1. Introduction
SwiftPay Inc. ("SwiftPay," "we," "us," or "our") operates swiftpay.com and related services that enable card-to-card money transfers. We are committed to protecting your privacy and the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.
This policy applies to all visitors and users of our Service, including those who initiate transfers, receive funds, or interact with our website in any capacity. By using SwiftPay, you consent to the practices described in this policy. If you do not agree with our practices, please do not use our Service.
2. Information We Collect
We collect information necessary to provide, secure, and improve our card-to-card transfer service. The categories of information we collect include:
Personal Information
When you use our Service, we may collect personally identifiable information such as your name, email address, phone number, billing address, and government-issued identification when required for verification or compliance purposes.
Card Data
To process transfers, we collect payment card information including card numbers (or tokenized references), cardholder names, expiration dates, and security codes (CVV/CVC). We never store full card numbers on our systems; all sensitive card data is handled through PCI DSS-compliant tokenization. For more details, see Section 4.
Device and Technical Data
We automatically collect certain technical information when you access our Service, including:
- IP address and approximate geographic location
- Browser type, version, and language settings
- Device type, operating system, and screen resolution
- Referring URLs and pages visited
Usage and Transaction Data
We collect information about how you use our Service, including transaction amounts, transfer dates and times, transaction status, fee amounts, and patterns of use. This data helps us process transactions, prevent fraud, and improve our platform.
3. How We Use Your Information
We use the information we collect for the following purposes:
Processing Transfers
Your information is used to initiate, complete, and settle card-to-card transfers. This includes communicating with payment processors, card networks, and financial institutions to facilitate the movement of funds.
Security and Fraud Prevention
We use your information to detect, prevent, and investigate fraudulent activity, unauthorized transactions, and other security threats. This includes identity verification, transaction monitoring, and compliance with anti-money laundering (AML) and know-your-customer (KYC) obligations.
Service Improvement
We analyze usage patterns to improve our Service, develop new features, optimize user experience, and troubleshoot technical issues. Aggregated or de-identified data may be used for analytics and research.
Legal and Regulatory Compliance
We use and retain your information as required to comply with applicable laws, regulations, court orders, and lawful requests from government or regulatory authorities. This includes tax reporting, sanctions screening, and financial crime prevention.
4. Card Data Security
Protecting your payment card information is our highest priority. We implement industry-leading security measures to safeguard card data:
PCI DSS Level 1 Compliance
SwiftPay maintains Payment Card Industry Data Security Standard (PCI DSS) Level 1 certification, the highest level of compliance for payment card data. Our systems undergo regular audits and assessments by independent Qualified Security Assessors (QSAs).
Encryption
All data transmitted between your browser and our servers is encrypted using TLS 1.3 (or equivalent). Card data is encrypted at rest using AES-256 encryption. We use strong cryptographic standards throughout our infrastructure.
Tokenization
We use tokenization to replace sensitive card data with non-sensitive substitutes (tokens). Full card numbers are never stored on our systems. When you enter card details, they are transmitted directly to our PCI-compliant payment processor, which returns a token for future reference. This significantly reduces the risk of card data exposure.
No Storage of Full Card Numbers
We never store complete card numbers, CVV/CVC codes, or magnetic stripe data. Only the last four digits may be retained for display purposes (e.g., "•••• 1234") to help you identify cards you have used.
5. Data Sharing and Third Parties
We share your information only when necessary and in accordance with this policy. We do not sell your personal information to third parties.
Payment Processors and Card Networks
We share transaction and card information with our payment processors, card networks (Visa, Mastercard, etc.), and issuing banks to process transfers. These entities are contractually required to protect your data and comply with applicable regulations.
Security and Fraud Prevention Providers
We work with third-party security providers that help us detect and prevent fraud, verify identities, and protect against cyber threats. These providers receive only the information necessary to perform their services and are bound by strict confidentiality obligations.
Legal Requirements
We may disclose your information when required by law, including in response to subpoenas, court orders, government requests, or legal process. We may also disclose information when we believe disclosure is necessary to protect our rights, your safety, or the safety of others, or to investigate potential violations of our Terms of Service.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.
6. Data Retention
We retain your information only for as long as necessary to fulfill the purposes outlined in this policy and to comply with legal obligations.
Transaction Records
Transaction and transfer records are retained for a minimum of seven (7) years to comply with financial regulations, tax requirements, and dispute resolution. These records may include transaction amounts, dates, card references (e.g., last four digits), and associated metadata.
Personal Information
Personal information is retained for the duration of your use of our Service and for a reasonable period afterward to support customer inquiries, legal compliance, and fraud prevention. If you request deletion of your data, we will fulfill that request subject to our legal retention obligations.
Retention Criteria
Retention periods are determined based on legal requirements, operational needs, dispute resolution timelines, and the nature of the data. After the retention period expires, we securely delete or anonymize your information to prevent identification.
7. Your Rights
Depending on your location, you may have certain rights regarding your personal information. We are committed to facilitating the exercise of these rights:
Access
You have the right to request access to the personal information we hold about you. We will provide a copy of your data in a structured, commonly used format, subject to verification of your identity.
Rectification
You may request correction of inaccurate or incomplete personal information. We will update our records promptly upon verification.
Deletion
You may request deletion of your personal information. We will honor such requests where feasible, except where we are required to retain data for legal, regulatory, or legitimate business purposes (such as completed transaction records).
Data Portability
Where applicable, you may request that we provide your data in a portable format that allows you to transfer it to another service provider.
Opt-Out
You may opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us. Opting out of marketing does not affect transactional communications necessary for the Service (e.g., transfer confirmations, receipts).
To exercise any of these rights, please contact us at privacy@swiftpay.com. We will respond within 30 days. If you reside in the European Economic Area (EEA) or United Kingdom, you also have the right to lodge a complaint with your local data protection supervisory authority.
8. Cookies and Tracking
We use cookies and similar tracking technologies to enhance your experience and ensure the security of our Service.
Types of Cookies We Use
- Essential Cookies: Required for the Service to function. They enable core features such as security, load balancing, and session management. These cannot be disabled.
- Functional Cookies: Remember your preferences (e.g., language, region) to personalize your experience.
- Analytics Cookies: Help us understand how visitors use our website. Data is aggregated and does not personally identify you.
Managing Cookies
Most web browsers allow you to control cookies through their settings. You can typically block or delete cookies; however, blocking essential cookies may impair the functionality of our Service and prevent you from completing transfers. For more information about managing cookies, visit your browser's help section or visit allaboutcookies.org.
9. International Data Transfers
SwiftPay operates globally, and your information may be processed in countries other than your country of residence. These countries may have different data protection laws.
When we transfer personal information from the EEA, UK, or other jurisdictions with strict data protection laws to countries that may not provide equivalent protection, we implement appropriate safeguards. These may include Standard Contractual Clauses approved by the European Commission, binding corporate rules, or other recognized transfer mechanisms.
By using our Service, you acknowledge and consent to the transfer of your information to our service providers and affiliates located in the United States and other countries as necessary to operate the Service.
10. Children's Privacy
SwiftPay is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you are under 18, please do not use our Service or provide any information to us.
If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete that information as quickly as possible. If you believe we may have collected information from a child, please contact us immediately at privacy@swiftpay.com.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or the Service. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Post the revised policy on our website
- Notify you via email or through a prominent notice on our Service when changes are significant
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised policy. If you do not agree with the updated policy, you must discontinue use of our Service.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
SwiftPay Inc.
Email: privacy@swiftpay.com
Website: swiftpay.com
For general customer support and transfer-related inquiries, please visit our Contact page or email support@swiftpay.com. We aim to respond to privacy-related inquiries within 30 days.