Security & Compliance
Autonomous media buying requires guardrails. Synter provides role-based access control, approval workflows, budget caps, audit logs, rollback capabilities, brand safety filters, and PII handling to ensure responsible AI operation.
User Roles: Admin, Editor, Viewer. Admins can approve launches and set guardrails. Editors can create briefs and review agent recommendations. Viewers have read-only access to campaigns and metrics.
Platform-Level Permissions: Control who can approve changes per platform (e.g., only CMO approves LinkedIn campaigns; marketing managers approve Google Ads).
Approval Workflows: Auto-pilot mode (agent executes autonomously within guardrails) or review-required mode (human approval before launch/edit). Configurable per workspace and per-campaign.
SSO & MFA: Enterprise customers can use SAML/OIDC single sign-on and enforce multi-factor authentication for all users.
Set maximum daily and campaign-level spend. The agent will never exceed these limits, even if models recommend higher budgets. Hard caps are enforced before API calls to platforms.
Trigger alerts when spend approaches threshold (e.g., 80% of monthly budget). Synter notifies stakeholders via Slack/email but doesn't pause campaigns.
Allocate budgets by platform (e.g., $10k/mo Google Ads, $5k/mo LinkedIn). The agent respects these allocations when reallocating budgets across campaigns.
Every action taken by the AI agent (or human users) is logged with:
Audit logs are immutable and retained for 2 years. Export logs as CSV or JSON for compliance reviews.
If an agent action doesn't perform as expected (or you want to revert for any reason), click Rollback to restore the previous state.
Rollback restores:
Rollback is available for the last 10 changes per entity. Older changes require manual restoration from audit logs.
Blocked Topics: Define topics or keywords the agent must avoid (e.g., political, adult, gambling). The agent will not create ads or target audiences related to these topics.
Placement Exclusions: Block specific websites, apps, or subreddits where you don't want ads to appear. Synter applies these filters across platforms.
URL Filters: Automatically exclude placements with specific URL patterns (e.g., parked domains, low-quality sites).
Platform Policy Checks: Before launching, Synter checks ad copy and creative against platform policies (Google Ads, Meta, LinkedIn). Flagged content requires human review.
Automatic Redaction: Before sending data to frontier models, Synter redacts emails, phone numbers, credit cards, and API keys. Models receive anonymized or hashed versions.
Data Residency: Choose US or EU processing regions to comply with GDPR, CCPA, and other privacy regulations. Model inference happens in the selected region.
Warehouse-Centric: First-party conversion data stays in your warehouse (Snowflake, BigQuery, Databricks). Only minimal fields (aggregated metrics, anonymized IDs) are sent to models.
Zero Retention: By default, model providers do not retain your data for training. Synter uses zero-retention flags (e.g., OpenAI's API policies) where supported.
Configurable Logs: Choose log retention period (0, 30, or 90 days) for API request/response logs. Shorter retention minimizes data exposure.
SOC 2 Type II: In progress (expected Q1 2026). Synter follows SOC 2 controls for security, availability, and confidentiality.
GDPR Compliance: Data processing agreements (DPA) available for EU customers. Data residency options and right-to-erasure supported.
CCPA Compliance: California residents can request data deletion. Synter does not sell personal data.
Contact our team for custom data processing agreements, SSO setup, or audit access.
Contact Security Team