Privacy Policy

Swyft, Inc., a Texas corporation ("Swyft"), is committed to protecting the privacy and confidentiality of information entrusted to us by law firms and their personnel.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you visit our website or use the Swyft platform. If you do not agree with its terms, please discontinue use of the Services.

This policy does not apply to Customer Data — the firm data and case information you submit to the Swyft platform. Customer Data is governed by your MSA and our Data Processing Agreement.

We collect information in the following categories:

• Contact Information — Name, work email, phone number, firm name, job title (provided directly by you).
• Account Information — Login credentials, user preferences, notification settings.
• Usage Data — Pages visited, features used, session duration, click events (automatically collected).
• Device & Technical Data — IP address, browser type, operating system, referral URL.
• Communications — Emails, support tickets, demo request content.
• Marketing Preferences — Opt-in status and email engagement data.

We do not knowingly collect personal information from individuals under the age of 18.

• To provide and operate the Services — including authentication, platform functionality, and customer support.
• To communicate with you — responding to inquiries, sending product updates, and delivering requested resources.
• To improve the Services — analyzing usage patterns, diagnosing issues, and informing product development.
• To market our Services — sending promotional communications to those who have opted in, subject to your right to opt out at any time.
• To ensure security — monitoring for unauthorized access, abuse, or policy violations.
• To comply with legal obligations — responding to lawful requests from law enforcement or regulatory bodies.

We do not sell your personal information. We may share it in the following limited circumstances:

• Service providers. Vetted third-party vendors who help operate the Services (cloud infrastructure, analytics, email delivery). These vendors access data only as needed and are contractually bound to protect it.
• Business transfers. If Swyft is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
• Legal compliance. We may disclose information if required by law, subpoena, or if we believe in good faith that disclosure is necessary to protect rights or safety.
• With your consent. We may share your information for other purposes with your explicit consent.

"Customer Data" refers to case management records, financial data, intake information, and other firm-operational information that customers submit to the Swyft platform. You remain the data controller; Swyft processes it only as a data processor acting on your instructions.

Swyft implements strict isolation controls: each firm's Customer Data is stored in a dedicated, walled environment. No Customer Data is shared across customers, used to train general-purpose AI models, or disclosed to third parties except as directed by the customer or required by law.

The full terms governing Customer Data are set out in your Data Processing Agreement and Security Addendum. Those documents govern in the event of any conflict with this Privacy Policy.

We retain personal information for as long as necessary to fulfill the purposes described in this policy, unless a longer period is required by law. Criteria include the duration of our relationship with you, the nature of the data, and applicable legal obligations.

Upon termination, Swyft makes Customer Data available for export for 30 days, after which it is securely deleted. We will confirm deletion upon written request.

You may request deletion of your personal contact and account information at any time by contacting us at legal@swyft.co. We will respond within 30 days.

Swyft implements industry-standard administrative, technical, and physical safeguards to protect personal information. Our security program includes:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Role-based access controls with least-privilege principles and multi-factor authentication
• Annual third-party security assessments and SOC 2 Type II audits
• Vulnerability disclosure program and incident response procedures

No method of transmission over the internet is 100% secure. If you believe your interaction with us is no longer secure, contact us immediately at legal@swyft.co.

Depending on your jurisdiction, you may have the right to: access your personal information; correct inaccurate information; request deletion; receive data in a portable format; object to processing for direct marketing; or restrict processing in certain circumstances.

To opt out of marketing communications, click the unsubscribe link in any email or contact us directly. To exercise any other rights, contact us at legal@swyft.co. We will respond within 30 days and may need to verify your identity before processing your request.

We use cookies and similar tracking technologies to operate our website and platform. We use three categories of cookies:

• Essential cookies — required for the platform to function (authentication, session management). These cannot be disabled.
• Analytics cookies — help us understand how visitors use the site. We use privacy-focused analytics that do not share data with third-party ad networks.
• Preference cookies — remember your settings and customizations across sessions.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Services.

Swyft is headquartered in the United States. If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the U.S., where data protection laws may differ from those in your country.

Where required, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure Personal Data transferred from the EEA, UK, or Switzerland to the U.S. is adequately protected. Our Data Transfer Addendum contains the applicable transfer mechanisms for enterprise customers.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice on our website at least 30 days before the changes take effect.

Your continued use of the Services after the effective date constitutes your acceptance of the updated policy. Previous versions of this policy are available via the sidebar on this page.

• Email: legal@swyft.co
• Mail: Swyft, Inc., Attn: Privacy, 300 Witherspoon St, Suite 201, Princeton, NJ 08542
• Phone: +1 609 200 5620

We aim to respond to all privacy inquiries within 30 days of receipt.