Start free trial

Start free trial

LEGAL

Cookie Policy

Last Updated

COOKIE POLICY
Version 3.0
Effective Date: February 23, 2026
Last Updated: February 23, 2026
SYNTARI AI, INC.
855 Boylston Street, Suite 1000
Boston, MA 02116
Privacy Team: privacy@syntari.ai | Data Protection Officer: dpo@syntari.ai

  1. INTRODUCTION
    1.1 What Are Cookies and Similar Tracking Technologies?
    Cookies are small text files placed on your device when you visit a website or use an application. Similar tracking technologies include web beacons, pixels, tags, and local storage mechanisms. These technologies are widely used to make websites and applications function efficiently, provide analytics information, enable personalized experiences, and support legitimate business interests.
    1.2 Why We Use Cookies and Tracking Technologies
    Syntari AI, Inc. ("Syntari," "we," "us," "our") uses cookies and similar technologies to:
    ● Ensure our Services function properly and securely
    ● Remember your preferences and settings
    ● Understand how you use our Services
    ● Improve user experience and service quality
    ● Provide secure authentication and session management
    ● Support AI-powered personalization and feature optimization
    ● Detect and prevent fraud, abuse, and security threats
    ● Comply with legal obligations and regulatory requirements
    ● Monitor AI provider compliance and abuse prevention

1.3 Scope and Applicability
This Cookie Policy applies to:
● syntari.ai and all subdomains and affiliated domains
● Syntari AI mobile applications (iOS, Android)
● Our SaaS platform and management consulting dashboard
● Marketing websites and landing pages
● Email communications and marketing campaigns
● Any services where we use cookies or similar technologies

1.4 AI-Native Platform Considerations
Syntari AI is an AI-native management consulting platform that leverages advanced AI models from third-party providers (Anthropic, OpenAI, Google) to deliver consulting insights and analysis. Our use of cookies includes tracking related to AI feature usage, model preferences, and AI-powered personalization. Please note that AI providers may independently use cookies or similar technologies for abuse monitoring and safety purposes, as disclosed in Section 7.2.
2. TYPES OF COOKIES AND TRACKING TECHNOLOGIES
2.1 Cookies by Duration
Type Description Examples
Session Cookies Deleted automatically when you close your browser; temporary in nature Authentication tokens, CSRF tokens, session IDs
Persistent Cookies Remain on your device until they expire or you manually delete them Preference settings, analytics IDs, language preferences

2.2 Cookies by Source
Type Description
First-Party Cookies Set by Syntari AI directly on our domain
Third-Party Cookies Set by our partners, service providers, and AI platform providers

2.3 Essential Cookies (Strictly Necessary)
These cookies are required for core functionality and cannot be disabled without impairing service operation.
Cookie Name Purpose Duration Type Legal Basis
__syntari_session Session management and user tracking Session First-party Legitimate Interest
__syntari_auth Authentication and account verification 24 hours First-party Legitimate Interest
__syntari_csrf Cross-Site Request Forgery protection Session First-party Legitimate Interest
__syntari_consent Cookie consent preferences and user choices 1 year First-party Consent
__syntari_secure Security token and session encryption Session First-party Legitimate Interest
__syntari_platform_id Platform instance and deployment identifier 1 year First-party Legitimate Interest
Legal Basis: These cookies are necessary for the legitimate operation of our Services and are exempt from consent requirements under GDPR Article 82 and ePrivacy regulations.
2.4 Functional Cookies (Preferences & AI Features)
These cookies remember your choices, preferences, and AI feature configurations. These are classified as non-essential and require your consent.
Cookie Name Purpose Duration Type Legal Basis
__syntari_lang User language preference selection 1 year First-party Consent
__syntari_theme UI theme preference (light/dark mode) 1 year First-party Consent
__syntari_timezone User timezone configuration 1 year First-party Consent
__syntari_prefs Dashboard and interface preferences 1 year First-party Consent
__syntari_ai_session AI feature usage tracking and session state Session First-party Consent
__syntari_model_pref AI model preference (Claude, GPT-4, Gemini) 90 days First-party Consent
__syntari_feature_flags Feature availability and beta feature tracking 30 days First-party Consent
__syntari_ai_personalization AI-powered personalization settings 1 year First-party Consent

2.5 Analytics Cookies (Performance & Behavior)
These cookies help us understand how our Services are used and optimize performance. These require your consent.
Cookie Name Purpose Duration Type Legal Basis
_ga Google Analytics 4 unique user identifier 2 years Third-party Consent
_gid Google Analytics session identifier 24 hours Third-party Consent
_gat Google Analytics request throttling 1 minute Third-party Consent
__syntari_analytics Internal Syntari usage analytics 1 year First-party Consent
__syntari_perf Performance monitoring and latency tracking 30 days First-party Consent
__syntari_ai_usage AI feature usage metrics and engagement tracking 1 year First-party Consent

2.6 Marketing Cookies (Advertising & Remarketing)
These cookies are used for targeted advertising and remarketing campaigns. These require your consent and can be disabled without affecting core functionality.
Cookie Name Purpose Duration Type Legal Basis
_fbp Facebook Pixel tracking for ad targeting 90 days Third-party Consent
_gcl_au Google Ads conversion tracking and attribution 90 days Third-party Consent
li_sugr LinkedIn Insight Tag for professional targeting 90 days Third-party Consent
__syntari_utm Campaign source and marketing attribution 30 days First-party Consent
__syntari_content_preference Content recommendation and personalization 1 year First-party Consent

  1. SIMILAR TRACKING TECHNOLOGIES
    3.1 Local Storage and IndexedDB
    We use browser local storage and IndexedDB for:
    ● Caching application data and offline functionality
    ● Storing non-sensitive user preferences and settings
    ● Persisting AI feature configurations and model preferences
    ● Improving application performance and load times

3.2 Session Storage
Session storage is used for temporary data during your session, including form data, navigation state, and transient AI interaction state.
3.3 Web Beacons, Pixels, and Tags
We use tracking pixels and web beacons in:
● Email marketing campaigns to track opens and clicks
● Marketing landing pages to measure campaign effectiveness
● Application pages to track feature usage and engagement
● Third-party advertising platforms for conversion tracking

3.4 Device Fingerprinting and Cross-Device Tracking
We collect device information for:
● Security and fraud prevention
● Account protection and abuse detection
● Service optimization and performance analysis
● Cross-device experience continuity (with consent)
We explicitly DO NOT use device fingerprinting for:
● Tracking across unrelated third-party websites
● Building comprehensive advertising profiles without consent
● Circumventing user cookie choice signals

3.5 Server-Side Tracking and Event Logging
In addition to client-side cookies, we implement server-side tracking for:
● User activity logging and event analytics
● AI feature usage monitoring and performance metrics
● Security event logging and fraud detection
● Service reliability and infrastructure monitoring
Server-side data is subject to the same retention and privacy controls as cookie data.
4. PRIVACY FRAMEWORKS AND COMPLIANCE
4.1 IAB Transparency and Consent Framework (TCF) v2.2
We comply with the Interactive Advertising Bureau's Transparency and Consent Framework version 2.2 (TCF v2.2) in EEA markets. This framework establishes standardized disclosure and consent mechanisms for digital advertising. Our consent banner displays our legal basis, purposes, and the list of vendors involved in data processing, consistent with TCF v2.2 specifications.
4.2 Google Privacy Sandbox and Topics API
As Google Chrome continues to phase out third-party cookies in favor of Privacy Sandbox technologies, we are evaluating and implementing Federated Learning of Cohorts (FLoC) alternatives and Google's Topics API for interest-based advertising. These technologies aggregate user behavior into privacy-preserving cohorts rather than tracking individual users. We will disclose when these technologies are active on our properties.
4.3 EU AI Act Transparency Obligations
Syntari AI operates as a high-risk AI system under the EU AI Act and is subject to transparency and explainability obligations. Our cookie tracking for AI feature usage, model preferences, and AI-powered personalization serves to fulfill the Act's requirements for:
● Monitoring AI system performance and user satisfaction
● Detecting and addressing AI-related risks and errors
● Maintaining audit trails for AI decision-making
● Enabling user transparency and explainability requests
Our use of AI-specific cookies (__syntari_ai_session, __syntari_model_pref, __syntari_ai_usage) is disclosed to fulfill these regulatory obligations.
4.4 ePrivacy Regulation Readiness
We maintain readiness for enforcement of ePrivacy regulations including the ePrivacy Directive and national implementations. This includes:
● Explicit opt-in consent for non-essential cookies before deployment
● Prohibition of cookie walls that coerce consent for service access
● Respect for Global Privacy Control signals and Do Not Track preferences
● Clear withdrawal of consent mechanisms matching the ease of initial consent

  1. MANAGING YOUR COOKIE PREFERENCES
    5.1 Cookie Consent Banner
    When you first visit our website, you will see a granular cookie consent banner where you can:
    ● Accept all non-essential cookies (Functional, Analytics, Marketing)
    ● Reject all non-essential cookies
    ● Customize your preferences by individual category
    ● Opt-in or opt-out of specific cookies within each category
    Essential cookies cannot be disabled as they are required for service operation.
    5.2 Cookie Preference Center and Granular Controls
    You can change your preferences at any time through multiple channels:
    ● Click the "Cookie Preferences" link in our website footer
    ● Visit syntari.ai/cookie-preferences for our Preference Center
    ● Update settings in your Syntari AI account dashboard
    ● Withdraw consent by contacting privacy@syntari.ai
    Our Preference Center allows granular, per-cookie opt-in/out controls, enabling you to accept some cookies within a category while rejecting others.
    5.3 Browser-Level Cookie Controls
    Most browsers allow you to manage cookies directly:
    Browser Settings Location
    Chrome Settings > Privacy and Security > Cookies and other site data
    Firefox Settings > Privacy & Security > Cookies and Site Data
    Safari Preferences > Privacy > Cookies and website data
    Edge Settings > Privacy & Security > Cookies and other site data

Browser-level controls allow you to:
● View, manage, and delete cookies from specific sites
● Block all cookies or only third-party cookies
● Clear cookies automatically when you close the browser
● Block cookies from specific domains

5.4 Third-Party Opt-Out Mechanisms
For third-party cookies set by analytics and advertising partners, you can opt out directly:
Provider Purpose Opt-Out Link
Google Analytics Usage analytics and conversion tracking tools.google.com/dlpage/gaoptout
Google Ads Display and search advertising adssettings.google.com
Facebook Social media advertising facebook.com/settings?tab=ads
LinkedIn Professional network advertising linkedin.com/psettings/advertising
NAI Industry-wide opt-out optout.networkadvertising.org
DAA US Digital Advertising Alliance optout.aboutads.info

5.5 Global Privacy Control (GPC) and Do Not Track (DNT)
We honor user privacy signals from Global Privacy Control (GPC) and Do Not Track (DNT) browser settings:
● When we detect a valid GPC signal, we disable non-essential cookies and do not set marketing cookies
● We respect DNT preferences by limiting analytics to aggregated, non-identifiable data only
● GPC-compliant browsers send the "Sec-GPC: 1" HTTP header, which we monitor and honor

5.6 Consent Receipt and Audit Trail
We maintain a consent receipt mechanism that records:
● The date and time of your consent or opt-out decision
● Which cookie categories or individual cookies you consented to
● Your IP address and browser identifier (for verification purposes)
● Any subsequent consent withdrawals or changes
You can request a copy of your consent receipt by emailing privacy@syntari.ai.
5.7 Cookie Wall Prohibition
In accordance with European Data Protection Board (EDPB) guidelines, we do not implement "cookie walls" that prevent access to our Services based on cookie consent choices. You can access core Services even if you reject non-essential cookies. Certain personalization features may be unavailable if you decline optional cookies, but this does not block fundamental service access.
6. IMPACT OF DISABLING COOKIES
6.1 Essential Cookies
If you disable essential cookies:
● You will not be able to log into your account
● Security features may not work properly
● Some pages may not function correctly
● Form submission may fail
We do not recommend disabling essential cookies.
6.2 Functional and AI Feature Cookies
If you disable functional cookies:
● Your language and theme preferences will not be saved
● You may need to reset settings each time you visit
● AI model preferences will not persist between sessions
● Some features may not work optimally

6.3 Analytics Cookies
If you disable analytics cookies:
● We cannot improve our Services based on your usage patterns
● You may see less relevant or less personalized content
● No impact on core functionality or security

6.4 Marketing Cookies
If you disable marketing cookies:
● You will still see ads, but they will be less relevant to your interests
● We cannot measure ad effectiveness or attribution
● No impact on core functionality or account security

  1. THIRD-PARTY SERVICES AND AI PROVIDER DISCLOSURES
    7.1 Third-Party Service Providers
    We work with the following third-party service providers who may set cookies:
    Service Purpose Privacy Policy
    Google Analytics Web analytics and user behavior tracking policies.google.com/privacy
    Google Ads (GA4) Conversion tracking and advertising policies.google.com/privacy
    Stripe Payment processing and transaction management stripe.com/privacy
    Intercom Customer support and messaging intercom.com/legal/privacy
    SendGrid Email delivery and campaign tracking sendgrid.com/policies/privacy
    Cloudflare CDN, DDoS protection, and security cloudflare.com/privacypolicy
    AWS Cloud infrastructure and data hosting aws.amazon.com/privacy
    Facebook Pixel Social media advertising and conversion facebook.com/privacy/explanation
    LinkedIn Insight Tag Professional network advertising linkedin.com/legal/privacy-policy

7.2 AI Provider Disclosures: Anthropic, OpenAI, and Google
Syntari AI integrates AI services from the following third-party AI providers. These providers may independently use cookies or similar tracking technologies for abuse monitoring, safety compliance, and service optimization:
AI Provider Purpose Abuse Monitoring Retention Privacy Policy
Anthropic (Claude) AI consulting and analysis capabilities 30 days for abuse/safety detection anthropic.com/privacy
OpenAI (GPT-4, GPT-4o) Advanced language modeling and reasoning 30 days for abuse monitoring openai.com/policies/privacy-policy
Google (Gemini/Palm) AI-powered search and recommendations 30 days for abuse prevention policies.google.com/privacy

Important: AI providers may retain user inputs and cookies for 30 days specifically for abuse detection, safety monitoring, and compliance with applicable regulations. This retention is independent of Syntari's data retention policies. Users should review each AI provider's privacy policy directly for complete information about their data practices.
7.3 Social Media Features and Embedded Content
If you use social media features on our site or if we embed content from other platforms (such as YouTube videos, Twitter embeds, or LinkedIn content):
● Those platforms may set their own cookies independently
● Your use is governed by their privacy policies and cookie practices
● We have limited control over third-party cookies from embedded content
● We clearly mark embedded content sources

  1. DATA COLLECTION AND USE THROUGH COOKIES
    8.1 Information Collected Through Cookies
    Cookies may collect the following information:
    ● IP address (sometimes anonymized for analytics)
    ● Browser type, version, and user agent
    ● Operating system and device type
    ● Pages visited and time spent on each page
    ● Referring website and click path
    ● Actions taken on our site (clicks, form submissions, feature usage)
    ● AI features used and model selections
    ● Search queries and consulting requests
    ● Error events and system performance data

8.2 How We Use Cookie Data
We use data collected through cookies to:
● Provide and maintain our Services with proper functionality
● Improve user experience and service quality
● Analyze usage patterns and identify optimization opportunities
● Personalize content and AI recommendations
● Measure marketing effectiveness and campaign attribution
● Detect, prevent, and investigate fraud, abuse, and security threats
● Monitor AI system performance and accuracy
● Comply with legal obligations and regulatory requirements

8.3 Data Sharing and Third-Party Disclosure
Cookie data may be shared with:
● Our service providers under Data Processing Agreements
● Analytics providers (in aggregated, non-identifiable form)
● Marketing and advertising partners (only with your consent)
● Law enforcement or legal authorities (if legally required)
● AI providers for feature delivery and abuse detection (see Section 7.2)

We explicitly DO NOT:
● Sell cookie data or personal information to third parties
● Share identifiable cookie data without your explicit consent
● Use cookie data for purposes beyond those disclosed in this policy
● Allow third parties to use our cookie data outside contracted purposes

8.4 Cookie Data Retention and Purging
Cookie data is retained as follows:
Cookie Type Retention Period Notes
Essential Session or as needed for security Not deleted until session ends or security incident resolves
Functional 1 year or until preference change Can be extended if user is active
Analytics 26 months (Google Analytics default) Can be reduced to 14 months per user request
Marketing 90 days or until opt-out Refreshed with each interaction if consent is active
AI Usage 1 year for system improvement Deleted upon request via privacy@syntari.ai
AI Provider (Abuse) 30 days maximum Independently managed by AI providers

8.5 Cookie Inventory and Quarterly Scanning
We maintain and update a comprehensive cookie inventory on a quarterly basis to ensure accuracy and compliance. Our quarterly scanning process includes:
● Automated detection of new cookies added to our properties
● Verification of cookie purposes and legal basis
● Removal of unused or deprecated cookies
● Updates to consent banner and preference center
● Validation of third-party vendor compliance
The next cookie inventory scan is scheduled for Q2 2026. Results are reviewed by our privacy team and made available upon request.
9. INTERNATIONAL USERS AND JURISDICTION-SPECIFIC REQUIREMENTS
9.1 European Economic Area (EEA) and UK
For users in the EEA (EU, Norway, Iceland, Liechtenstein) and United Kingdom:
● Non-essential cookies require explicit opt-in consent BEFORE being set (not opt-out)
● We comply with GDPR Articles 6 and 82 and the ePrivacy Directive (2002/58/EC)
● You can withdraw consent at any time with the same ease as providing it
● We honor Privacy Impact Assessments for high-risk processing
● We maintain Data Processing Agreements with all vendors
● PECR (Privacy and Electronic Communications Regulations) cookie rules apply

9.2 California (CCPA/CPRA Compliance)
For California residents under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
● We honor "Do Not Sell My Personal Information" rights
● Cookie data is not sold to third parties
● You have rights to access, delete, and correct your information
● We disclose cookie categories in our CCPA Notice
● See our California Privacy Notice for complete CCPA/CPRA disclosures

9.3 Brazil (LGPD Compliance)
For users in Brazil, we comply with the Lei Geral de Proteção de Dados (LGPD) which imposes similar requirements to GDPR:
● Explicit consent is required for non-essential cookies
● Data must be retained only as long as necessary
● You can request data deletion and portability

9.4 Other Jurisdictions
We strive to comply with cookie and privacy laws in all jurisdictions where we operate, including but not limited to Australia (Privacy Act), Canada (PIPEDA, PECA), and other regions. If you have questions about your local jurisdiction's cookie requirements, please contact us at privacy@syntari.ai.
10. CHILDREN'S PRIVACY
10.1 Age Restrictions
Our Services are not designed for and are not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect information from children under these age thresholds, and we do not set cookies for users below the applicable age threshold in their jurisdiction.
10.2 Parental Notification
If you believe a child has provided information to us through cookies or our Services, please contact us immediately at privacy@syntari.ai. We will take steps to delete such information and comply with applicable child protection laws.
11. UPDATES AND CHANGES TO THIS POLICY
11.1 Policy Updates
We may update this Cookie Policy to:
● Reflect changes in our cookie practices or new technologies
● Add new cookies, remove unused cookies, or modify cookie purposes
● Comply with new legal requirements or regulatory guidance
● Provide clearer or more detailed explanations
● Update third-party service providers or AI vendors

11.2 Notification of Material Changes
We will notify you of material changes by:
● Updating the "Last Updated" date on this page
● Displaying a prominent notice on our website
● Resetting your cookie preferences if consent categories change significantly
● Sending email notification for changes affecting EEA residents

11.3 Version History
Version Effective Date Key Changes
3.0 Feb 23, 2026 Added AI-specific cookies, EU AI Act, IAB TCF v2.2, Privacy Sandbox, ePrivacy, server-side tracking, granular consent, quarterly scanning, AI provider disclosures
2.0 Jan 22, 2026 Comprehensive cookie inventory and categorization, enhanced third-party disclosures
1.0 2024 Initial Cookie Policy release

  1. CONTACT AND PRIVACY REQUESTS
    12.1 Questions About Cookies
    For questions, concerns, or requests regarding our use of cookies:
    ● Email: privacy@syntari.ai
    ● Web Form: syntari.ai/contact
    ● Mail: Syntari AI, Inc., Attn: Privacy Team, 855 Boylston Street, Suite 1000, Boston, MA 02116

12.2 Privacy Rights and Data Subject Requests
To exercise your privacy rights, including access, deletion, portability, or correction of information collected through cookies:
● Email: privacy@syntari.ai
● Web Form: syntari.ai/privacy-request
● We will respond to valid requests within 30 days

12.3 Data Protection Officer (DPO) and Regulatory Inquiries
For GDPR, ePrivacy, or other regulatory inquiries:
● Email: dpo@syntari.ai
● Our Data Protection Officer is available to address privacy and data protection questions

  1. GLOSSARY OF TERMS
    Term Definition
    Cookie A small text file stored on your device that is sent to servers when you access websites
    First-Party Cookie A cookie set by the domain you are directly visiting
    Third-Party Cookie A cookie set by a domain other than the one you are visiting, often used for analytics or advertising
    Session Cookie A temporary cookie deleted automatically when you close your browser
    Persistent Cookie A cookie that remains on your device until its expiration date or until you manually delete it
    Local Storage A browser storage mechanism that persists data beyond a single session
    Web Beacon/Pixel A tiny, transparent image used to track page views or email opens
    GDPR General Data Protection Regulation (EU regulation governing personal data)
    ePrivacy Directive EU Directive 2002/58/EC governing electronic privacy and cookie use
    CCPA California Consumer Privacy Act protecting California residents' privacy rights
    CPRA California Privacy Rights Act strengthening and expanding CCPA protections
    IAB TCF v2.2 Interactive Advertising Bureau Transparency and Consent Framework v2.2
    GPC Global Privacy Control - a browser signal indicating privacy preference
    DNT Do Not Track - browser signal requesting limited tracking
    FLoC Federated Learning of Cohorts - Google replacement for third-party cookies
    Topics API Google Privacy Sandbox technology grouping users by interests
    Device Fingerprinting Technique of identifying devices by their technical characteristics
    EU AI Act European Union regulation governing high-risk AI systems
    Abuse Monitoring Security practices by AI providers to detect and prevent misuse

LEGAL DOCUMENTATION
This Cookie Policy is an integral part of our comprehensive Privacy Policy. For complete information about our privacy practices, data protection commitments, and your rights, please read our full Privacy Policy at syntari.ai/privacy.
Effective Date: February 23, 2026
Copyright 2026 Syntari International, Inc. All rights reserved.
Syntari is a registered trademark of Syntari International, Inc.