Frequently asked questions
Where are Synology C2 data centers located?
Synology C2 currently operates data centers in the US and Germany. When you sign up for a C2 plan, you will be asked to select a data center location. All data on Synology C2 servers is maintained solely in the location and data center where it was initially uploaded.
What payment methods are available for a Synology C2 subscription?
Synology C2 accepts payments via Visa, MasterCard, and American Express credit cards. SEPA Direct Debit payment is also available in select regions.
How do I cancel my subscription?
Synology C2 subscriptions will be automatically renewed at the end of each subscription period. To stop auto renewal, please cancel your plan by going to the Subscription tab in Synology C2 portal before the end of the subscription month.
How do I fully terminate my subscription?
Please first cancel auto renewal by going to the Subscription tab in the corresponding C2 service portal. There, you can also terminate your C2 service, effective immediately. Any data that you have uploaded will be removed upon termination of the service.
Why did I get charged a data storage fee?
After you cancel your plan and your subscription ends, you can resubscribe via the corresponding C2 service portal with a grace period of up to 21 days. Upon the renewal of your subscription, you will be charged the full subscription fee and a data storage fee for the storage of your data during the grace period.
Can I get a refund if I cancel or terminate my subscription?
No, it is not possible to get a refund after the cancellation or termination of your subscription.
How is my data protected against unauthorized access?
Data in Synology C2 data centers can only be accessed by the Synology Account that initially uploaded them. Your Synology NAS communicates with C2 over a securely encrypted SSL connection.
Synology C2 server protects all data from data breaches with encryption-at-rest and the data are rendered unreadable before they are stored on any drive.
Additionally, it is highly recommended that users enable client-side encryption in Hyper Backup, for the data to be unreadable using the advanced AES-256 encryption standard before transmission to Synology C2.
You may enable 2-factor authentication for an extra degree of security. Enabling 2-factor authentication guarantees that your data can only be accessed with a code generated by a mobile authenticator app.
What is C2 Encryption Key?
C2 Encryption Key is the key used to encrypt and decrypt users' data on Synology Account. The C2 Encryption Key you create is not stored in any way by Synology C2, and only the individual who knows the C2 Encryption Key has access to the encrypted data on Synology Account, not even Synology. Please never lose your C2 Encryption Key. If lost, Synology would be unable to retrieve the lost key and data.
C2 Encryption key is used for all C2 Services except C2 Storage, which has a separate encryption mechanism.
Is my data in C2 data centers protected against physical security threats?
Synology data centers have passed rigorous inspections for strict security procedures and physical safety measures to meet Synology's high standards set for incident response and access restrictions.
Synology monitors employee access to its storage locations. All data on Synology C2 server is protected against data breaches or physical theft with encryption-at-rest.
How does Synology C2 protect against data loss and corruption?
Synology C2 uses highly available and redundant infrastructure designed to eliminate single points of failure and ensure uninterrupted power supply year-round. Meanwhile, we protect against hardware failure by applying erasure coding to all data stored on our servers.
Similar to a RAID setup, our erasure coding stripes data into many pieces, with a redundancy of three pieces (meaning three servers can crash and your data will still be available). However, with erasure coding, users do not need to wait for recovery (which is instant). Erasure coding also helps detect and repair corrupted data.
Does Synology C2 offer a data processing agreement (DPA)?
Yes, Synology C2 offers a GDPR-compliant DPA that allows users to comply with contractual obligations as set out in the EU General Data Protection Regulation. The Synology C2 GDPR DPA is incorporated into the Synology C2 Terms & Conditions and applies automatically to all customers worldwide who require GDPR compliance.
What third-party compliance requirements does Synology C2 meet?
Synology C2's German colocation data center facilities are certified up to the ISO 27001 standard, one of the strictest available security frameworks for information technology.
Synology C2's US colocation data center facilities have achieved comprehensive SOC 2 Type II certification, confirming it has strict procedures in place to keep user data secure.
Synology handles your payment details in compliance with PCI DSS by processing and storing your billing information with a PCI Level 1 Service Provider.
Does Synology C2 support user compliance with HIPAA?
The US Department of Health and Human Services (HHS) does not officially issue or recognize any form of HIPAA compliance certification. Complying with HIPAA is, therefore, a shared responsibility between the user and Synology C2.
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 introduced regulatory standards for the lawful use and disclosure of protected health information (PHI). The legislation demands any company that is working on PHI, comply with the Security Rule and the Privacy Rule set by HHS.
Synology C2 allows users to comply with HIPAA standards. Synology C2 services are built under the supervision of our Product Security Incident Response Team (PSIRT) engineers.
All PHI transferred to and stored on Synology C2 is protected by encryption-at-rest. For Synology C2 Storage users, please enable client-side encryption to make PHI data unreadable using advanced AES-256 and RSA-2048 encryption before uploading to Synology C2.
It is each user's responsibility to enable client-side encryption before uploading PHI to Synology C2.
For more information on our data protection technologies, refer to this white paper.
Synology will never access data stored on Synology C2, including PHI unless required by the user or by law. Users have complete control over PHI on Synology C2. Only users can amend, use, and keep their own PHI data on Synology C2.
For more information on our approach to privacy, refer to our Privacy Statement.
Need more help?
Learn more about C2 services in Knowledge Center or visit Synology Community to discuss products and solutions with other C2 users.