Skip to main content
Allync

Privacy Policy

Allync Digital Signage Platform

At Allync, we are committed to protecting the privacy of our users and their data. This policy explains what data we collect through our digital signage platform, Android APK application, and Windows desktop application, why we collect it, and how we handle it.

Last updated: March 29, 2026 · Effective date: February 1, 2026

Age Requirement

Allync Digital Signage is a business-to-business (B2B) platform intended for use by authorized business administrators aged 18 years or older. This service is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at info@allyncai.com and we will promptly delete it. This policy complies with the Children's Online Privacy Protection Act (COPPA).

Data We Collect — Android Application

Device Identifier

We collect a unique device identifier (Android ID) to register and identify your screen device. This ID is hardware-based and does not contain personal information.

  • Android ID (ANDROID_ID)
  • Device registration token

Device Information

Technical device information is collected to ensure compatibility and provide support.

  • Device model and manufacturer
  • Android OS version and SDK level
  • Screen resolution and orientation
  • App version
  • IP address
  • Device timezone and local time

Health Metrics

Device performance metrics are collected via periodic heartbeats (every 30 seconds) to monitor screen health and detect issues proactively.

  • CPU usage percentage
  • Memory (RAM) usage and total capacity
  • Network connection speed
  • Storage capacity and free space
  • Cache size
  • Device uptime
  • Battery level

Heartbeat Data

The APK application sends periodic heartbeat signals to report device status and receive commands from the server.

  • Connection status (online/offline)
  • Playback status (playing/stopped)
  • Kiosk mode status
  • Last ping timestamp
  • Pending command retrieval

Location

Location data is provided manually by administrators during screen setup. We do not use GPS or automatic location tracking.

  • User-entered location label (e.g. "Lobby", "Meeting Room 3")

Playback Logs

We log media playback activity for analytics and audit purposes (Proof of Play).

  • Media name and type (image, video, URL)
  • Playback start and end times
  • Play duration and completion status
  • Skip reason (if applicable)
  • Associated playlist and zone information

Screenshots

When requested by an administrator, the device captures a screenshot of the current display and uploads it to secure storage.

  • Screenshot image (captured on admin command only)
  • Capture timestamp
  • Screenshots are stored temporarily and deleted when the screen is removed

Screen & Content Data

Information about screen configuration and assigned content is stored to manage your digital signage network.

  • Screen name and status
  • Assigned playlist and layout
  • Screen orientation and display settings
  • Error logs and crash reports from the device

Data We Collect — Windows Application

Device Identifier

We collect a unique device identifier derived from the Windows MachineGUID registry value. This ID is hashed using SHA-256 and prefixed with "win-" to distinguish it from Android devices. It does not contain personal information.

  • Windows MachineGUID (SHA-256 hashed, read-only from registry)
  • Device registration token (encrypted with Windows DPAPI)

Device Information

Technical device information is collected to ensure compatibility, support multi-display setups, and provide diagnostics.

  • Computer hostname (machine name)
  • Windows OS version and .NET runtime version
  • Screen resolution per display
  • Number of connected displays, display names, and primary display status
  • App version
  • Local IP address
  • Device timezone

Health Metrics

Device performance metrics are collected via periodic heartbeats (every 3 minutes active, 10 minutes overnight) to monitor screen health.

  • CPU usage percentage
  • Memory (RAM) usage and total capacity
  • Storage capacity and free space on the application drive
  • Media cache size
  • System uptime

Heartbeat Data

The Windows application sends periodic heartbeat signals to report device status and receive commands from the server.

  • Connection status (online/offline)
  • Playback status (playing/idle)
  • Kiosk mode status
  • Current playlist and layout identifiers
  • Active zone count
  • Loop playback setting

Playback Logs

Media playback activity is logged for analytics and audit purposes (Proof of Play), sent in batches with each heartbeat.

  • Media name and type (image, video, URL)
  • Playback start and end times
  • Play duration and completion status
  • Associated playlist and zone information
  • Up to 50 log entries buffered per heartbeat cycle

Screenshots

When requested by an administrator, the application captures the current window content as a JPEG image and uploads it to secure storage.

  • Window screenshot (JPEG, quality 80%, captured on admin command only)
  • Capture timestamp
  • Screenshots are stored temporarily with signed URLs and deleted when the screen is removed

Error Logs

Application errors and crash reports are collected to diagnose issues. Errors are buffered locally and batch-sent to the server periodically.

  • Error type and message (truncated to 2000 characters)
  • Stack trace (if available)
  • App version at time of error
  • Error logs are persisted locally in %LOCALAPPDATA%\AllyncSignage for crash recovery

Kiosk Mode

When enabled by an administrator, kiosk mode locks down the Windows device to display signage content only. No additional data is collected — this is a local security feature.

  • Fullscreen and always-on-top enforcement
  • System keyboard shortcuts blocked (Alt+Tab, Alt+F4, Win key, Ctrl+Esc)
  • Taskbar visually covered by fullscreen window, cursor hidden
  • Kiosk mode status reported via heartbeat

Local Data Storage

The Windows application stores operational data locally on the device for offline functionality and crash recovery.

  • License token stored encrypted with Windows DPAPI (Data Protection API) and in local preferences
  • Cached media files for offline playback
  • Buffered error logs (JSON, cleared after successful upload)
  • Application preferences and configuration (screen ID, tenant info, playlist/layout state)
  • PIN security data (hash and salt, stored in DPAPI-encrypted secure storage)

Viewer Attention Analytics (Optional)

Viewer Attention Analytics (Optional)

When enabled by an administrator, the device uses the camera to anonymously count viewers and measure attention. This feature is entirely optional and disabled by default. NO images, video, or facial recognition data is ever collected, stored, or transmitted. All processing happens locally on the device — only anonymous numerical counts are sent to the server.

  • Viewer count per 5-minute period (anonymous head count only)
  • Average dwell time (how long viewers look at the screen)
  • Maximum concurrent viewers in each period
  • Camera processing is 100% on-device — no images leave the device
  • No facial recognition, no biometric data, no personal identification
  • Feature requires explicit admin opt-in per screen
  • GDPR compliance mode available: displays privacy notice on screen when active

AI Content Assistant

AI Content Assistant

When enabled by the platform administrator, tenants can use AI to generate content text (banners, announcements, menu descriptions). AI processing is performed by third-party providers (Anthropic Claude or Google Gemini) via server-side API calls. Your content prompts are sent to the selected AI provider — no personal or device data is included.

  • Content generation prompts (text input by administrators)
  • Business context (brand name, language preference — voluntarily provided)
  • Monthly token usage tracking per tenant
  • API keys stored server-side only, never exposed to client devices
  • AI providers: Anthropic (Claude) and Google (Gemini) — see their privacy policies

Custom Widgets

Custom Widgets

Custom widgets are HTML-based modules that run in a sandboxed WebView on player devices. Widget bundles are downloaded from our secure storage (Supabase) and cached locally. Widgets may connect to approved external APIs as configured by administrators.

  • Widget HTML bundles downloaded from our own infrastructure only
  • Each widget has a restricted domain list (CSP enforcement)
  • Widget data requests are limited to administrator-configured API endpoints
  • No personal data is collected by widgets — only configured data feeds

Automated Triggers

Automated Triggers

The trigger engine allows administrators to set up automated rules that respond to events (sensor data, weather changes, schedules, screen health). External systems can send data to trigger rules via webhook endpoints. Only the data explicitly sent by the external system is processed.

  • Webhook event data (JSON payload from external systems)
  • Weather data from Open-Meteo API (temperature, humidity, wind — no personal data)
  • Screen health metrics (already collected via heartbeat)
  • Trigger execution logs (which rules fired, what actions were taken)
  • Trigger logs are automatically deleted after 30 days

Background Music

Background Music

The background music system enables administrators to play ambient audio playlists on signage devices, independent of visual content. Music files are uploaded by tenant administrators and cached on devices for offline playback. No music content is collected from end users.

  • Audio files uploaded by tenant administrators (MP3, AAC, WAV, OGG, FLAC — max 50MB per file)
  • Music playback state (which playlist/track is currently playing) — included in heartbeat telemetry
  • Server-time synchronization data for multi-screen sync (anchor timestamp, no personal data)
  • Music schedule preferences (time ranges, target screens/tags) — administrator-configured only
  • Audio files are cached on device storage and removed when playlist is unassigned
  • Copyright and licensing responsibility for music content lies with the tenant administrator

How We Use Your Data

  • Device Management: Registering, identifying, and monitoring screen devices across your signage network.
  • Content Delivery: Ensuring the correct playlists and layouts are displayed on the right screens.
  • Health Monitoring: Detecting offline screens, performance issues, and proactively alerting administrators.
  • Analytics & Audit: Providing proof-of-play reports showing what content was displayed and when.
  • Version Control: Ensuring all devices run supported and up-to-date software versions.
  • Remote Commands: Processing admin-initiated commands such as screenshots, cache clearing, kiosk mode, and device reboot.
  • Attention Analytics: Anonymous viewer counting to help administrators understand audience engagement (optional, admin-enabled).
  • AI Assistance: Generating content text using third-party AI providers when requested by administrators (optional, plan-dependent).

Third-Party Services

We use the following third-party services to operate our platform. Each service processes only the minimum data necessary for its specific function:

  • Supabase (Database & Auth): Stores device data, media files, and handles authentication. SOC 2 Type II compliant. Data hosted in AWS (EU/US regions).
  • Vercel (Hosting): Hosts the web application and API. No device data is stored on Vercel — it only proxies requests.
  • Open-Meteo (Weather Widget): Provides weather data for the weather widget. Only latitude/longitude coordinates are sent — no device or user identifiers.
  • CoinGecko (Crypto Widget): Provides cryptocurrency price data. Only coin identifiers are sent — no device or user data.
  • Exchange Rate APIs (Currency Widget): Provides currency exchange rates. Only currency codes are sent — no device or user data.
  • Email (SMTP): Account notifications (moderation results, license updates, invitations) are sent via SMTP. Only administrator email addresses are processed. No email data is shared with third-party email marketing platforms.
  • Anthropic (AI Provider): Processes content generation prompts when AI assistant is enabled. Only administrator-provided text prompts are sent — no device or viewer data. See anthropic.com/privacy.
  • Google Gemini (AI Provider): Alternative AI provider for content generation. Same data handling as Anthropic. See ai.google/privacy.
  • Aladhan API (Prayer Times Widget): Provides Islamic prayer time calculations. Only city name and country code are sent — no device identifiers.

We do not sell, rent, or trade your data with any third party. Data shared with the services above is limited to what is strictly necessary for platform functionality.

Data Security

  • All data is transmitted over encrypted HTTPS/TLS connections.
  • Data is stored in secure, SOC 2 Type II compliant cloud infrastructure (Supabase/AWS).
  • Row Level Security (RLS) ensures tenant data isolation — each organization can only access its own data.
  • API endpoints are protected with authentication, rate limiting, and tenant-scoped access controls.
  • Media files are stored in private storage buckets with signed URLs for secure access.
  • Administrator passwords are hashed and never stored in plain text.
  • Windows application stores license tokens encrypted with DPAPI (Windows Data Protection API), bound to the local machine.
  • Windows application communicates exclusively over WSS (WebSocket Secure) and HTTPS — no unencrypted connections.
  • Attention analytics camera processing runs entirely on-device — no images or video data leaves the device.
  • AI API keys are stored server-side in encrypted database fields and never transmitted to client devices.
  • Custom widget HTML bundles run in sandboxed WebViews with Content Security Policy (CSP) restrictions.

Data Retention

We retain collected data for as long as your account and devices are active on our platform. When a screen device is removed or a tenant account is closed:

  • Device data, health metrics, and error logs are deleted upon screen removal.
  • Playback logs are retained for up to 90 days for audit purposes, then automatically purged.
  • Screenshots are deleted when the associated screen is removed.
  • Media files are deleted when removed by the administrator or when the tenant account is closed.
  • Account data (email, name) is retained for 30 days after account closure, then permanently deleted.
  • Attention analytics data is retained for 90 days, then automatically purged.
  • Content analytics aggregations are retained for the duration of the tenant account.
  • Trigger execution logs are retained for 30 days, then automatically purged.

Data Deletion

You have the right to request deletion of your data at any time. We provide the following data deletion options:

  • Self-Service (Dashboard): Administrators can delete individual screens, media files, playlists, and schedules directly from the dashboard at any time. All self-service deletions are processed immediately — data is permanently removed as soon as the delete action is confirmed. Deleting a screen removes all associated data (commands, logs, screenshots).
  • Full Account Deletion: To request complete deletion of your tenant account and all associated data, email info@allyncai.com with the subject line "Data Deletion Request".
  • Response Time: We will acknowledge your deletion request within 3 business days and complete the deletion within 30 calendar days.
  • What Gets Deleted: All device data, health metrics, playback logs, error logs, screenshots, media files, playlists, schedules, layouts, and account information. Anonymized aggregate statistics may be retained.

Personal Data

Allync Digital Signage is a B2B platform designed for managing commercial display screens. The data collected from screen devices does not include personal information of end viewers. No GPS location, microphone data, or biometric information is collected. When Attention Analytics is enabled, the camera performs on-device face detection solely to count viewers. No facial features, images, or biometric data are stored, transmitted, or used for identification. This anonymous count data cannot be linked to any individual. Administrator accounts are protected with email-based authentication and session management. We collect administrator email addresses solely for authentication and platform notifications.

International Data Transfer

Your data may be transferred to and processed in countries other than your country of residence. Our infrastructure is hosted on Supabase (AWS) with servers in the EU and US regions. When data is transferred internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required. All transfers comply with applicable data protection laws, including GDPR requirements for data transfers outside the European Economic Area (EEA).

Your Rights (GDPR / CCPA)

Depending on your location, you may have the following rights regarding your data:

  • Right to Access: Request a copy of the data we hold about you and your devices.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure: Request deletion of your data (see Data Deletion section above).
  • Right to Data Portability: Request your data in a machine-readable format (JSON/CSV).
  • Right to Object: Object to the processing of your data for specific purposes.
  • Right to Restrict Processing: Request temporary restriction of data processing while a dispute is resolved.
  • California Residents (CCPA): You have the right to know what data we collect, request deletion, and opt out of data selling (we do not sell any data).

To exercise any of these rights, email info@allyncai.com or call +90 536 247 7824 (Turkey) / +974 5107 9565 (Worldwide). We will respond within 30 calendar days.

Changes to This Policy

We may update this privacy policy from time to time. When we make significant changes, we will notify registered administrators via email and update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our platform after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this privacy policy, our data practices, or wish to exercise your data rights, please contact us:

Allync AI

© 2026 Allync AI. All rights reserved.