Privacy Policy
Effective date: 2026-05-11
1. Our Commitment to You
Swiftly Studio (the “Service”, “we”, “us”, “our”) respects your privacy. This Privacy Policy describes the personal information we collect about you, how we use it, who we share it with, and the rights you have over it.
This policy applies to use of the Service at swiftlystudio.com and related domains. It does not apply to third-party services we link to.
2. Grounds for Data Collection
We collect personal information only when we have a lawful basis under applicable privacy law. Under the GDPR and UK GDPR, our lawful bases are:
- Performance of a contract — to provide the Service and bill you for it under our Terms of Service.
- Consent — for optional features such as marketing emails or precision analytics cookies. You may withdraw consent at any time.
- Legitimate interests — to keep the Service secure, prevent fraud and abuse, debug issues, and improve our product and safety systems, provided those interests are not overridden by your rights.
- Legal obligation — to comply with tax, accounting, and law-enforcement obligations.
3. Personal Information We Collect
3.1 Information You Provide
| Category | Examples |
|---|---|
| Account information | Name, email, password (stored hashed), identifiers from third-party sign-in providers you use |
| Mobile phone number (optional) | Provided by you only if you choose to enable SMS verification on your account. Stored alongside a verified/unverified flag. See §4A for how we use it. |
| Billing information | Billing name, address, tax identifiers, last four digits of card. Full card numbers are handled by our payment processor and never reach our servers. |
| Generation inputs | Prompts you write, reference media you upload (images, audio, video clips), parameters you choose |
| Generated outputs | Images, videos, voiceovers, and music your account has generated |
| Support communications | Messages you send us via email or in-app support |
3.2 Information Collected Automatically
| Category | Examples |
|---|---|
| Usage data | Pages viewed, features used, number and type of generations, timestamps, session length |
| Device data | IP address, browser type and version, OS, device identifiers, language |
| Cookies and similar | Session cookies for sign-in, preference cookies, analytics cookies (with consent where required) |
We do not knowingly collect special-category data (race, religion, biometric data, health data) except where you choose to submit it as generation input — in which case you warrant under our Terms that you have the necessary rights and consents.
4. How We Use Your Information
| Purpose | Lawful Basis (GDPR) |
|---|---|
| Provide, operate, and deliver the Service | Performance of a contract |
| Process payments and manage subscriptions | Performance of a contract |
| Route generation requests to AI providers | Performance of a contract |
| Send transactional emails (receipts, password resets, security notices) | Performance of a contract |
| Send one-time SMS verification codes when you choose to verify a phone number | Consent (you provide and confirm your number) |
| Detect and prevent fraud, abuse, and violations | Legitimate interest in protecting the Service |
| Improve safety systems and product features (using aggregated, de-identified data) | Legitimate interest |
| Send marketing communications | Consent (you can opt out anytime) |
| Comply with legal and tax obligations | Legal obligation |
We do not use your prompts, uploads, or outputs to train Swiftly’s own models. Third-party AI providers that fulfil generation requests process your inputs under their own terms and privacy policies; please review them.
4A. SMS Messaging Program
Swiftly Studio offers an optional SMS verification program. You are not required to use SMS in order to sign up for or use the Service.
Opt-in
You opt in by entering your mobile phone number in your Account → Profile page and tapping “Send code.” By tapping Send code, you confirm that the number belongs to you and that you agree to receive a one-time SMS verification code at that number from Swiftly Studio.
Program type and message frequency
This is a transactional, on-demand program. Messages are only sent in response to a verification request you initiate. Frequency is one message per request.
Message content
SMS messages contain only the verification code, an expiry, and opt-out/help instructions. Example: “Your Swiftly verification code is 123456. It expires in 5 minutes. Reply STOP to opt out, HELP for help. Msg & data rates may apply.”
Opt-out and help
You can opt out at any time by replying STOP to any message. You will receive a confirmation message and no further SMS. You can request help by replying HELP, or contact us at hello@swiftlystudio.com. You can also remove your phone number entirely from Account → Profile.
Costs
Message and data rates may apply, depending on your carrier and plan. Swiftly does not charge you for SMS.
Carrier and delivery provider
SMS messages are delivered through Amazon Web Services End User Messaging. Carriers are not liable for delayed or undelivered messages.
How we use and share mobile information
Swiftly Studio does not share, sell, rent, or otherwise disclose mobile phone numbers or SMS opt-in data with third parties or affiliates for marketing or promotional purposes. We share your mobile number only with our SMS delivery provider (AWS End User Messaging) strictly to send the verification code you requested. This restriction applies regardless of any other sharing described elsewhere in this Policy.
5. Tracking Technologies and Cookies
We use first-party and third-party cookies and similar technologies for:
- Strictly necessary — sign-in, session management, security. Cannot be disabled.
- Functional — language and theme preferences.
- Analytics — understanding feature usage. Loaded only after consent in jurisdictions that require it.
- Marketing — measuring advertising effectiveness. Loaded only with consent.
Where available, you can manage cookie preferences through our consent controls and at the browser level. Disabling strictly-necessary cookies may break parts of the Service.
6. How We Share Your Information
We share information with the following categories of recipients under appropriate contractual protections, and only as needed for the purposes in §4:
| Recipient | Why |
|---|---|
| AI providers | Your generation prompts and inputs are forwarded so the provider can produce the output. |
| Payment processor | Billing details for processing payments and managing subscriptions. |
| Infrastructure and operational providers | Hosting, storage, database, email, analytics, and error monitoring providers that support the Service. |
| SMS delivery provider | We send your mobile number to AWS End User Messaging only to deliver the verification code you requested. Mobile numbers are never shared with third parties or affiliates for marketing or promotional purposes. |
| Professional advisors | Lawyers, accountants, auditors under duty of confidentiality. |
| Government / law enforcement | When required by law, subpoena, or to protect rights, life, or property. |
| Successors | In connection with a merger, acquisition, or sale of assets, subject to the same privacy commitments. |
We do not sell your personal information for money. For California residents, see §11 for what “sale” and “sharing” can mean under the CCPA.
7. Transfer of Data Outside the EEA / UK
Our servers and some of our service providers are located in the United States. When we transfer personal data of EEA, UK, or Swiss data subjects to a country that has not received an adequacy decision, we rely on lawful transfer mechanisms as available, which may include Standard Contractual Clauses, the UK International Data Transfer Addendum, or equivalent. You may request information about the mechanisms in place by emailing privacy@swiftlystudio.com.
8. How We Protect Your Information
We apply administrative, technical, and physical safeguards we consider appropriate to the nature of the information we hold. No system is perfectly secure and we cannot guarantee absolute security. In the event of a personal data breach we will notify regulators and affected individuals where and when required by applicable law.
9. Data Retention
We retain personal information for as long as is necessary to provide the Service, to comply with legal and regulatory obligations (including tax and accounting), to resolve disputes, and to enforce our agreements. Generated assets are retained in your library until you delete them or your account is closed; backup copies may persist for a limited period thereafter. We may retain anonymised or aggregated data indefinitely.
10. Your Rights
10.1 European Union, UK, and Swiss Users
Under GDPR and equivalent laws you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your data (“right to be forgotten”) in certain circumstances.
- Restrict processing in certain circumstances.
- Object to processing based on legitimate interests.
- Data portability — receive data in a structured, machine-readable format.
- Withdraw consent for any processing based on consent, without affecting prior processing.
- Lodge a complaint with your local supervisory authority. You can find your authority at edpb.europa.eu.
To exercise these rights, email privacy@swiftlystudio.com. We respond within the timeframes required by applicable law.
10.2 California Residents
See §11 for California-specific rights.
10.3 Other Jurisdictions
If you reside in a jurisdiction with its own privacy law (e.g. Canada PIPEDA, Brazil LGPD, Australia Privacy Act, Japan APPI), you may have similar rights. Contact us to exercise them.
11. Additional Information for California Residents
This section applies to California residents and supplements the rest of this Policy.
11.1 Categories of Personal Information Collected (last 12 months)
| CCPA Category | Collected? | Examples | Sources | Purpose |
|---|---|---|---|---|
| Identifiers | Yes | Name, email, account ID, IP address | You, automatic | Provide Service, security |
| Customer records | Yes | Billing name and address | You, Stripe | Payments, fraud prevention |
| Commercial information | Yes | Plans purchased, transaction history | Stripe | Service operation |
| Internet/network activity | Yes | Usage data, device data, cookies | Automatic | Operations, analytics |
| Geolocation (coarse) | Yes | Country, region from IP | Automatic | Compliance, fraud prevention |
| Audio/visual data | Yes | Reference media you upload, generated outputs | You, AI providers | Provide Service |
| Inferences | Limited | Aggregated usage patterns | Derived | Improve safety filters |
| Sensitive PI | No | We don’t intentionally collect | n/a | n/a |
11.2 Sale and Sharing of Personal Information
We do not sell personal information for money. Where the CCPA definition of “sharing” (transferring personal information to a third party for cross-context behavioural advertising) may apply, we only do so where you have given the necessary consent.
You can opt out of sharing at any time by emailing privacy@swiftlystudio.com.
11.3 California Privacy Rights
California residents have the right to:
- Know what personal information we collect, use, disclose, and share.
- Delete personal information we have collected from you.
- Correct inaccurate personal information.
- Opt out of the sale or sharing of personal information.
- Limit the use of sensitive personal information.
- Non-discrimination for exercising these rights.
To exercise these rights, email privacy@swiftlystudio.com. We will acknowledge and respond within the timeframes required by the CCPA.
You may also designate an authorised agent to make requests on your behalf with written, signed authorisation.
12. Automated Decision-Making
The Service applies automated content-moderation filters to detect prohibited content. A filter may automatically block a generation or flag an account for review. Where required by applicable law you may request human review of an automated decision that produces legal or similarly significant effects on you by emailing support@swiftlystudio.com.
13. Children
The Service is not directed to children under 18, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact privacy@swiftlystudio.com and we will delete it.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by email or in-app notice before they take effect, where reasonably practicable. The “Effective date” at the top reflects the current version.
15. How to Contact Us
| Reason | Contact |
|---|---|
| Privacy questions and rights requests | privacy@swiftlystudio.com |
| General support | support@swiftlystudio.com |
| Postal mail | Address pending — please use email for now. |
For privacy enquiries from any jurisdiction, please use the email address above.