Synology and How Your Analytical Data is Stored, Used and Deleted
Synology, a renowned network-attached storage (NAS) solutions provider, maintains a series of data-driven services to supplement their product suite. The transparency and clarity in Synology’s data collection and storage protocols reflect their dedication to ensuring users’ privacy. Below is a comprehensive evaluation of their privacy practices across several services.
Resources Usesd for this Summary:
Needless to say, the full extent of Synology’s internal operations are going to be largely confidential. However, much like any other company that handles user data, they provide a detailed breakdown of their terms of service and data collection disclosure. These are provided as guidelines of how the brand receives, stores, utilizes and deletes data that is collected in the process of specific applications or services. Full details on these policies in their full length can be found below:
- Software EULA
- Services Data Collection Disclosure
- Synology Account
- Pre-Release Program Agreement
- Package Center
- Legal Agreement
Additionally, we made a much larger video on this subject, that highlights all the areas of the Synology service agreements and data collection details. You can find it HERE.
C2 Service: The Synology C2 Service is a cloud suite aiming to enhance the user experience for Synology product users. For subscribers, Synology requires essential data such as account credentials and payment details. If users partake in specific events within the C2 platform, event-specific URLs might be recorded. This data collection allows Synology to seamlessly integrate and customize services for its user base. Data is safeguarded using encryption techniques and is stored across globally distributed data centers located in the US, Germany, and Taiwan. Upon the cessation of a subscription or when an account is deleted, Synology retains the data for a stipulated period before initiating permanent deletion to give users a window for potential account recovery.
Device Network Mapping: With the vision of easing initial device setups, Synology designed the Device Network Mapping service. It collects specific device details to assist in identifying and preparing devices to integrate within a network environment. Though this service collects vital information, Synology ensures the temporary nature of this storage. The data is designated for removal post its immediate utility or after 90 days of inactivity, ensuring no unnecessary long-term storage.
QuickConnect and Synology DDNS: Synology’s commitment to improving connectivity for users is manifested in services like QuickConnect and Synology DDNS. These services, while instrumental in boosting user experience, require the collection of device information. This data serves to facilitate domain name resolutions and enhance the security of user connections through encryption. The retention of this data is directly linked to the active status of the user’s Synology Account.
Synology Application Service: To satiate the modern user’s demand for real-time notifications, Synology offers the Synology Application Service. This service processes messages and certain device details, which are essential for push notifications across Synology’s application suite. It’s worth noting that post the delivery of these messages, Synology takes measures to ensure that the data is immediately purged from their servers.
DSM Configuration Backup: Recognizing the value of configuration data, Synology presents the DSM Configuration Backup service. It not only stores configuration details securely but also ensures that the data is encrypted, making it a vital asset in restoration or upgrade scenarios. If a user opts to deactivate this service, Synology maintains a data retention policy of up to 180 days before initiating the deletion process.
Active Insight: Active Insight emerges as a valuable tool for users seeking analytical insights into their NAS devices’ performance. By accumulating operation data, Synology endeavors to offer performance insights, real-time analytics, and specialized technical support. This service also aids in Synology’s internal product improvement initiatives. Synology commits to store this data in its Frankfurt data center, ensuring European data protection standards. Periodic evaluations are performed to cleanse any identifiable links from the stored data, reinforcing privacy measures. Moreover, stringent access controls are in place to limit raw and aggregated data visibility to a select set of employees.
MailPlus: The MailPlus service, when paired with Bitdefender’s antispam/antivirus functionalities, necessitates the sharing of specific technical data. This collaboration is vital to offer a fortified defense against spam and potential cyber threats. However, users should be aware that this data bypasses Synology’s storage mechanisms and is sent directly to Bitdefender’s infrastructure.
Concluding Thoughts: Navigating through Synology’s data privacy policies reveals a company that is invested in ensuring a clear demarcation of its data collection, utilization, storage, and deletion methodologies. Each service comes equipped with user-centric guidelines and often offers choices for users to opt-in or out as per their comfort. However, users must remain vigilant and thoroughly understand third-party collaborations and their implications. As with any service, the responsibility remains mutual: while Synology offers transparent practices, users must be proactive in understanding and deciding what’s best for their data.📧 SUBSCRIBE TO OUR NEWSLETTER 🔔
🔒 Join Inner Circle
Get an alert every time something gets added to this specific article!
This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below