Privacy Policy
Last updated: April 22, 2026
Who we are
SwapAd is a product of Noviantis Inc, a Florida corporation with its principal place of business in Miami, FL, USA. Contact: hello@swapad.app.
Data we collect
- Account data: email, name (optional), password (hashed)
- Payment data: processed by Stripe; we only store the Stripe customer ID, last 4 digits of the card, and billing history
- Usage data: images you upload, prompts you submit, generations you create
- Technical data: IP address, browser user-agent, timestamps
How we use your data
- To provide the SwapAd service (generating images from your inputs)
- To process payments and manage your subscription
- To detect fraud and abuse
- To comply with legal obligations
AI providers
To generate images, we transmit your uploads and prompts to our AI partners: fal.ai, Anthropic, and OpenAI. These providers do not use your data to train their models (per their enterprise agreements).
Data retention
We retain account data as long as your account is active. Generated creatives are retained indefinitely unless you delete them. Uploaded reference images used for processing are deleted within 30 days. Deleted accounts are fully erased within 30 days (soft delete period for recovery).
Your rights (GDPR + CCPA)
- Access: request a copy of your data via privacy@swapad.app
- Rectification: update your data in your account settings
- Deletion: delete your account from Settings → Danger Zone
- Portability: export your data from Settings
- Opt-out (CCPA): we do not sell your data, period
Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We follow OWASP best practices and maintain a security disclosure policy. Report vulnerabilities to security@swapad.app.
Cookies
See our Cookie Policy.
Contact
Questions about privacy? Email us at privacy@swapad.app.