1. Introduction

SWYPE ("we," "us," or "our") operates SWYPE SWAP and SWYPE ME (collectively, the "Services"). This Privacy Policy describes our practices regarding the collection, use, disclosure, and protection of personal information.

We comply with applicable data protection laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy regulations.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, username, password, and phone number
• Identity Verification: Government-issued ID, proof of address, date of birth, and biometric data (for KYC/AML compliance)
• Financial Information: Cryptocurrency wallet addresses, transaction history, and payment information
• Business Information: Company name, business address, tax identification numbers (for merchant accounts)
• Communications: Support tickets, chat messages, survey responses, and feedback

2.2 Automatically Collected Information

• Device Information: IP address, device type, browser type, operating system, and unique device identifiers
• Usage Data: Pages visited, features used, time spent, click patterns, and interaction data
• Transaction Data: Cryptocurrency addresses, transaction amounts, timestamps, and blockchain data
• Cookies and Tracking: Session cookies, preference cookies, analytics cookies, and similar technologies
• Location Data: General geographic location derived from IP address

2.3 Information from Third Parties

• Identity verification providers (for KYC compliance)
• Blockchain networks and cryptocurrency exchanges
• Analytics and advertising partners
• Fraud prevention and security services
• Public databases and credit bureaus (where legally permitted)

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision

• Creating and managing user accounts
• Processing cryptocurrency transactions and swaps
• Facilitating payment processing for merchants
• Providing customer support and responding to inquiries
• Managing e-commerce integrations and analytics

3.2 Compliance and Security

• Verifying identity and complying with KYC/AML regulations
• Preventing fraud, money laundering, and illegal activities
• Detecting and preventing security threats
• Enforcing our Terms of Service
• Responding to legal requests and regulatory requirements

3.3 Service Improvement

• Analyzing usage patterns to improve functionality
• Developing new features and services
• Conducting research and analytics
• Personalizing user experience
• Testing and troubleshooting

3.4 Communication

• Sending transaction confirmations and receipts
• Providing service updates and notifications
• Sending marketing communications (with consent)
• Conducting surveys and collecting feedback

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal data based on:

• Contractual Necessity: Processing necessary to provide Services you've requested
• Legal Obligation: Compliance with KYC/AML, tax, and other legal requirements
• Legitimate Interest: Fraud prevention, security, service improvement, and marketing (where permitted)
• Consent: Marketing communications and certain data processing activities (where consent is required)

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

5.1 Service Providers

We engage third-party service providers to perform functions on our behalf, including:

• Cloud hosting and data storage providers
• Identity verification and KYC services
• Payment processors and cryptocurrency exchanges
• Analytics and monitoring services
• Customer support platforms
• Marketing and communication tools

5.2 Legal and Regulatory Requirements

• Compliance with laws, regulations, or legal processes
• Responding to government or regulatory requests
• Enforcing our Terms of Service
• Protecting our rights, property, or safety
• Investigating fraud or security issues

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity.

5.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account Information: Retained while your account is active and for 7 years after closure (for regulatory compliance)
• Transaction Records: Retained for 7 years to comply with financial regulations
• KYC/AML Data: Retained for 7 years after account closure or last transaction
• Marketing Data: Retained until you withdraw consent or request deletion
• Usage Data: Typically retained for 2 years for analytics purposes

7. Data Security

We implement comprehensive security measures to protect your information:

• Encryption: All data in transit is encrypted using TLS 1.3. Sensitive data at rest is encrypted using AES-256
• Access Controls: Strict access controls and authentication requirements for internal systems
• Infrastructure Security: Firewalls, intrusion detection systems, and DDoS protection
• Security Audits: Regular third-party security assessments and penetration testing
• Employee Training: Comprehensive security awareness training for all employees
• Incident Response: Dedicated security team and incident response procedures

While we implement industry-leading security measures, no system is completely secure. We cannot guarantee absolute security of your information.

8. Your Privacy Rights

8.1 General Rights

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Data Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Restriction: Request restriction of processing in certain circumstances

8.2 GDPR Rights (EEA Residents)

If you are located in the European Economic Area, you have additional rights including:

• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority
• Right to object to automated decision-making and profiling

8.3 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, disclose, and sell
• Request deletion of your personal information
• Opt-out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising your privacy rights

To exercise any of these rights, please contact us using the information provided in Section 14.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, provide secure services, and analyze site usage. When you first visit our site, we will ask for your consent to use non-essential cookies.

9.1 Types of Cookies

• Essential Cookies: Required for basic site functionality, security, and authentication. These cookies do not require consent and include session management, security tokens, and load balancing.
• Analytics Cookies: Help us understand how visitors interact with our site by collecting anonymous information about page visits, traffic sources, and user behavior. These require your consent.
• Functional Cookies: Remember your preferences and settings such as language selection, cookie preferences, and UI customizations. These require your consent.
• Marketing Cookies: Used to deliver relevant content and advertisements based on your interests. These require your consent and may track you across different websites.

9.2 Specific Cookies We Use

• swype_cookie_consent: Stores your cookie preferences (Essential)
• swype_session: Maintains your authenticated session (Essential)
• supabase-auth-token: Authentication token for secure access (Essential)
• chat_conversation_id: Maintains your support chat conversation (Functional)

9.3 Your Cookie Choices

You have the right to accept or reject non-essential cookies. You can:

• Accept all cookies for full functionality
• Reject non-essential cookies (only essential cookies will be used)
• Customize your preferences to choose which types of cookies to allow
• Change your preferences at any time by clicking the cookie preferences link in our footer

9.4 Browser Cookie Management

You can also control cookies through your browser settings. Note that disabling certain cookies may limit functionality. Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block all cookies (not recommended)
• Clear cookies when closing the browser

For more information about managing cookies in your browser, visit: www.allaboutcookies.org

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we implement appropriate safeguards including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by relevant data protection authorities
• Privacy Shield certification (where applicable)
• Explicit consent for transfers

11. Children's Privacy

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

If we discover that we have collected information from a child, we will delete it promptly.

12. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

This Privacy Policy applies only to information collected by SWYPE.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on our website
• Updating the "Last Updated" date
• Sending email notification for significant changes
• Displaying a prominent notice on our Services

Your continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

SWYPE - Data Protection Officer
Website: paywithswype.com
Email: Coming soon

For GDPR-related inquiries, you may also contact our EU representative at the address above.

Response Time: We will respond to privacy requests within 30 days (or as required by applicable law).