Privacy Policy
Effective date: May 15, 2026
SwiftCS (“SwiftCS,” “we,” or “us”) provides an AI-powered customer service platform for WooCommerce merchants. This Privacy Policy explains what information we collect when you use SwiftCS, how we use and protect that information, and the choices you have.
1. Information we collect
When you sign in to SwiftCS with your Google Account, we collect the data described in the OAuth scopes table below. We also collect operational data you provide when connecting your store: WooCommerce store URL and API credentials, ShipStation API credentials, UPS account details, and any product or knowledge-base content you upload for use by the AI.
2. Google OAuth scopes SwiftCS requests
The table below lists every Google OAuth scope SwiftCS requests when you sign in, the data each scope grants access to, and the product feature that depends on it.
| Scope | Data accessed | Purpose |
|---|---|---|
openid | Associates the user with their Google identity. | Required for OAuth sign-in and identity verification. |
https://www.googleapis.com/auth/userinfo.email | The user's primary Google Account email address. | To identify the user's SwiftCS account and send service-related communications. |
https://www.googleapis.com/auth/userinfo.profile | Basic profile info (name, profile picture, public personal info). | To personalize the SwiftCS experience and display the user's name and avatar in-app. |
https://www.googleapis.com/auth/gmail.readonly | Read-only access to the user's Gmail messages, threads, and labels, including message body content and attachments. | To ingest inbound customer emails into the SwiftCS inbox so the platform can classify, route, and provide context-aware AI-drafted replies based on the customer's message and conversation history. (TODO: Ghassan to refine wording.) |
https://www.googleapis.com/auth/gmail.send | Permission to send mail on behalf of the user from their connected Gmail account. | To send AI-drafted replies (after staff approval, where applicable) back to customers from the merchant's own Gmail address. (TODO: Ghassan to refine wording.) |
https://www.googleapis.com/auth/gmail.modify | Permission to modify Gmail messages, threads, labels, and drafts (other than permanent deletion). | To organize the inbox: apply labels to incoming threads, mark messages as read, save AI-drafted replies as Gmail drafts, and keep Gmail and SwiftCS in sync. (TODO: Ghassan to refine wording.) |
SwiftCS does not permanently delete messages from your Gmail account, and does not use Google user data for advertising, profiling, or training generalized AI models. Message content is processed only to provide the SwiftCS customer-service features described above.
3. Limited Use of Google user data
SwiftCS's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
4. How we store and protect your data
SwiftCS stores customer data in a managed PostgreSQL database hosted by Railway in the United States. OAuth refresh tokens, Gmail credentials, and third-party API keys (WooCommerce, ShipStation, UPS) are encrypted at rest using AES-256-GCM with a key held only by the SwiftCS application. All data in transit between your browser, the SwiftCS servers, and Google's APIs is encrypted using TLS.
Email content ingested from your Gmail inbox is retained for as long as your SwiftCS account is active so that staff can review historical conversations and the AI can use prior context. You can request deletion at any time (see Section 7).
5. Sharing with third parties
SwiftCS does not sell your data. We share data with the following service providers strictly to operate the product:
- Anthropic — we send relevant email content and conversation context to the Claude API to generate AI-drafted replies. Anthropic processes this data subject to its own terms and does not train its models on this data when accessed through the Claude API.
- Google — outbound replies you approve are sent through your connected Gmail account.
- Railway — our hosting provider for application servers and the PostgreSQL database.
- WooCommerce, ShipStation, UPS — we exchange order, customer, and shipping data with the integrations you choose to connect.
We do not share your data with advertisers or data brokers, and we do not allow third parties to use your data for their own marketing.
6. Your choices
You can revoke SwiftCS's access to your Google Account at any time from your Google Account permissions page. Revoking access will stop SwiftCS from reading or sending mail on your behalf.
7. Data deletion requests
To request deletion of your SwiftCS account and all associated data — including email content ingested from Gmail, customer records, and stored credentials — email admin@swiftcs.ai from the email address associated with your account. We will confirm receipt and complete deletion within 30 days.
8. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the effective date at the top of this page and, for material changes, notify connected users by email.
9. Contact
Privacy questions and data requests: admin@swiftcs.ai.
See also our Terms of Service.