Privacy Policy

1. Introduction & Data Controller

SwiftIn ("we," "our," or "us") operates the SwiftIn browser extension and the website located at swiftin.dev (collectively, the "Service"). This Privacy Policy describes how we collect, use, store, and share information when you use our Service. By using SwiftIn you agree to the practices described in this policy.

The data controller responsible for data processing pursuant to the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

"Personal data" means any information relating to an identified or identifiable natural person, as defined in Art. 4(1) GDPR.

2. Information We Collect

2.1 Account Information

When you create or use an account we store, in our users table:

• •Email address (required for login and transactional email)
• •Display name (optional)
• •Translation style preference
• •Two server-history toggles (off by default), separately covering input translations and text-selection translations
• •Marketing consent flag (off by default; opt-in only)
• •Terms acceptance metadata: timestamp, version, IP address, and User-Agent at the moment you accepted the Terms / Privacy / payment Terms — kept as a GDPR Article 7 audit trail
• •Activity timestamps: account-created, last-updated, last-active

Passwords are managed by our authentication provider (Supabase Auth) using industry-standard hashing; we never see, store, or log plain-text passwords. Optional two-factor authentication (TOTP) is available in your account settings.

A separate immutable consent log records each consent event (event type, ToS version, IP, User-Agent, timestamp) so we can demonstrate prior consent under GDPR Article 7; the user link is nullable to support anonymisation on account deletion.

2.2 Translation Data

Default behaviour: local only. Your translation history is kept in the browser extension on your device. It is never transmitted to our servers automatically. The Free plan has no server-side history at all — by design.

Optional: server-side history for cross-device sync. If you are on a Pro or Team plan and you want your history available across browsers and devices, you can explicitly turn on server-side history. The opt-in is off by default and can be turned off at any time. When enabled, the translation_history table stores: original text, translated text, source and target languages, translation style and intensity, AI token counts (prompt + completion), the source surface (input / selection / page / context-menu / etc.), the AI provider model used, and the timestamp. On Pro, each user controls the main toggle in Settings, with a separate toggle to also save text-selection translations; on Team, only the team owner controls a single opt-in covering all team translations.

What happens when you turn the toggle off. Disabling the toggle stops new translations from being saved to the server. Existing server-side entries are not auto-deleted at toggle-off — they remain until either (a) they expire under your plan's retention window (90 days Pro, 180 days Team) and are removed by the daily cleanup job, or (b) you manually clear them from the dashboard's history view, or (c) you delete your account, which hard-deletes all of your translation history.

2.3 Usage Data

We bill per AI token — the raw unit our AI providers report for each request — and track AI tokens consumed per billing period to enforce plan usage limits. A token is the unit the AI provider charges us for, roughly 1 token per character for most languages with some variation by language and provider. We also log the number of translation requests for rate-limiting and abuse-prevention purposes. We do not read or analyze the content of your translations for advertising, profiling, or any purpose other than providing the translation.

2.4 Payment Information

Payments are processed by third-party providers: Paddle (card payments) and NOWPayments (cryptocurrency payments). We do not directly store your full payment card numbers. Our payment providers handle all sensitive financial data in accordance with their own privacy policies and PCI DSS requirements. We store only the transaction identifiers and subscription status necessary to manage your account.

2.5 Extension Settings & Local Storage

Your extension preferences (target language, translation style, excluded sites, hotkeys, UI theme, per-component target languages, snooze/disable states) and the offline translation cache (IndexedDB, automatically evicted after 30 days) are stored locally in your browser. This data lives on your device, is not transmitted to our servers or any third party, and can be cleared at any time by clearing your browser's site data, uninstalling the extension, or (when available) using the "Clear translation cache" control in the extension settings.

2.6 AI-Generated Content & Engine Selection

When you use the translation or text-to-speech features, your source text is sent to one of our named third-party AI or machine-translation providers for processing. This applies to all translation sources — selected text, input fields, page content, and chat messages from supported platforms. These providers process your text in real time to generate translations or audio. We currently route requests as follows:

• •AI providers (paid quota — Free AI tokens, Pro, Team): the request is routed to one of our contracted AI providers for inference. The specific provider is selected based on the engine picked in the extension. Several of these providers are reached through OpenRouter, an inference router that forwards the request to the underlying hoster. The canonical, always-up-to-date list of providers, model identifiers, routing path, and country of processing is at swiftin.dev/sub-processors.
• •Free engines (Free plan default + Lite-mode fallback): a public translation endpoint (currently Google Translate or Microsoft Bing Translator). Free-engine requests are always sent directly from your browser to the provider — your IP address is exposed to the provider and SwiftIn's servers do not see, log, or relay the request. This applies to every free-engine path: the Free plan's default engine, the Lite-mode fallback when a paid user's AI quota is depleted within a billing period, and any in-extension cascade after a backend error.
• •Text-to-speech: routed to our contracted TTS provider (currently Google AI).
• •Bring-Your-Own-Key (BYOK): if you configure your own AI provider API key in the extension settings, translation requests made with that key are sent directly from your browser to the provider you chose. SwiftIn's servers do not see, log, or process the content of those requests, and we do not bill AI-token quota for them. (Text-to-speech is currently backend-only and not covered by BYOK.) The API key itself is stored in the browser extension's device-local storage area (chrome.storage.local, key swiftin_engine_keys) — local storage is never replicated through Chrome Sync or Firefox Sync, is never transmitted to SwiftIn, and can be removed via the extension settings or by uninstalling the extension.

Lite-mode fallback. If your AI quota is depleted within a billing period, the extension automatically switches to a free public translation endpoint (Google Translate or Microsoft Bing) so the service keeps working. We label this clearly in the extension UI as "Lite mode". Lite-mode requests are sent directly from your browser to the chosen provider — SwiftIn's backend is not in the request path. Text submitted in this mode is processed under the free provider's public terms rather than under our paid-tier provider arrangements.

These providers process your text in real time to generate translations or audio. Per each provider's published API terms, they do not retain your content beyond what is needed to fulfil the request; we have not negotiated bespoke commitments with them, so actual behaviour depends on each provider's own policy (see Section 4). SwiftIn does not control the behaviour, output quality, content-safety filters, or accuracy of third-party AI or machine-translation models. AI-generated translations and audio are provided "as is" — see our Terms of Service for full disclaimers regarding AI output.

2.7 What We Do NOT Collect

We explicitly do not collect:

• ✕Passwords in plain text — all passwords are stored as one-way hashes by our authentication provider
• ✕Location data, GPS coordinates, or geolocation
• ✕Contacts, photos, files, or any data from other apps on your device
• ✕Browsing history or behaviour across other websites (the extension only processes the specific text you intentionally submit for translation)

We collect only the minimum information necessary to provide and operate the Service.

3. How We Use Your Information

• •Providing the Service: processing translations, generating text-to-speech audio, authenticating your account, and managing your subscription.
• •Usage Enforcement: tracking AI token usage to apply plan limits and prevent abuse.
• •Service Improvement: aggregated, anonymous metrics (e.g., total translations per day, popular language pairs) to improve performance and reliability.
• •Communication: sending transactional emails related to your account (e.g., password resets, billing receipts).
• •Marketing (opt-in only): if you explicitly consent, we may send promotional emails about product updates, tips, and offers. You can withdraw marketing consent at any time via Dashboard → Settings → Privacy & Cookies or by clicking "Unsubscribe" in any marketing email.

4. Third-Party Services

To deliver the Service we share limited data with third-party providers. The current list — including each provider's purpose, the data we share with them, and the country in which it is processed — is published at swiftin.dev/sub-processors. That page is the canonical source and is updated independently of this Privacy Policy.

Two behaviours from the sub-processor list are worth surfacing here, given their sensitivity:

• •Session Replay (Sentry) is enabled on the web dashboard at a 10% session sample rate and 100% on errors. Text content is masked (maskAllText: true), media is blocked, Supabase auth URLs are excluded from network capture, and request/response headers are not captured by the replay SDK. (Note: separately, our backend error-tracking SDK may capture request bodies with sensitive fields stripped — see /sub-processors for the full Sentry configuration.) Replays are retained for 90 days then automatically deleted by Sentry.
• •Free-engine translations (Google Translate, Microsoft Bing) are issued directly from your browser to the provider — SwiftIn's servers do not see, log, or proxy these requests. Your IP is exposed to the provider on every free-engine path, including Lite-mode fallback.

Each provider processes data in accordance with its own privacy policy; we encourage you to review them independently. We notify Team plan customers by email at least 30 days before adding or replacing a sub-processor, giving them a reasonable opportunity to object (see our Data Processing Agreement §5).

AI output and content-safety filters: AI providers may apply built-in content-safety filters that alter, soften, omit, or refuse to process certain types of content (profanity, sensitive material, hate speech, etc.). We do not control these filters and cannot guarantee the accuracy, completeness, or fidelity of any AI-generated translation or text-to-speech output. You are solely responsible for verifying the suitability of any output before use. See our Terms of Service Section 10 for full disclaimer details.

Limited Use of Google API data. The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

5. Lawful Basis for Processing

We process your personal data under the following legal bases as defined by the GDPR:

Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

6. Data Storage & Security

Your account data and any opted-in server-side translation history are stored on Supabase-hosted infrastructure with encryption at rest and in transit (TLS 1.2+). Passwords are managed by Supabase Auth using industry-standard hashing (bcrypt) — we never see, store, or log plain-text passwords. Authentication tokens (JWT) are short-lived; refresh tokens are rotated on every use and revoked on logout, password reset, and account deletion. Optional two-factor authentication (TOTP) is available in your account settings.

Database access is protected by row-level security (RLS) policies; service-role keys are stored only on our backend and are never exposed to the browser, the extension, or any third party. All API endpoints are rate-limited and protected by automated abuse-detection middleware.

While we take commercially reasonable measures to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Cross-border Data Transfers

The bulk of user data — account information, opted-in translation history, and backend application data — is hosted in the European Union: Supabase (Paris, France), Railway (Eemshaven, Netherlands), and Resend (Ireland). Sentry error events are stored in Germany (Frankfurt). The United Kingdom adequacy decision applies to Paddle (card payments).

Some sub-processors are located outside the EEA. Most AI inference partners (Google AI, OpenAI, Anthropic, xAI, Meta, OpenRouter and its downstream inference hosters) operate from the United States; PostHog is also US-based. DeepSeek inference is called directly from our backend to DeepSeek's API in China. NOWPayments operates from the Netherlands and Seychelles; Cloudflare and Vercel operate on global edge networks. Free-engine translation requests (Google Translate, Microsoft Bing) are issued directly from your browser to the provider and do not pass through our servers. The per-provider current routing is documented on the Sub-processors page.

Where personal data of EU/EEA, UK, or Swiss residents is transferred to a country without an adequacy decision, transfers are covered by Standard Contractual Clauses (SCCs adopted by the European Commission, Decision 2021/914) or, where the recipient has self-certified, by the EU-US Data Privacy Framework. The current per-provider transfer basis is documented on our Sub-processors page; you may also request a summary by contacting legal@swiftin.dev.

8. Data Retention

• •Account data is retained for as long as your account is active. If you delete your account, we will remove your personal data within 30 days.
• •Inactive accounts: Free plan accounts with no activity for 12 months may be automatically deleted. You will not receive prior notice; to prevent deletion, simply use the Service at least once within any 12-month period.
• •Translation history (server-side) retention depends on your plan:

• •Usage data (AI token counts) is retained for the current billing period and one prior period for billing accuracy.
• •Local extension data (settings, local history, IndexedDB translation cache) is controlled entirely by you and can be cleared at any time through the extension settings, by clearing your browser's site data, or by uninstalling the extension. The extension stores up to 5,000 translation entries in its local history; older entries are automatically removed, with favorited translations protected from deletion. The IndexedDB translation cache evicts entries older than 30 days automatically.
• •Team data: When a Team plan is deactivated (cancelled, expired, or downgraded), all team-related records — including member associations, team usage statistics, pending invitations, and team translation history — are permanently deleted 30 days after deactivation.
• •Automated enforcement. Server-side translation history retention (90/180 days) is enforced by a database cleanup job that runs every day at 04:00 UTC and removes any entries older than your plan's retention window. Anonymised payment records and consent records (see below) are purged by separate weekly cleanup jobs after their respective retention windows expire. All cleanup is automatic — you do not need to request deletion for retention to take effect.
• •Consent audit trail. When you accept these documents, we record the version, your IP address, and your User-Agent in our consent log to demonstrate compliance under GDPR Article 7. These records remain linked to your account while it exists. On account deletion the link to your account is removed (the row is anonymised), and the anonymised row is permanently deleted by an automated cleanup job 3 years after anonymisation. Three years is a typical statute-of-limitations window for consent-related disputes under EU consumer law.
• •Billing records (transaction amount, currency, status, payment provider, provider transaction id, plan reference) remain linked to your account while it exists. On account deletion the link to your account is removed (the row is anonymised — what survives is just the financial metadata, no email or user identifier). The anonymised row is permanently deleted by an automated cleanup job 7 years after anonymisation. Seven years matches typical tax record-keeping requirements (EU general 6-10 years, US federal tax 7 years, etc.).

9. Your Rights

Under the GDPR and similar data protection laws, you have the following rights regarding your personal data:

• •Right of access (Art. 15 GDPR) — request confirmation of whether we process your data and obtain a copy.
• •Right to rectification (Art. 16 GDPR) — request correction of inaccurate or incomplete personal data.
• •Right to erasure (Art. 17 GDPR) — request deletion of your personal data. You can request account deletion at any time by contacting support@swiftin.dev.
• •Right to restriction of processing (Art. 18 GDPR) — request that we limit the processing of your data in certain circumstances.
• •Right to data portability (Art. 20 GDPR) — request an export of your data in a structured, machine-readable format.
• •Right to withdraw consent (Art. 7(3) GDPR) — where processing is based on your consent (e.g., analytics cookies, marketing emails, server-side history), you may withdraw consent at any time without affecting the lawfulness of prior processing.
• •Right to object (Art. 21 GDPR) — you may object to processing based on legitimate interest. If we process your data for direct marketing, you have an unconditional right to object.
• •Right to lodge a complaint — you have the right to lodge a complaint with a supervisory data protection authority in your country of residence.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• •Right to know — you may request that we disclose the categories and specific pieces of personal information we have collected, the categories of sources, the business purpose for collecting, and the categories of third parties with whom we share it.
• •Right to delete — you may request deletion of your personal information, subject to certain exceptions (e.g., completing a transaction, security, legal obligations).
• •Right to correct — you may request correction of inaccurate personal information.
• •Right to opt-out of sale/sharing — SwiftIn does not sell or share your personal information for cross-context behavioral advertising. No opt-out is necessary.
• •Right to non-discrimination — we will not discriminate against you for exercising any of your privacy rights.

To exercise any of these rights (GDPR or CCPA), please contact us at legal@swiftin.dev. We will respond within 30 days (GDPR) or 45 days (CCPA). For data portability requests, we maintain a backend endpoint that produces a structured JSON export of your account data (profile, subscription, consent history, payments, team memberships, translation history, usage history, and add-on purchases); request the export through the same email and we will deliver the file to your registered address.

Right to Lodge a Complaint

If you believe our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with a supervisory authority — in particular in the EU/EEA Member State of your habitual residence, place of work, or place of the alleged infringement. EU/EEA users can find their national authority at edpb.europa.eu/about-edpb/members. UK users may complain to the Information Commissioner's Office (ICO). We always prefer to resolve concerns directly first, so please consider contacting legal@swiftin.dev before escalating.

Automated Decision-Making (GDPR Art. 22)

We do not subject you to decisions based solely on automated processing — including profiling — that produce legal effects concerning you or similarly significantly affect you. Translation routing, plan-quota enforcement, abuse detection, and rate limiting are operational systems that govern access to the Service; they do not produce legal effects within the meaning of Article 22.

10. Cookies & Tracking

The SwiftIn website uses essential cookies required for authentication and session management. These cookies are strictly necessary and do not require consent.

We also use local browser storage (localStorage) to store authentication tokens and user preferences. On the website this data remains on your device and is not transmitted to third parties; most keys are cleared when you log out, while a small handoff token may persist so that the browser extension can detect your authenticated state on next launch. The browser extension also uses localStorage to persist per-component settings such as independently chosen target languages and temporary disable/snooze states; this data stays on your device and is never sent to our servers.

We also use optional analytics cookies (via PostHog) to understand how the Service is used and to improve the user experience. Analytics cookies are only activated after you give explicit consent through the cookie banner shown on your first visit.

You can withdraw your analytics cookie consent at any time from Dashboard → Settings → Privacy & Cookies. The browser extension stores authentication tokens locally on your device and does not set or read website cookies.

11. Data Breach Notification

In the unlikely event of a personal data breach, we are committed to acting swiftly and transparently:

• •Within 72 hours of becoming aware of a breach, we will notify the relevant supervisory authority as required by GDPR.
• •Affected users will be notified without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
• •Notifications will include a description of the breach, the data affected, likely consequences, and the measures we are taking to address it.
• •We will provide a dedicated point of contact to answer any questions related to the breach.

If you believe you have identified a security vulnerability, please contact us immediately at legal@swiftin.dev.

12. Children's Privacy

SwiftIn is not directed to children under the age of digital consent in their jurisdiction — generally 16 years old in the European Economic Area and the United Kingdom (per GDPR Article 8 and applicable Member State derogations down to 13), and 13 years old in the United States (per COPPA) and most other jurisdictions.

By creating an account, you confirm that you meet the minimum age of digital consent in your jurisdiction. We do not require document-based age verification. We do not knowingly collect personal data from children below the applicable threshold. If you believe a child has provided us with personal data, please contact legal@swiftin.dev and we will delete it within 30 days of receiving a credible report.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through the Service. Your continued use of SwiftIn after changes become effective constitutes acceptance of the revised policy.