Sign In

Privacy Policy

Effective Date: February 24, 2026

1. Introduction

Welcome to SwiftList ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered image processing platform ("the Service").

By using SwiftList, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information

When you register for an account, we collect:

  • Email address
  • Display name
  • Account credentials (securely hashed)
  • Google OAuth profile information (if you sign in with Google)
  • Payment information (processed securely through Stripe—we do not store credit card numbers)

2.2 User-Generated Content

When you use our AI tools, we collect:

  • Images you upload for processing
  • AI-generated outputs and processed files
  • Vibes you create and publish
  • Custom AI prompts and settings

2.3 Marketplace and Creator Economy Data

When you participate in the Vibe Marketplace, we collect:

  • Vibes you publish and their associated AI prompt configurations
  • Vibe usage counts for Sparks calculations
  • Sparks balance and transaction history (earned and spent)
  • Creator attribution metadata for published Vibes

2.4 Usage and Analytics Data

We automatically collect information about your use of the Service:

  • Job processing history and workflow usage
  • Credit balance and transaction history
  • Device information (browser type, operating system, IP address)
  • Session data and usage patterns
  • Error logs and diagnostic information

3. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: To process images, generate AI outputs, and provide core platform functionality
  • Account Management: To create and manage your account, process payments, and track credits
  • Communication: To send service updates, billing notifications, and respond to support requests
  • Improvement: To analyze usage patterns, improve AI models, and develop new features
  • Creator Sparks: To track Vibe usage and calculate Sparks earned by creators in the Vibe Marketplace
  • Security: To detect fraud, prevent abuse, and ensure platform security
  • Legal Compliance: To comply with legal obligations and enforce our Terms of Service

4. AI Model Training

We do NOT use your uploaded images or processed outputs to train AI models without your explicit consent. Your content remains private unless you choose to publish Vibes to the public marketplace. Third-party AI providers (Replicate, fal.ai, Google, Anthropic) may have their own data policies—we only use providers with appropriate privacy protections for business data processing.

5. Data Sharing and Disclosure

5.1 Third-Party AI Providers

To provide AI processing services, we share your images with trusted third-party AI providers including:

  • Replicate — RMBG v1.4 (background removal)
  • fal.ai — Bria RMBG 2.0 (background removal)
  • Google — Gemini 2.5 Flash (image analysis), Imagen 3 (lifestyle scene generation)
  • Anthropic — Claude API (text generation)

These providers are committed to appropriate data privacy standards for business data processing. We select providers based on their privacy practices and data handling commitments.

5.2 Service Providers

We work with trusted service providers for:

  • Supabase: Database hosting and authentication
  • Stripe: Payment processing
  • Cloudflare: CDN, DDoS protection, and security
  • Railway.app: Worker hosting and job processing

5.3 Legal Obligations

We may disclose your information if required by law, court order, or government request, or to protect the rights, property, or safety of SwiftList, our users, or others.

6. Data Retention

  • Processed Files: Stored for 30 days, then automatically deleted
  • Account Data: Retained while your account is active and for 90 days after account deletion
  • Transaction History: Retained for 7 years for tax and legal compliance
  • Public Vibes: Remain available in the Vibe Marketplace unless you unpublish or delete them

7. Data Security

We implement industry-standard security measures including:

  • End-to-end encryption for data transmission (HTTPS/TLS)
  • Row Level Security (RLS) policies in our database
  • Encrypted storage for files and credentials
  • Regular security audits and vulnerability scanning
  • SOC 2 compliant infrastructure providers

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. Your Rights (GDPR & CCPA)

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data (subject to legal retention requirements)
  • Portability: Export your data in a machine-readable format
  • Opt-Out: Unsubscribe from marketing emails (service emails cannot be disabled)
  • Restrict Processing: Limit how we use your data in certain circumstances

To exercise these rights, contact us at [email protected].

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for authentication and security (cannot be disabled)
  • Analytics Cookies: To understand how users interact with the Service
  • Preference Cookies: To remember your settings and preferences

You can control cookies through your browser settings, but disabling essential cookies may limit functionality.

10. Children's Privacy

SwiftList is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected such information, we will delete it immediately.

11. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure adequate safeguards are in place through Standard Contractual Clauses (SCCs) and data processing agreements with all third-party providers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Effective Date" at the top indicates when the policy was last updated. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Information

For questions about this Privacy Policy or to exercise your data rights, contact us at:

Email: [email protected]