Legal

Terms of Services
  • Limited Product Warranty
  • Package Center
  • Pre-Release Program Agreement
  • Software EULA
  • Synology Account
  • Website Terms of Use
Privacy
  • Cookie Policy
  • Privacy Statement
  • Services Data Collection Disclosure

Services Data Collection Disclosure

This Services Data Collection Disclosure applies to Synology-provided services offered on Synology websites, Synology-branded applications, services provided from physical Synology products ("Synology Devices"), and digital or physical services directly offered by Synology unless stated otherwise. A list below details the data collection of Services provided.

  • Synology Account
  • Package Center
  • Package Activation
  • Payment
  • C2
  • Device Analytics
  • Device Network Mapping
  • Marketing Events and Promotional Events
  • QuickConnect and Synology DDNS
  • Technical Support
  • Synology Application Service
  • Push Notifications
  • Mobile Applications
  • Alexa Services
  • DSM Configuration Backup
  • Active Insight

Synology Account

A Synology Account is the personal account you use to access Synology services, such as QuickConnect, Synology DDNS, Technical Support, Package Activation, Active Insight, and DSM configuration. You will need to associate your Synology Account with your NAS device to enable those Synology services. Data collected by corresponding Synology services can also be found on this Service Data Processing Policy. Please read the relevant sections for more information.

By creating a Synology Account, you will automatically receive our eNews from time to time. You may choose to opt-out from our eNews Service by changing the settings on your Synology Account newsletter page or by clicking on the "unsubscribe" link in the corresponding newsletters. However, if you are an EU resident other than a business user, you will only receive our eNews when your consent is validly provided and you may withdraw your consent at any time by using the methods described above.

When you create a Synology Account, we may collect a variety of information, including your name, mailing address, phone number, email address, device identifiers, IP address, and location information to help facilitate communications and provide services to you. If you purchase our package license, we will collect your payment information, and you can find your purchase history on your Synology Account payment page. For more information, please read our payment section.

Please note that if you reside in the Chinese Mainland, your phone number will be used to verify your identity. We will use a third-party to send you a verification code when you create your Synology Account.

Synology Account websites may use "cookies" to help us better understand user behavior and to improve user experiences when you revisit our websites. For more information, please read our Cookie Policy.

Synology does not use your information for any other purpose.

Synology does not share your information unless otherwise specified for the particular service.

You may delete your Synology Account at any time. However, we may be unable to provide you certain services afterward. Account deletions, including all the associated data with the specified account, are irreversible. Synology may retain payment data for financial purposes, including but not limited to tax reporting, auditing, and inventory purposes.

Package Center

Synology collects package download information from your Synology device in order to help us understand how we can better improve our devices and software. When a Synology device issues a download request to Package Center, Synology's database will record the action with a unique ID. This ID is used only to identify download activity in Package Center. None of this information contains any of your personal information or metadata pertaining to your files. Package Center does not track or record your device's serial number, MAC address, or IP addresses for uses that do not require additional licenses.

Licensing

Purchasing package licenses, whether a single, subscription-based, or in-app purchase, requires a Synology Account*. We will collect certain information from your Synology device for licensing purposes, including product serial number, IP address, MAC address, and registered Synology Account. We store this information to verify your license when it is applied to a Synology device.

Activating and updating packages will usually require an Internet connection to our servers. We identify your Synology device with a unique device ID.

For record-keeping and future troubleshooting, we may keep track of information such as whether the update was successful or not. We may use the information collected through activation or updates to validate your license status.

Synology only shares aggregated statistics that do not contain personal information to our partners, licensors, and licensees.

Applicable to:

Synology-published
  • exFAT Access
  • McAfee Antivirus
  • MailPlus Server
  • Presto File Server
  • Virtual DSM
  • Virtual Machine Manager Pro
  • VPN Plus

* Surveillance Station licensing does not require a Synology Account

Third-party
  • sMedio DTCP Move
  • DiXiM Media Server

Third-Party Packages

Synology Package Center is a platform that enables other developers to publish their applications for use on Synology devices. Packages distributed or published by third-party developers may collect additional information regarding you or your device. Synology requires third-party developers to be transparent about all practices. However, Synology does not control or have the capability to completely verify claims, nor is Synology responsible for any practices performed by third-party packages. When you install third-party packages, you should read and understand the end-user license agreements (EULA), privacy statements/policies/notices, and terms of use/service that may be presented to you.

Users should contact the third party directly for any questions or problems you have in using third-party packages.

Certain third-party packages may utilize Synology's Package Center for payment services. Synology will collect the same information as listed in the "Payment" section. Synology does not disclose your personal information to third parties and only presents the information as an aggregated figure.

Third-party packages may include their own subscription or payment services that are not controlled by Synology.

Synology only shares aggregated statistics that do not contain personal information to third-party developers.

Package Activation

Data we collect

To activate certain Synology-published packages, your Synology Account is required to complete the activation. Synology collects device-specific information and information from your Synology Account such as hardware model name, user's type (business or home), data storage location, and company name.

Applicable to:

Synology-published
  • Active Backup Series
    • Active Backup for Business
    • Active Backup for G Suite
    • Active Backup for Microsoft 365

How we use your data

Synology encrypts the raw data received and then analyzes it to produce human-readable results, to help us provide better service/software for you in the future. The raw data is never shared with any third parties. Package activation does not track your device's serial number, MAC, or IP addresses.

How we store your data

Synology employs industry-standard encryption practices to safely protect your raw data. Even in the event of a breach, the data collected cannot be used to identify you. Synology restricts access to both the raw and aggregated data by specific employee roles. Data collected is deleted when the relevant Synology Account is deleted.

Payment

Data we collect

To make a purchase, Synology will collect the information you provide, including your name, billing address, phone number, IP address, client user-agent, VAT, and payment method to process the transaction. Synology does not directly handle your payment methods, such as your credit card number and CVC.

How we use your data

Synology uses a third-party processor, Stripe, Inc., to securely handle your payment method and to calculate and report taxes. Stripe uses and processes your complete payment information in accordance with Stripe's privacy policy. All data shared with Stripe is protected in the manner described in the "Data Controllers, Contracting Parties, Transfer of Data" section of this Statement.

Synology only uses the information we collect from the payment process to complete transactions, generate receipts, report taxes, and for financial and legal auditing purposes. We do not share or use this information for any other purpose.

How we store your data

Your purchase history, even if refunded or canceled, will be stored for a minimum of four years per legal requirements imposed on Synology and its subsidiaries. Synology will retain this history, including your billing information, for an indefinite period in the following situations; If the order contains a perpetual license, a license renewal, a physical item, extended support, or is needed for financial or legal purposes. Our payment processors and tax reporting providers may additionally be subjected to other legal obligations.

Synology generates a receipt that is made available on your Synology Account for each transaction.

By deleting your Synology Account, you will be forfeiting all purchased licenses. Synology will remove your transaction history after the minimum storage period based on our legal obligations.

C2

Data we collect

Synology C2 service is a cloud service operated by Synology. C2 service requires a Synology Account. We collect payment information from you to clear the transaction and provide the service to you. You should refer to the "Payment" section for more information.

For each C2 service, the types of data we will collect, and the use of your data are described as follows:

  • C2 Storage stores data that you upload or sync from your Synology NAS devices. For Hyper backup, you may choose to encrypt the data prior to uploading it. For Hybrid Share, the data is encrypted before uploading.
  • C2 Backup stores Your Content (as defined in C2 Terms of Service) that you back up from your source device or cloud services and is fully encrypted. For cloud services backup, in order to provide search feature and backup service, we only collect and encrypt on our server the essential personal data, including but not limited to name and email account, as well as the index information of Your Content, e.g., mail sender and metadata. For device backup, device metadata and device IP are also collected to provide backup service. For cloud services, user related data including name and email account are collected with encryption to provide backup service. Other usage information generated by using the C2 Backup service, such as backup policy setting or device amount and other unidentifiable information, will not be encrypted and are collected and will solely be used for the purpose of improving the service experience and adding new features.
  • C2 Transfer stores data that you uploaded for a transfer task and data uploaded to your storage. Such data, including the file content and file name, uploaded by you are completely encrypted at your endpoint before being stored onto our platform. The receiver phone / email will be hashed and used for OTP verification, and will be stored on our platform until the transfer task is removed from your account. In order to provide log records, IP addresses of Users (as defined in C2 Terms of Service) will also be collected and encrypted on our server. Other usage information generated by using the C2 Transfer service, such as link expiration time, file size and other unidentifiable information, will not be encrypted and are collected and used for the sole purpose of improving the service experience and adding new features.
  • C2 Identity collects Your Content (as defined in C2 Terms of Service) and the metadata of the devices registered to C2 Identity, such as hostname, IP, serial number, operation system and version, storage usage, system uptime, and disk encryption status. Our collection of both these types of data enables us to provide the C2 Identity Service. Other usage information generated by using the C2 Identity service, such as the user count of each status, the registered device count of each status, group count, application count, link expiration time, file size and other unidentifiable information, will not be encrypted and are collected and used for the purpose of improving the service experience and adding new features.
  • C2 Password collects all data created, uploaded and stored by you in encrypted format within Your C2 Password account. We have no way of accessing decrypted versions of these data. The encrypted data include but is not limited to attachments, passwords, payment cards, personal identities, bank accounts, router information, and secure notes. Other usage information generated by using the C2 Password service, such as server logs, billing information, IP addresses, make and model of your device, number of items shared and, in the vaults, account email, profile name, and other unidentifiable information, will not be encrypted and are collected and used for the purpose of improving the service experience and adding new features.

How we use your data

Synology only uses data you provide to us to offer you the C2 service that you order from us. We do not access or analyze the data you upload, except that, as stated above, for the cloud service backup, we will access part of Your Content to provide service and search feature. Apart from C2 Backup, other C2 services will not access the data you upload. To provide service stability and optimize user experience, Synology may analyze non-personal identifiable service usage information that cannot be used to identify you or your device.

How we store your data

Synology C2 service supports full encryption of your files. Your data is protected with industry-standard encryption practices. Your files will never be accessed by our engineers unless a specific technical support request is made by you and requires us to do so. Your data is stored until the end of your subscription. A "grace period" is defined by the Synology C2 Terms of Service. If you choose to delete your Synology Account, your data and subscription status for Synology C2 will be forfeited and removed.

Device Analytics

Device analytics, or usage information sharing, is an opt-in* option that you may enable in Synology's DSM or SRM operating system. In DSM, we develop our own tool to understand the usage trends of DSM. In SRM, we use Google Analytics, a web analytics service provided by Google, Inc. ("Google"), to understand the usage trends of SRM. You can opt-out any time by disabling the device analytic function in the control panel both in DSM or SRM.

* As of May 22, 2018, Synology no longer collects data from DSM 6.1.6 and earlier versions, 6.2 Beta, and Preview versions, or any SRM 1.1.x versions even if the option is enabled.

Data we collect

Synology collects usage information from your Synology device in order to help us understand how we can better improve our devices and software. The data we collect does not contain information that can directly identify you, the user. Your Synology device will send to us, for example, information on the settings of the Internet environment, the operating system, and packages. Additionally, we may collect information on how you interact with certain functionality or user interface elements. Synology device analytics does not track your device's serial number, MAC, or IP addresses.

How we use your data

The raw data will be encrypted and then analyzed to produce human-readable results. The raw data is never shared with any third parties. Synology engineers and product management teams may utilize aggregated information to analyze usage trends to make informed decisions on our future products, applications, and services. In very select cases, Synology may elect to share a very small subset of these aggregated statistics with select partners. The information we share with partners is strictly aggregated results and anonymous.

How we store your data

Your raw data is protected with industry-standard encryption practices. Even in the event of a breach, the data collected cannot be used to identify you or your device. Synology retains device analytics data for up to three years in order to generate statistics. Synology restricts access to both the raw and aggregated data by specific employee roles.

Device Network Mapping

Data we collect

By enabling this service, you can easily find Synology devices on your network in order to connect to them. Synology will use devices that enabled this option to scan your local network when you access "find.synology.com" or "router.synology.com" to list devices on your network. If you disable this option, you will be unable to find devices that have already been set up unless you remember their IP addresses or have already set up your own domain and/or QuickConnect or Synology DDNS service. Synology stores your devices' public and private IP addresses and your devices' Serial Number.

How we use your data

Synology only stores information to help you easily identify devices on your network when you access "find.synology.com" and "router.synology.com". Synology does not use this information for any other purpose. We do not share this information.

How we store your data

Unless there is a technical issue with the system or a technical support request, Synology employees do not have access to the database. Data collected by this method are automatically deleted after six months of inactivity.

Marketing Events and Promotional Events

Data we collect

Synology hosts events such as webinars, workshops, and product launches. You can sign up to join one of these from Synology's website. Registration may require a Synology Account, as well as may require additional survey information depending on the event. Synology collects, and stores information related to you that is available from your registration and from the survey.

Some events may be hosted by a third party. With your consent, event hosts may share event attendees' information to their sponsors. In events where Synology is a co-host or sponsor, we may receive participants' information from event hosts.

Some events may have registration fees, payment methods and personal information processed by Synology will be handled by the Payment section.

How we use your data

Synology may contact you through email or other communication protocols with information regarding the registered event and/or about service-related issues.

How we store your data

Your information is securely stored and only available to event organizers. Synology retains event participation information for at least four years due to legal obligations that are imposed on Synology and our subsidiaries. The actual storage period may differ depending on the host(s), venue, location, and type of event.

If you would like to remove your information after the event, you may choose to delete your Synology Account. As some information is required for certain events, this may limit our ability to provide services or allow you attendance. You may also elect to unregister from the event if you no longer wish to attend.

For events hosted that do not require a Synology Account, please contact Synology. Synology may request additional information to confirm your identity.

QuickConnect and Synology DDNS

Data we collect

QuickConnect and Synology DDNS are free connection services provided by Synology. Users who wish to utilize these services must have a Synology Account. Synology collects certain information from your Synology device, including product serial number, IP address, and routing ports in order to provide the services to you.

How we use your data

Synology uses the collected data to identify, authenticate, and provide Synology devices with QuickConnect and Synology DDNS services. In addition, to secure the connection to your DSM with HTTPS, your QuickConnect and/or Synology DDNS domain will be passed to Let's Encrypt, a third-party certificate authority, to generate an SSL certificate. For details on how Let's Encrypt uses your data, please refer to Let's Encrypt Privacy Policy.

Synology may be required to share your information to the extent necessary to comply with ICANN or any ccTLD rules, regulations, and policies when you register a domain name with us.

How we store your data

Unless there is a technical issue with the system or per a technical support request, Synology employees do not have access to the database. Users who signed up for the services may end the service at any time. Data collected is deleted when the relevant Synology Account is deleted.

Technical Support

Data we collect

You may request Synology Technical Support assistance through our website, live chat, or by phone. Submitting a Technical Support form requires a Synology Account. Synology collects and stores the information therein that is necessary for investigation of and providing response and resolution to your technical support request.

When you make a phone request to Synology's Technical Support hotline, our technical support agent will ask for your consent on phone recording at the beginning of the conversation. Your personal information, including name, email, telephone number, and detail on your Synology product will be recorded in our systems. You may view, track, respond to your Technical Support ticket via your Synology Account. If you don't have a Synology Account, Synology's technical representative will create a temporary account. You must enable it to track ticket status and to receive follow up information.

You may be requested to upload system log files to Synology. The mentioned system log files are only for the use of Synology to investigate and resolve your technical support request. The information within the mentioned system log files may contain essential data of your Synology Devices, including but not limited to the serial numbers, MAC addresses, and IP addresses.

In some cases, you may be requested to provide remote access information. Synology technical support agents together in some cases with Synology software engineers may utilize the credentials provided to directly access your device.

When a device replacement or spare part is requested, you will be required to provide a valid shipping address. In certain cases, you may be asked to provide payment for support services, shipping charges, or spare parts.

How we use your data

When you submit a Technical Support form in your Synology Account, you are required to provide the essential product information that is needed to investigate, respond to, and resolve your technical support request. During the investigation, Synology may request additional information that is required to resolve the matter. Depending on the complexity and the severity of the request, the support ticket may be escalated to parties within Synology to investigate, respond to, and resolve your request. The information revealed to involved parties is strictly limited. Synology restricts access to both the raw and aggregated data by specific employee roles.

Synology only uses the information we obtain from technical support requests to resolve your issue. After removing your personal information, we may use some of the technical details to generate bug reports if the problem was previously unknown to implement a solution for our products.

If shipping is required, your shipping address and contact information may be passed to third-party logistics partners.

How we store your data

Synology restricts access to both the raw and aggregated data by specific employee roles.

When you upload files for your support ticket, Synology will retain them for up to 90 days after the ticket has been resolved.

When you provide remote access information, Synology will retain it until the ticket has been resolved.

Synology keeps communication and survey records for a minimum of three years for internal auditing and statistical purposes. If you wish to remove your personal information from our systems, you may choose to delete your Synology Account. We may choose to retain technical details of the problem, such as steps to reproduce it, the technical details of the environment, and what steps were taken to resolve it.

Synology will keep all shipping records for internal auditing and inventory control purposes indefinitely.

Synology Application Service

Data we collect

Synology Application Service collects the message contents you create in MailPlus, Synology Chat, and other supported applications and transmits them to Synology SNS server and push services of Apple, Google, or Mozilla, in order to notify the recipients about new messages on browsers or mobile apps. Additionally, the browser and device information of client devices will be collected and transmitted to the Synology SNS server and third-party push servers. This is done to pair the message content with the correct device. None of this data contains any of your personal information, and Synology does not track your device's serial number, MAC addresses, or IP addresses.

How we use your data

All the message contents transmitted to Synology SNS server and third parties are encrypted by Synology Application Service, ensuring your personal data is not accessible to others. The browser and device information of client devices is only used for pairing.

How we store your data

All the data collected by Synology Application Service will be removed immediately on Synology SNS server after they are transmitted to the third-party push services, so no data will be stored by Synology.

Push Notifications

Data we collect

Synology collects device-specific information (such as your hardware model, serial number, unique device identifiers, DiskStation ID, and notification destination device ID, token for push notification, and email).

How we use your data

Synology uses the information collected from your devices in order to complete the push notification process from source to destination. The notification from DSM/SRM/Surveillance Station will be kept for seven days, for recalling previous notifications.

How we store your data

The record used to identify the NAS is stored permanently. The NAS cannot be identified from the transmitted information. Notifications are discarded after being sent, excluding the seven-day retention period on the NAS.

Mobile Applications

Data we collect

Synology collects operating system information from your mobile device in order to help us customize content for particular Synology devices if you enable usage data sharing or device analytics on your Synology device. The data we collect does not contain information that may identify you, the user.

Synology uses Google Analytics for Firebase to collect Synology mobile applications ("Apps") usage data and generates a usage statistics report. For example, the Apps usage data includes, but is not limited to, the type of mobile device you use, and the way you use the Apps. The statistics report is generated by aggregating App usage data. The statistics report does not contain information that may identify you, the user.

If the Apps crash when you are using, Firebase also generates a crash report for us including system information, software versions, and crash logs. The crash report does not contain information that may identify you, the user.

Synology collects device information from the Apps supporting push notifications (app name, app version, and the push notification message). Please refer to the Push Notification and/or Synology Application Service sections for more information.

In the mainland of China, Synology Photos and Synology Moments use Baidu Maps SDK, a mapping service provided by Baidu, Inc., for the purposes of displaying the geographic information of photos on your device. Your device's MAC address will be collected by Baidu, Inc. to perform the mapping functionality. For details on how Baidu Inc. uses your data, please refer to Baidu's Privacy Policy.

How we use your data

Synology leverages aggregated application statistics from Firebase tool, Apple, or Android store platforms to better understand our user distribution. You can opt-out any time by updating your preferences in the settings of iOS or Android devices.

Synology collects crash reports from Firebase to only improve quality and to further develop our products and services. Crash information helps us to investigate problems and better understand what triggers them. You can opt-out any time by disabling the analytic feature in the setting of the iOS or Android devices.

How we store your data

Synology retains statistics reports and crash reports for up to 14 months in order to generate useful information. Synology restricts access to both statistics reports and crash reports by specific employee roles.

Alexa Services

Data we collect

Synology collects the address and OAuth information of your Synology device, in order to authorize your NAS to complete the account linking process required for the Amazon Alexa service.

How we use your data

Synology only stores information to authorize the Amazon Alexa service to access your NAS content, such as by enabling the Audio Station Skill to allow Amazon Alexa to access your music in Audio Station. Synology does not use this information for any other purpose. We do not share this information.

How we store your data

Data collected by this method are automatically deleted after six months of inactivity.

DSM Configuration Backup

Data we collect

DSM configuration backup is a service that backs up the configuration settings of your NAS device, ensuring that the settings can be imported in events of restoration or upgrade. You can opt-in DSM configuration backup in the initial installation process of DSM or later on in DSM Control Panel. The configuration data we collect may include your shared folder settings, user and admin group settings, security settings, network settings, login portal settings, regional options settings, application privileges settings, email addresses, and notification settings.

How we use your data

Synology periodically collects configuration data of your NAS devices in order to provide the DSM configuration backup and recovery services. You can opt-out anytime in the Control Panel.

How we store your data

Synology employs industry-standard encryption practices to safely protect your configuration data. Even in the event of a breach, the data collected cannot be used to identify you or your device.

Your data is stored as long as you enable the DSM configuration backup service. If you choose to disable your DSM configuration backup service, we will keep your configuration data for up to 180 days.

Active Insight

Data we collect

Synology collects operation data of your NAS devices in order to offer resource analytic, issue-tracking, Technical Support, and also to improve our devices and software (collectively "Active Insight Service"). The operation data we collect includes device analytic data, NAS serial numbers, IP addresses, and QuickConnect ID. We also collect email addresses to send you notifications and event reports. After you enable Active Insight, you can access the Active Insight web portal to review the performance of NAS devices in real-time. The Active Insight web portal will retain your login activities for up to one year for security purposes. The login activities include user names, hostnames, and IP addresses.

Please note that Active Insight Service works by only collecting device operation data. The files you stored in your NAS devices will not be collected or accessed by Synology.

Active Insight web portal may use "cookies" to help us better understand user behavior and to improve user experiences when you revisit our websites. For more information, please read our Cookie Policy.

How we use your data

Synology uses the data collected from your devices to offer Active Insight Service. We will periodically remove the correlations between the device analytic data and other identifiable data such as NAS serial number, IP address, e-mail address, and QuickConnect ID. The device analytic data cannot be traced back to you without the correlations with other identifiable data and will be integrated with peers' device analytic data to generate an aggregated report to provide device abnormality notification and improve our services.

You can opt-out anytime by disabling the Active Insight feature in your DSM control panel or in the Active Insight web portal. If you choose to disable your Active Insight feature from the DSM Control Panel, we will keep your identifiable data for up to 30 days. If you choose to disable your Active Insight feature from the Active Insight web portal, your identifiable data will be deleted immediately. After the removal of your identifiable data, the remaining device analytic data will be used to generate the aggregated report to help us to improve our services.

How we store your data

Synology periodically deletes the identifiable data in order that the device analytic data collected cannot be used to identify you or your device. Synology restricts access to raw and aggregated data to only specific employee roles. Identifiable data collected are deleted along with the deletion of the relevant Synology Account.

What can we do for you?

NAS Selector

NAS Selector

RAID Calculator

RAID Calculator

NVR Selector

NVR Selector

Knowledge Center

Knowledge Center

Downloads

Downloads

Community

Community

NAS Selector

NAS Selector

RAID Calculator

RAID Calculator

NVR Selector

NVR Selector

Knowledge Center

Knowledge Center

Downloads

Downloads

Community

Community
Company
  • About Synology
  • Blog
  • Newsroom
  • Media Coverage
  • Customer Stories
  • Office Locations
Sales
  • Where to Buy
  • Contact Us
  • Become a Partner
Compatibility
  • HDD/SSD
  • IP Camera
  • Router
  • Network Card
  • I/O Module & IP Speaker
  • Other Devices
Resources
  • Beta Program
  • Bounty Program
  • Community
  • Events
Copyright © 2021 Synology Inc. All rights reserved. Terms & Conditions | Privacy | Cookie Preference
United States - English