SyncMint Privacy Policy

Data/Joint Controller: SyncMint BV, Vijzelstraat 68, 1017 HL Amsterdam, The Netherlands

Privacy enquiries: privacy@syncmint.ai

EdgeACR is an advertisement detection service embedded into your TV by its manufacturer. When active and with your consent, it processes your TV audio output locally on the device. When a known advertisement is detected, a small event record is sent to our servers. No audio is recorded or transmitted at any point — only the fact that an advertisement was detected.

EdgeACR is part of your TV firmware. It is not a downloadable application, and it is only present on devices where the TV manufacturer has specifically chosen to integrate it.

Please note that EdgeACR detects only when advertisements are being displayed on your TV. It does not collect or record any information about what programmes, films, sport, or other content you are watching. No raw audio ever leaves your device.

EdgeACR only operates after you have been presented with a consent notice by your TV manufacturer's privacy settings screen and have actively chosen to allow it. If you do not consent, EdgeACR does not collect or transmit any data.

When EdgeACR is operating with your consent, we collect the following categories of personal data:

• Device identifiers — a persistent device identifier and the advertising identifier assigned by your TV operating system (such as the Google Advertising ID on Android TV). These do not contain your name or contact details. The advertising identifier can be reset at any time in your TV privacy settings.
• Network identifiers — your device IP address at the time of an ad detection event, used for approximate geolocation, household-level audience matching and detecting and fixing. If use case permits, we may use location-derived attributes (city, region, country) instead of the full IP address.
• Ad exposure data — the identifier of the detected advertisement and the timestamp of its detection along with location-derived attributes, used for measurement and attribution.
• Session data — timestamps and randomly generated codes used to organise and deduplicate detection events.
• Device technical information — operating system version, device type, model, and manufacturer name, used for device classification and error diagnosis.
• Consent record — a record of your consent status, maintained to ensure your privacy choices are respected at all times.

We have no information about what you watch beyond the fact that an advertisement was detected. EdgeACR does not collect viewing history, content preferences, or any information about non-commercial content.

We process personal data only for the following purposes. We do not use your data for any purpose not listed here.

Under TCF 2.3, Legitimate Interest may not be used for advertising or profiling purposes. All audience-building, measurement, and targeting purposes above are processed under your consent only.

Personal data collected for ad measurement and audience purposes is retained for up to 3 years. We apply the principle of storage limitation and do not retain personal data beyond the period necessary for the stated purpose.

Consent records are kept for the duration of your active consent. The consent audit log is retained for up to 3 years to meet our GDPR accountability obligations under Article 5(2).

When you withdraw consent, all personal data stored on your device by EdgeACR is deleted immediately and automatically — including all device identifiers, the advertisement catalog, and ad exposure logs. This deletion is permanent and cannot be reversed.

Please note that the TV manufacturer is responsible for obtaining your consent; this may include their ability to use the data for analytics purposes.

Personal data collected through EdgeACR is stored in regional cloud infrastructure corresponding to the market in which it is collected. We follow data localisation principles — data collected from EU/EEA users is stored and processed within the EU where possible. Some of our service providers — including network infrastructure and data transfer providers — are based outside the EEA. Where personal data is transferred to providers outside the EEA, we ensure it is protected by Standard Contractual Clauses (SCCs) under GDPR Article 46(2)(c), or by European Commission adequacy decisions where applicable. Details are available on request from privacy@syncmint.ai.

Where EdgeACR is deployed in markets outside the EU/EEA, data from those markets is stored in the relevant region where infrastructure permits, and we comply with applicable local privacy laws in each market. If you are a user outside the EU/EEA and would like to know how your data is handled locally, contact us at privacy@syncmint.ai.

Under GDPR you have the following rights. We will respond within one calendar month. To exercise any right, contact us at privacy@syncmint.ai.

• Withdraw consent (Art. 7(3)) — Withdraw consent at any time via your TV privacy settings. Turn off the toggle in Settings › Privacy › Ad Viewing Information. Takes effect immediately and all device data is deleted automatically. Does not affect the lawfulness of prior processing.
• Access (Art. 15/ EU Data Act) — Request a copy of the personal data we hold about you and information about how we use it.
• Rectification (Art. 16) — Request correction of inaccurate or incomplete data.
• Erasure (Art. 17) — Request deletion of your data. Withdrawing consent via your TV settings triggers immediate automatic deletion of all EdgeACR data on your device. You may also request deletion of your consent history records, subject to our accountability retention obligations under Art. 5(2) GDPR.
• Restrict processing (Art. 18) — Request that we limit processing in certain circumstances.
• Data portability (Art. 20) — Request your data in a structured, machine-readable format.
• Object to legitimate interest processing (Art. 21) — Object to our SP1 (error fix) and SP3 (saving privacy choices) processing at any time. We will stop SP1 processing unless we have compelling grounds overriding your interests. For SP3, note that this processing exists to remember and act on your privacy choices — practical guidance on exercising this right is at our legitimate interest statement: https://syncmint.ai/legitimate-interests.
• Lodge a complaint — Contact your national data protection authority: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en

Consent for EdgeACR is collected through a Consent Management Platform (CMP) deployed on your TV by the TV manufacturer. The CMP presents you with a consent notice before EdgeACR begins operating. Your choices are recorded in a standardised TCF 2.3 consent string stored on your device.

EdgeACR reads your consent status from this consent string before each data collection cycle. If you have not consented, or have withdrawn consent, EdgeACR does not collect or transmit any data.

EdgeACR does not use browser cookies. It uses native TV device storage only. Our GVL entry is at: https://iabeurope.eu/vendor-list/

We apply appropriate technical and organisational measures to protect personal data, including encryption of all data in transit, access controls on our infrastructure, and device-level isolation of EdgeACR processing. If you discover a security vulnerability, please report it to privacy@syncmint.ai.

EdgeACR operates on household TV devices that may be used by children. It does not collect any data that directly identifies a child by name, age, or similar characteristic.

If you believe a child's data has been processed in circumstances requiring additional protection, please contact us at privacy@syncmint.ai.

We may update this policy from time to time. If we make material changes to what we collect, how we use it, or who we share it with, we will notify you via an on-screen notification on your TV and update the effective date above. Where required by law, we will seek fresh consent before implementing the change.

If you have any questions or complaints regarding this policy or about SyncMint's privacy practices, please contact us at: privacy@syncmint.ai or Post: SyncMint BV, Vijzelstraat 68, 1017 HL Amsterdam, The Netherlands.

We respond to all requests within one calendar month in accordance with applicable data privacy laws.