we respect your opt-out.
Anonymised statisticsMay be retained indefinitely because they no longer identify an individual.

Deleted information may remain in protected backups until the normal backup cycle completes, usually within 90 days.

9. Cookies and similar technologies

We use essential technologies to operate accounts, security and Platform functions. With your permission, we may also use analytics and preference technologies to understand performance and remember choices.

We do not place non-essential cookies or similar technologies before obtaining consent unless a legal exception applies. You can accept, reject or change optional choices through the cookie banner or Cookie Settings. Browser controls may also remove or block cookies, but this may affect Platform functions.

The cookie banner provides current details about each technology, its provider, purpose and duration.

10. Your rights

Depending on the law and the circumstances, you may have the right to:

  • access your personal information;
  • correct inaccurate or incomplete information;
  • request deletion;
  • restrict or object to processing;
  • receive certain information in a portable format;
  • withdraw consent at any time; and
  • complain about how we use your information.

These rights are not absolute and legal exceptions may apply. Send requests to [email protected]. We may need to verify your identity. We respond without undue delay and normally within one month, subject to any lawful extension.

11. Privacy complaints

You may submit a privacy complaint by emailing [email protected] or writing to our registered office. We will acknowledge a complaint within 30 days, investigate it without undue delay, keep you appropriately informed and explain the outcome.

You may also complain to the UK Information Commissioner's Office:

If another country's privacy law applies, you may also have the right to contact your local data-protection authority.

12. Security

We use appropriate technical and organisational measures designed to protect personal information. These include access controls, authentication, encryption in transit and at rest where appropriate, monitoring, backups, data minimisation and incident-response procedures.

No online service can guarantee absolute security. Please use a strong password, protect your login details and contact us if you suspect unauthorised account access.

13. Age requirement

The Platform is intended only for people aged 18 or older. We do not knowingly collect personal information from children. If you believe a person under 18 has provided information to us, contact [email protected] so we can investigate and delete it where appropriate.

14. Third-party services

The Platform may link to third-party websites or services. Their privacy practices are governed by their own notices, and Synclat is not responsible for their independent processing.

15. Changes to this policy

We may update this policy when our services, providers or legal duties change. We will post the revised policy with a new "Last updated" date and provide additional notice of material changes through the Platform or by email where appropriate.

16. Contact us

For privacy questions, rights requests or complaints:

Synclat Ltd
Company number 16430271
28a Whittington Road
London, N22 8YD
United Kingdom
Email: [email protected]