Who We Are
SwiftAPI ("we", "us") provides AI execution governance infrastructure. We operate as a cryptographic trust authority for AI agent actions.
Contact: privacy@swiftapi.ai
What We Collect
From Authority Key Holders:
- Name and email (for key issuance)
- Organization name
- Payment information (processed by Stripe)
From API Usage:
- Attestation requests (action type, actor, timestamp)
- IP addresses
- Authority key identifiers (hashed)
- Approval/denial reasons
We Do NOT Collect:
- Contents of AI agent actions (only fingerprints)
- End-user data from your applications
- Biometric or sensitive personal data
How We Use Data
- Issue and manage authority keys
- Process attestation requests
- Maintain audit logs for security
- Improve service reliability
- Communicate service updates
- Enforce acceptable use policies
Data Retention
- Attestation logs: 90 days minimum, 1 year maximum
- Account information: Duration of relationship + 7 years
- Payment records: As required by law
Third Parties
We use the following service providers:
- Railway - Compute hosting
- Neon - Database (PostgreSQL)
- Upstash - Rate limiting (Redis)
- Vercel - Website hosting
We do not sell your data.
Your Rights (GDPR/CCPA)
You may request:
- Access to your data
- Correction of inaccuracies
- Deletion (subject to legal retention requirements)
- Export in machine-readable format
Submit requests to: privacy@swiftapi.ai
Security
- Ed25519 cryptographic signing for all attestations
- TLS encryption for all data in transit
- Database encryption at rest
- Access controls on all systems
- Regular security audits
Cookies
We use minimal cookies for essential functionality only. No tracking or advertising cookies are used.
Changes
We will notify key holders of material changes via email. The "Last Updated" date at the top reflects the most recent revision.