Privacy Policy
Last updated — March 8, 2026
1. Information We Collect
When you create an account, we collect your email address, username, and a securely hashed password. We do not store plaintext passwords.
When you use the API, we collect request metadata including IP addresses, timestamps, and user-agent strings for rate limiting, abuse prevention, and analytics.
2. How We Use Your Information
- Provide and maintain the SwiftAuth service
- Authenticate your identity and manage sessions
- Enforce rate limits and prevent abuse
- Send transactional emails (verification, password resets)
- Generate anonymous, aggregate usage statistics
3. Data Storage & Security
All data is encrypted in transit via TLS. Passwords are hashed using bcrypt. API secrets are generated using cryptographically secure random sources. We retain access logs for up to 90 days.
4. Third-Party Services
We use Cloudflare for DDoS protection and CDN services. If you use paid plans, payment processing is handled by Stripe. We do not sell, rent, or share your personal information with third parties for marketing purposes.
5. Your Rights
You may request a copy of your data, correct inaccurate information, or delete your account at any time from your dashboard settings. Account deletion permanently removes all associated data including applications, users, and licenses.
6. Cookies
We use essential cookies for session management and authentication. We do not use third-party tracking cookies or advertising cookies.
7. Changes to This Policy
We may update this policy from time to time. Significant changes will be communicated via email or a notice on the dashboard. Continued use of the service after changes constitutes acceptance of the updated policy.
8. Contact
If you have questions about this policy, contact us at [email protected].