Privacy Policy
Effective Date: March 3, 2026 | Last Updated: March 3, 2026
SwiftSite.ai ("we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, share, and safeguard your information when you visit our website, engage our services, or otherwise interact with us.
Table of Contents
- Scope & Applicability
- Information We Collect
- How We Use Your Information
- Legal Bases for Processing (EEA/UK)
- AI Tools & Data Processing
- How We Share Your Information
- Cookies & Tracking Technologies
- Data Retention
- Data Security
- Your Privacy Rights
- Additional Rights for California Residents (CCPA/CPRA)
- International Data Transfers
- Children's Privacy
- Third-Party Links & Services
- Changes to This Policy
- Contact Us
1. Scope & Applicability
This Privacy Policy applies to all personal information collected by SwiftSite.ai through:
- Our website at swiftsite.ai (the "Site").
- Our professional web development, SEO, and AEO services (the "Services").
- Email, phone, video conferencing, and other communications with our team.
- Project management, invoicing, and collaboration tools used during an engagement.
This policy does not apply to websites we build for our clients. Each client is responsible for implementing their own privacy policy on their website. We encourage our clients to adopt privacy practices that comply with applicable laws and recommend doing so as part of every engagement.
2. Information We Collect
2.1 Information You Provide Directly
| Category | Examples | When Collected |
|---|---|---|
| Contact & Identity | Name, email address, phone number, business name, job title | Inquiry forms, consultations, onboarding |
| Billing & Payment | Billing address, payment method details (processed by our payment provider — we do not store full card numbers) | Invoicing, subscription setup |
| Project Content | Existing website content, branding materials, logos, images, copy, style guides, SEO data, analytics credentials | Project onboarding and execution |
| Account Credentials | Hosting login details, CMS credentials, domain registrar access, analytics credentials | Project execution (handled securely, deleted post-project) |
| Communications | Emails, messages, meeting notes, feedback, project approvals | Throughout the engagement |
2.2 Information Collected Automatically
When you visit our Site, we may automatically collect:
- Device & Browser Information: IP address, browser type and version, operating system, device type, screen resolution.
- Usage Data: Pages visited, time spent on pages, referring URL, click behavior, navigation paths.
- Location Data: General geographic location derived from your IP address (city/region level only — we do not collect precise GPS coordinates).
2.3 Information from Third Parties
We may receive information about you from:
- Analytics Providers: Aggregated website traffic and usage data.
- Payment Processors: Transaction confirmations and billing status.
- Public Sources: Publicly available business information used to better understand your industry and needs during the sales or onboarding process.
3. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Description |
|---|---|
| Service Delivery | To redesign and build your website, implement SEO/AEO strategies, and deliver the services described in your Project Agreement. |
| Communication | To respond to inquiries, send project updates, request feedback, and provide support. |
| Billing & Payments | To issue invoices, process payments, manage subscriptions, and handle refund requests. |
| AI-Assisted Development | To process project-related content through AI tools that assist our team with code generation, content drafting, design suggestions, and optimization. See Section 5 for details. |
| Site Improvement | To analyze how visitors use our Site, identify areas for improvement, and optimize the user experience. |
| Marketing | To send occasional updates about our services (only with your consent or where permitted by law). You can opt out at any time. |
| Legal & Compliance | To comply with legal obligations, enforce our Terms of Service, prevent fraud, and protect our rights and the rights of others. |
We will not use your personal information for purposes materially different from those described above without providing you with notice and, where required, obtaining your consent.
4. Legal Bases for Processing (EEA/UK)
If you are located in the European Economic Area (EEA) or the United Kingdom (UK), we rely on the following legal bases under the GDPR and UK GDPR:
| Legal Basis | Applies To |
|---|---|
| Performance of a Contract | Processing necessary to deliver our services under a Project Agreement — including project execution, communication, and billing. |
| Legitimate Interests | Improving our Site, understanding how clients find us, preventing fraud, and marketing to existing clients. We balance our interests against your rights and freedoms. |
| Consent | Sending marketing communications to prospective clients, setting non-essential cookies. You may withdraw consent at any time. |
| Legal Obligation | Retaining financial records, responding to regulatory or legal requests, tax compliance. |
5. AI Tools & Data Processing
Transparency: SwiftSite.ai uses AI tools to assist in website development, content creation, and SEO/AEO optimization. This section explains how your data interacts with those tools.
5.1 What Data May Be Processed by AI Tools
In the course of building and optimizing your website, the following types of project data may be processed through third-party AI platforms:
- Existing website content (text, headings, page structure).
- Business descriptions, product/service information, and industry context.
- SEO keywords, metadata, and structured data.
- Design briefs and style preferences.
5.2 What Data We Do NOT Share with AI Tools
We take deliberate steps to protect sensitive information. The following categories of data are not submitted to AI tools:
- Personally identifiable information (PII) such as names, email addresses, phone numbers, or physical addresses — unless the content itself inherently contains it (e.g., an "About Us" page featuring staff names), in which case we minimize exposure.
- Financial data, payment information, or billing details.
- Passwords, credentials, API keys, or access tokens.
- Confidential business data not directly related to the website project.
5.3 How We Select and Vet AI Providers
We select AI platforms based on the following criteria:
- The provider maintains a clear privacy policy and data processing terms.
- The provider does not use client input data to train its models (or provides an opt-out mechanism that we activate).
- The provider implements appropriate technical and organizational security measures.
- Where applicable, we enter into Data Processing Agreements (DPAs) with AI providers.
5.4 Your Choices
If you have concerns about specific project data being processed by AI tools, please let us know during onboarding or at any point during the engagement. We will work with you to establish acceptable boundaries, which may include excluding certain content from AI-assisted workflows or using alternative approaches where feasible.
6. How We Share Your Information
We do not sell, rent, or trade your personal information. We may share your information with the following categories of recipients, only as necessary:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Service Providers | Payment processing, email delivery, project management, cloud hosting, analytics | Contractual obligations, DPAs where required |
| AI Platform Providers | AI-assisted development, content generation, SEO optimization | Vetted per Section 5.3; no PII shared; opt-out of training where available |
| Professional Advisors | Legal, accounting, and tax compliance | Professional confidentiality obligations |
| Law Enforcement / Regulators | When required by law, regulation, court order, or governmental request | Limited to what is legally required; we will notify you where permitted |
| Business Transfers | In connection with a merger, acquisition, or sale of assets | You will be notified of any change in ownership or use of your personal information |
We require all third-party recipients to handle your data in accordance with applicable law and in a manner consistent with this Privacy Policy.
7. Cookies & Tracking Technologies
7.1 What We Use
Our Site may use the following technologies:
- Essential Cookies: Required for basic Site functionality such as page navigation and secure access. These cannot be disabled.
- Analytics Cookies: Help us understand how visitors use our Site (e.g., pages visited, time on site). We use these to improve site performance and content.
- Marketing Cookies: Used to deliver relevant content and measure the effectiveness of our marketing efforts. These are only set with your consent.
7.2 Your Cookie Choices
When you first visit our Site, you will be presented with a cookie consent banner that allows you to accept or decline non-essential cookies. You can also manage cookie preferences through your browser settings at any time. Disabling certain cookies may affect Site functionality.
7.3 Do Not Track
Our Site currently does not respond to "Do Not Track" browser signals, as there is no industry-standard protocol for compliance. However, you can manage tracking through cookie settings and browser controls as described above.
8. Data Retention
We retain your information only as long as necessary to fulfill the purposes described in this policy:
| Data Category | Retention Period |
|---|---|
| Project files & communications | 12 months after project completion, unless you request earlier deletion or longer retention |
| Account credentials (hosting, CMS, etc.) | Deleted promptly upon project completion or upon your request |
| Billing & financial records | As required by tax and accounting laws (typically 7 years) |
| Marketing contact information | Until you unsubscribe or request deletion |
| Website analytics data | Aggregated and anonymized; retained indefinitely in aggregate form |
| Cookie data | Varies by cookie type (session cookies expire on browser close; persistent cookies per provider defaults) |
When the retention period expires, we securely delete or anonymize your data. If deletion is not immediately possible (e.g., data stored in backups), we will isolate it from further processing until deletion is feasible.
9. Data Security
We implement commercially reasonable technical and organizational measures to protect your personal information, including:
- Encryption: Data in transit is protected via TLS/SSL encryption. Sensitive data at rest is encrypted where technically feasible.
- Access Controls: Access to personal information is restricted to team members who need it to perform their roles, with role-based permissions.
- Secure Credential Handling: Client credentials shared for project purposes are stored in encrypted vaults and deleted upon project completion.
- Vendor Security: We evaluate the security practices of our service providers and AI tool vendors before engagement.
- Incident Response: We maintain procedures for identifying, reporting, and responding to data breaches. In the event of a breach affecting your personal data, we will notify you as required by applicable law.
While we strive to protect your data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security, and you share information with us at your own risk.
10. Your Privacy Rights
Depending on where you are located, you may have the following rights regarding your personal information:
| Right | Description |
|---|---|
| Access | Request a copy of the personal information we hold about you. |
| Rectification | Request correction of inaccurate or incomplete personal information. |
| Erasure ("Right to Be Forgotten") | Request deletion of your personal information, subject to legal retention requirements. |
| Restriction | Request that we limit how we process your personal information in certain circumstances. |
| Data Portability | Request your personal information in a structured, commonly used, machine-readable format. |
| Objection | Object to processing based on legitimate interests or for direct marketing purposes. |
| Withdraw Consent | Where processing is based on consent, withdraw it at any time without affecting prior processing. |
| Lodge a Complaint | File a complaint with your local data protection authority if you believe your rights have been violated. |
How to Exercise Your Rights
To exercise any of these rights, contact us through our website at swiftsite.ai. We will verify your identity before processing your request and respond within the timeframes required by applicable law (generally 30 days under GDPR, 45 days under CCPA/CPRA). We will not charge a fee for legitimate requests unless they are manifestly unfounded or excessive.
11. Additional Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
11.1 Right to Know
You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.
11.2 Right to Delete
You may request that we delete the personal information we have collected about you, subject to certain exceptions (e.g., completing a transaction, legal compliance, security).
11.3 Right to Correct
You may request that we correct inaccurate personal information we hold about you.
11.4 Right to Opt-Out of Sale or Sharing
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. Therefore, there is no need to opt out, but you may still contact us with questions.
11.5 Right to Limit Use of Sensitive Personal Information
We do not use sensitive personal information for purposes beyond what is necessary to provide our Services.
11.6 Non-Discrimination
We will not discriminate against you for exercising your CCPA/CPRA rights. You will not receive different pricing, quality of service, or access as a result of exercising your rights.
11.7 Authorized Agents
You may designate an authorized agent to make requests on your behalf. We may require the agent to provide proof of written authorization and may verify your identity directly.
11.8 Financial Incentives
We do not offer financial incentives or price differences in exchange for the collection, retention, or sale of personal information.
12. International Data Transfers
SwiftSite.ai is based in the United States. If you are accessing our Site or engaging our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.
Where we transfer personal data from the EEA, UK, or Switzerland, we ensure that appropriate safeguards are in place, which may include:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- The UK International Data Transfer Addendum, where applicable.
- Transfers to countries recognized by the European Commission as providing an adequate level of data protection.
- Other valid transfer mechanisms as permitted under applicable data protection law.
You may request a copy of the safeguards we use for international transfers by contacting us.
13. Children's Privacy
Our Site and Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.
14. Third-Party Links & Services
Our Site may contain links to third-party websites, tools, or services that are not operated by SwiftSite.ai. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party site you visit.
Additionally, websites we build for clients may integrate third-party services (e.g., analytics, payment processors, social media plugins) at the client's direction. The privacy practices of those integrations are governed by the respective third-party providers and the client's own privacy policy.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:
- We will update the "Last Updated" date at the top of this page.
- For material changes, we will provide prominent notice on our Site or notify active clients via email at least 30 days before the changes take effect.
- Continued use of our Site or Services after the effective date of any changes constitutes your acceptance of the updated policy.
We encourage you to review this Privacy Policy periodically.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
SwiftSite.ai
Website: https://swiftsite.ai
We aim to respond to all privacy-related inquiries within 5 business days. For formal data subject requests (access, deletion, etc.), we will respond within the timeframes required by applicable law.
If you are located in the EEA or UK and are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority. A list of EEA data protection authorities can be found at edpb.europa.eu.