Privacy Policy
Last Updated: February 1, 2026
At SwiftZilla ("we," "us," or "our"), we respect your privacy and are committed to protecting the personal
data of our users ("User" or "you"). This Privacy Policy specifically addresses our compliance with the
General Data Protection Regulation (GDPR) and the Lei Geral de Proteção de Dados (LGPD).
1. Data We Collect
We collect only the essential information needed to provide our services:
- Identity Data: When you log in via GitHub, we collect your public GitHub ID, username,
display name, avatar URL, and email address.
- Billing Data: If you subscribe, we store your Stripe Customer ID. We do not
process or store your credit card information directly; this is handled entirely by Stripe.
- Usage Data: We log timestamps of your API requests to enforce rate limits and prevent
abuse.
- Query Data: Search queries sent to our API are processed to retrieve relevant
technical insights. These queries may be processed by third-party LLM providers (see Section 3) if
required
for embedding generation.
- Security Audit Data: We log critical account actions (logins, billing changes,
deletions)
along with IP addresses and timestamps to provide you with an audit trail and to maintain the security
of the platform.
2. How We Use Your Data
We use your data for the following purposes:
- To authenticate you and verify your subscription status.
- To provide the SwiftZilla Deep Insight™ search service.
- To enforce usage quotas and rate limits.
- To communicate with you regarding your account or service updates.
3. Third-Party Processors & International Transfers
We engage trusted third-party processors. By using our service, you acknowledge and agree that your data may
be processed in the United States or other jurisdictions, with appropriate safeguards.
- GitHub: Used for authentication. By logging in, you authorize GitHub to share your
profile information with us.
- Stripe: Used for payment processing. They handle all financial transactions and billing
details.
- PostHog: Used for product analytics to improve user experience. Collects anonymized
usage data and approximate geographic location (via IP). Session recordings are disabled by default and
only enabled with your explicit consent. Data is processed in the United States. See
PostHog Privacy
Policy.
- OpenRouter (AI Gateway): We use OpenRouter to route AI requests to various LLM
providers.
We enforce Zero Data Retention (ZDR) mode and deny data collection,
meaning your prompts and responses are not stored or used for model training by any provider.
Additionally, we prioritize providers with the highest throughput for optimal performance.
See OpenRouter
Privacy Policy.
- Cloud Providers (AWS/GCP/DigitalOcean): Used for hosting our infrastructure and
databases.
4. Security
We implement industry-standard security measures to protect your data, including:
- Encryption in Transit: All data is transmitted via HTTPS/TLS 1.3.
- Encryption at Rest: Sensitive keys and database volumes are encrypted.
- Access Controls: Strict internal access policies for our developers.
5. Data Retention
| Data Type |
Retention Period |
| Account Data |
Until account deletion |
| API Logs (Usage) |
90 Days |
| Security Logs |
1 Year |
| Analytics Data (PostHog) |
90 Days |
| Local Browser Storage |
Until logout / cache clear |
6. Your Rights (Deletion & Access)
Under GDPR and LGPD, you have the right to access, rectify, and delete your data. You can exercise these
rights directly via your Dashboard (Deletion) or by contacting support. Upon account deletion, all
personally identifiable data is permanently removed from our active databases immediately.
7. Contact Us
If you have questions about this policy or your data rights, please contact us at: Contact Form