1. Overview & Our Core Privacy Commitment
SynciZen is a locally-first desktop file synchronization application. This means that, by design, all of your data — your files, folder configurations, sync history, and credentials — is stored exclusively on your own computer and is never transmitted to SynciZen servers.
This Privacy Policy explains in full detail what data the application stores locally on your device, how it interacts with third-party cloud storage services that you choose to configure, and the important limitations and disclaimers you must understand before using SynciZen.
By downloading, installing, or using SynciZen in any capacity (Trial or Licensed), you acknowledge that you have read, understood, and agreed to this Privacy Policy and the accompanying disclaimers set forth herein.
2. Who We Are
SynciZen is developed and maintained by Shahab Bahreini Jangjoo ("Developer," "we," "us," or "our"). For privacy-related inquiries, refer to the contact information in Section 13.
SynciZen is distributed as a desktop application for macOS, Windows, and Linux. It does not operate as a Software-as-a-Service (SaaS) and does not have a server-side component that processes your data.
3. Data We Collect and Store
All data listed below is stored locally on your device only, in the application's sandboxed data directory (~/Library/Application Support/com.syncizen.app/ on macOS, %APPDATA%\com.syncizen.app\ on Windows, ~/.local/share/com.syncizen.app/ on Linux). None of this data is transmitted to SynciZen or any third party by SynciZen.
3.1 Sync Configuration
To perform synchronization, SynciZen stores:
- The local folder paths and remote folder paths you configure for sync pairs
- Sync mode, direction, deletion policy, conflict resolution strategy, and interval settings
- Account display names and references to rclone remote names (not credentials)
- Per-pair performance settings (bandwidth limits, transfer settings, etc.)
3.2 File Metadata and Sync State
To detect changes and track synchronization progress, SynciZen stores:
- Relative file paths within your configured sync folders
- Cryptographic hashes of files (BLAKE3 or xxHash — file fingerprints, not file contents)
- File sizes and last-modified timestamps for local and remote files
- Sync status per file (synced, pending, conflicted, failed)
SynciZen does not read or store the contents of your files. Only metadata is used for change detection.
3.3 Sync Operation Journal
To support undo operations and crash recovery, SynciZen maintains a write-ahead operation journal recording:
- The type of operation (create, update, delete), direction, and status
- Source and target paths, file size, and file hash for each queued operation
- Error messages if an operation fails
- The path to a trash-rescued copy if a file was deleted or overwritten
3.4 Activity Logs
SynciZen maintains an in-app activity log visible to you in the Activity tab. This log records:
- Sync start, progress, and completion events
- Errors and warnings encountered during sync operations
- Conflict detections and resolutions
- Account and sync pair status changes
Activity logs are stored locally in logs.db and capped at a configurable size (default: 50 MB). You can export, clear, or disable these logs at any time.
3.5 Debug Logs (Optional)
Debug logging is disabled by default. When you explicitly enable it in Settings, a debug.log file is created locally that records:
- Internal application events, API call details (to the local rclone process only), and performance metrics
- No file contents, no cloud credentials, and no personal data beyond file paths and operation results
You can disable, clear, or export this log at any time from within the app.
3.6 Application Settings
Your preferences are stored locally, including UI settings, notification preferences, default sync modes, performance profiles, and sync schedule settings.
3.7 Cloud Credentials (via rclone — Not Accessible to SynciZen)
SynciZen integrates with rclone, an open-source file sync engine, to connect to cloud storage providers. Cloud credentials (OAuth tokens, API keys, passwords) are:
- Stored by rclone in its own encrypted configuration file (
rclone.conf), not by SynciZen - Protected using AES-GCM encryption; the encryption password is stored in your operating system's secure credential store (macOS Keychain, Windows Credential Manager, Linux Secret Service / GNOME Keyring)
- Never read, transmitted, or accessed by SynciZen's own code
3.8 Summary Table
| Data Type | Stored Locally | Sent Externally | User Controllable |
|---|---|---|---|
| Sync folder paths & settings | Yes | Never | Yes |
| File metadata (hashes, sizes, timestamps) | Yes | Never | Yes |
| Sync operation journal | Yes | Never | Yes |
| Activity logs | Yes | Never | Yes |
| Debug logs | Optional | Never | Yes |
| App settings & preferences | Yes | Never | Yes |
| Cloud credentials (via rclone) | Yes — encrypted by rclone | Never by SynciZen | Yes |
| License activation data (device fingerprint, license key) | Yes — locally cached | License checks only | No |
| Telemetry / analytics | None | Never | N/A |
| Crash reports | None | Never | N/A |
| Usage tracking | None | Never | N/A |
4. Data We Do NOT Collect
SynciZen explicitly does not collect, transmit, or store any of the following:
- Personal identifying information — no name, email address, phone number, or user account is required or collected
- File contents — SynciZen never reads the content of your files; it only reads metadata (size, modification time, hash) to detect changes
- Telemetry or usage analytics — there are no analytics SDKs, tracking pixels, or usage beacons in the application
- Crash reports — no automated crash reporting to external servers
- Behavioral data — no tracking of which features you use, how often you sync, or how long you use the application
- IP addresses or network identifiers for tracking — no tracking pixels, analytics beacons, or advertising identifiers. An IP address is incidentally transmitted with license validation requests (as with any HTTP connection), but is not stored or used for profiling
- Device fingerprints for tracking or profiling — no device fingerprinting for advertising, behavioral analytics, or any purpose other than license enforcement. A hardware fingerprint is transmitted only during license activation and periodic validation, and is used solely to enforce per-license device limits (see Section 6.3)
- Cloud file contents — file data is transferred directly between your device and your cloud provider via rclone; SynciZen does not receive, buffer, or inspect this data
5. Cloud Storage Integrations and Third-Party Services
5.1 rclone
SynciZen uses rclone (an open-source, widely-used file synchronization tool) as its underlying sync engine. rclone is a separate process bundled with SynciZen. All file transfers between your local machine and cloud storage are performed by rclone, not by SynciZen's own code.
SynciZen communicates with rclone exclusively over a local HTTP interface (127.0.0.1 on a randomly assigned port), protected by randomly generated per-session credentials. This communication never leaves your machine.
rclone has its own privacy considerations and is governed by its own license and documentation, available at rclone.org.
5.2 Supported Cloud Providers
When you configure a cloud storage account in SynciZen (via rclone), you may connect to providers including:
- Google Drive, Microsoft OneDrive, Dropbox, Box, pCloud, Mega
- Proton Drive, Yandex Disk
- Amazon S3, Backblaze B2, Cloudflare R2, Wasabi, Azure Blob Storage
- SFTP servers and other WebDAV-compatible services
When SynciZen syncs your files, those files are transmitted to and from these providers according to your configuration. Each provider's own Privacy Policy and Terms of Service govern how they handle your data. SynciZen has no control over, and bears no responsibility for, third-party cloud providers' data practices.
5.3 No SynciZen-Operated Cloud Infrastructure
SynciZen does not operate any cloud servers, relay servers, or data processing infrastructure. Your files travel directly from your device to your chosen cloud provider. SynciZen is never a party to that data transfer.
5.4 Internet Access
SynciZen requires an internet connection when actively syncing files to or from a cloud provider. All file transfer traffic is directed to your configured cloud storage providers via rclone — SynciZen is never a party to that data transfer.
Additionally, SynciZen makes periodic license validation requests to syncizen.com to verify your license is active. These requests transmit only your license key and a device fingerprint for device-limit enforcement. No file data, file paths, or personal information is included. The app functions fully offline for up to 7 days using a locally cached license state.
6. License Types, Trial Version, and Activation
6.1 Trial Version
SynciZen is available as a free Trial version. The Trial version may have limitations on features, sync pair count, or usage duration. Specific Trial limitations are disclosed at the point of download and within the application.
The Trial version operates with the same privacy characteristics described in this policy. It does not collect additional data, enable telemetry, or impose any monitoring beyond what is described herein.
6.2 Licensed Version (Lifetime License)
SynciZen is offered as a one-time Lifetime License for individual users, unlocking the full feature set of the application without subscriptions or recurring fees. Pricing and feature availability are described on the SynciZen website and are subject to change.
6.3 License Activation and Device Limits
Licensed versions of SynciZen are subject to a per-license device installation limit. This limit defines the maximum number of devices on which a single license may be simultaneously activated and in use.
License activation may involve a network request to a licensing server to validate your license key and register your device. In connection with license activation, the following data may be collected and processed:
- Your license key or order reference
- A non-personally-identifying device fingerprint (used solely for enforcing device limits)
- Activation timestamp and IP address (retained as required for fraud prevention and license integrity)
This data is used exclusively for license validation and is not combined with usage data, analytics, or any other personal information. It is retained for the duration of your license and for a reasonable period thereafter for support and audit purposes.
6.4 No Ongoing Online Requirements
Once activated, SynciZen does not require a continuous internet connection for licensing purposes. The application functions fully offline for local and cloud sync operations (cloud sync requires connectivity to the cloud provider, not to SynciZen).
7. Data Security
SynciZen implements the following security measures to protect locally stored data:
- Encrypted credential storage: Cloud provider credentials managed by rclone are encrypted with AES-GCM. The encryption password is stored in the operating system's native secure credential store (macOS Keychain, Windows Credential Manager, or Linux Secret Service).
- Isolated local IPC: Communication between SynciZen and the rclone subprocess uses HTTP Basic authentication over loopback only, with randomly generated per-session credentials that are regenerated on every application launch.
- No network exposure: No user data is exposed to external networks by SynciZen. All local data remains within the application's sandboxed data directory.
- Write-ahead journaling: Sync operations are recorded before execution, enabling recovery in the event of unexpected shutdowns and reducing the risk of data inconsistency.
- Local trash protection: Files deleted or overwritten by sync operations are moved to a local trash directory rather than permanently deleted, providing a recovery window.
8. Your Rights and Controls
Because all data processed by SynciZen is stored locally on your device, you have complete control over it at all times:
- Access: All configuration and log data can be viewed directly within the application or by browsing to the application data directory on your filesystem.
- Export: Activity logs and debug logs can be exported from within the application at any time.
- Deletion: You can clear activity logs, disable and delete debug logs, remove sync pairs, and delete the application along with all its stored data at any time by uninstalling SynciZen and deleting the application data directory.
- Correction: Sync configuration can be edited or deleted at any time through the application's interface.
- Portability: Your files are your own and are stored in standard formats on your device and your chosen cloud provider. There is no proprietary SynciZen cloud storage, and no lock-in.
Because SynciZen does not collect personal data on its servers, there is no separate data subject request process required. Your data is under your direct control.
If you are subject to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), or similar laws, and you have concerns about data processed by third-party cloud providers you've connected via SynciZen, you should contact those providers directly.
9. Data Retention
All locally stored data is retained until you actively delete it or uninstall the application. Specific retention behaviors:
- Activity logs: Retained until the configurable size cap is reached (default 50 MB) or until you manually clear them. The size cap uses a rolling eviction policy (oldest events removed first).
- Debug logs: Rotated at 10 MB; one backup rotation kept. Cleared when you use the in-app "Clear Debug Log" function or disable debug logging.
- Local trash: Files in the SynciZen local trash are retained for a configurable period (default 30 days), after which they are automatically purged.
- Sync operation journal: Historical completed batches are retained for reference and undo functionality. Old completed batches may be pruned as the database grows.
- License activation data (when applicable): Retained on the licensing server for the duration of your license plus a reasonable post-expiry period for support purposes.
10. Children's Privacy
SynciZen is not directed at children under the age of 13 (or 16 where applicable under GDPR). We do not knowingly collect personal data from children. Because SynciZen does not collect personal data from any user as part of its core functionality, there is no mechanism by which children's data would be collected. If you believe a child has provided personal information in connection with a license purchase, please contact us and we will take appropriate steps.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in the application's functionality, legal requirements, or business practices. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Announce significant changes via the SynciZen website or, where applicable, within the application
Your continued use of SynciZen after any changes to this policy constitutes your acceptance of the revised policy. We encourage you to review this policy periodically.
If a change involves the collection of new categories of personal data not described in this policy, we will seek your consent where required by applicable law.
12. Critical Disclaimers and Limitation of Liability
12.1 — Disclaimer of Warranties
SynciZen is provided "AS IS" and "AS AVAILABLE" without warranty of any kind, express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, accuracy, reliability, or non-infringement.
The Developer makes no warranty that: (a) SynciZen will meet your requirements; (b) SynciZen will be uninterrupted, timely, secure, or error-free; (c) the results obtained from using SynciZen will be accurate or reliable; or (d) any errors in the software will be corrected.
You use SynciZen entirely at your own risk.
12.2 — Data Loss Disclaimer
FILE SYNCHRONIZATION IS AN INHERENTLY RISKY OPERATION. Sync operations can result in the permanent deletion, overwrite, corruption, or loss of files on your local device and/or cloud storage. This includes, but is not limited to:
— Overwriting a newer file with an older version due to misconfigured sync direction
— Propagating accidental deletions from one endpoint to another
— Data corruption resulting from interrupted sync operations, filesystem errors, or storage provider errors
— Incorrect conflict resolution resulting in loss of one version of a conflicted file
— Deletion of files exceeding the deletion guard threshold when the guard is bypassed by user action
— Loss of data stored in the local trash beyond the configured retention window
— Any other unintended modification to your files arising from the use of SynciZen
THE DEVELOPER SHALL NOT BE LIABLE FOR ANY LOSS, CORRUPTION, OR UNINTENDED MODIFICATION OF YOUR DATA, WHETHER STORED LOCALLY OR IN THE CLOUD, ARISING FROM THE USE OR MISUSE OF SYNCIZEN, REGARDLESS OF CAUSE.
You are solely responsible for maintaining independent, current backups of all important data before configuring or running SynciZen. The presence of SynciZen's local trash feature or operation journal does not constitute a backup solution and is not a substitute for proper backup practices.
12.3 — Limitation of Liability
To the maximum extent permitted by applicable law, in no event shall the Developer be liable for any:
— Direct, indirect, incidental, special, consequential, or exemplary damages, including but not limited to loss of data, loss of profits, loss of business, loss of goodwill, or loss of anticipated savings;
— Damages arising from unauthorized access to or alteration of your transmissions or data;
— Damages arising from statements or conduct of any third party in connection with SynciZen;
— Damages arising from any cloud storage provider's failure, data breach, service interruption, or policy change;
— Damages arising from the use of rclone or any bundled open-source component;
even if the Developer has been advised of the possibility of such damages.
In jurisdictions that do not allow the exclusion or limitation of liability for consequential or incidental damages, the Developer's liability is limited to the maximum extent permitted by law. In all cases, the Developer's total aggregate liability to you shall not exceed the amount you paid for the SynciZen license in the twelve (12) months preceding the claim.
12.4 — Third-Party Cloud Providers Disclaimer
SynciZen integrates with third-party cloud storage services via rclone. The Developer has no control over these services and is not responsible for:
— Any data breach, unauthorized access, or data loss occurring at a cloud provider;
— Changes to cloud provider APIs that disrupt or break SynciZen's sync functionality;
— Data retention, deletion, or modification policies of cloud providers;
— Charges, throttling, quota enforcement, or service outages by cloud providers;
— The privacy practices of cloud providers with respect to your files.
You are responsible for reading and complying with the Terms of Service and Privacy Policy of any cloud storage service you connect to via SynciZen.
12.5 — License and Availability Disclaimer
The Developer reserves the right to modify, suspend, or discontinue SynciZen, or any feature thereof, at any time with or without notice. License terms, pricing, device limits, and feature availability are subject to change. The Developer is not liable to you or any third party for any modification, suspension, or discontinuance of the software or any feature.
Device installation limits associated with a license are set at the time of purchase and are subject to change as described in Section 6.3. The Developer will not reduce the device limit below the number of devices actively registered to a valid, active license without reasonable prior notice. However, no perpetual guarantee of any specific device limit is made.
Trial versions of SynciZen may expire, have features removed, or be discontinued at any time. The Developer makes no commitment to maintain Trial versions indefinitely or to provide upgrade paths between Trial and Licensed versions.
12.6 — Misuse and Unauthorized Use Disclaimer
SynciZen is intended solely for lawful file synchronization purposes. You agree not to use SynciZen to:
— Sync, transmit, or store illegal content or content that violates the terms of service of any cloud provider;
— Circumvent the access controls or licensing terms of any software or service;
— Engage in any activity that violates applicable law, including data protection and intellectual property laws;
— Share, sublicense, or transfer your SynciZen license to unauthorized parties.
The Developer is not liable for any consequences arising from your misuse of SynciZen, including legal claims brought by third parties arising from your use of the software. You agree to indemnify and hold harmless the Developer from any claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising from your breach of these terms or your misuse of SynciZen.
12.7 — Open-Source Component Disclaimer
SynciZen bundles open-source software components including rclone and various Rust and JavaScript libraries. These components are provided under their respective open-source licenses. The Developer makes no additional warranty with respect to these components beyond what is required by their individual licenses. Any defects, security vulnerabilities, or issues arising from open-source components are subject to the limitations of liability set forth in this Section 12.
12.8 — Governing Law and Jurisdiction
This Privacy Policy and any disputes arising hereunder shall be governed by and construed in accordance with the laws of the jurisdiction in which the Developer is established, without regard to its conflict-of-law provisions. Any legal action or proceeding arising under this policy shall be brought in the competent courts of that jurisdiction, and you hereby consent to personal jurisdiction and venue therein.
If any provision of this policy is held to be unenforceable, the remaining provisions will continue in full force and effect.
13. Contact
For questions, concerns, or requests related to this Privacy Policy, please contact:
Shahab Bahreini Jangjoo
Developer, SynciZen
Contact information will be provided on the SynciZen website.
We will endeavor to respond to all legitimate privacy inquiries within 30 days.