SWING

Legal documents

Legal

Privacy Policy

Last updated: March 15, 2026

This Privacy Policy explains which personal data SWING processes, why that happens, how data is protected, and what rights you have under the General Data Protection Regulation (GDPR).

Important: before publishing, replace all text between [brackets] with your actual company details.

1. Data controller

The data controller for personal data processed through this platform is [FULL COMPANY NAME / LEGAL ENTITY], trading under the name SWING, with its registered address at [REGISTERED ADDRESS, POSTCODE, CITY, COUNTRY].

Privacy contact: nick.olivier03@gmail.com.

2. What data we process

  • Account data such as name, email address, password hash, and account status.
  • Profile and preference data such as language, timezone, address, and phone number.
  • Subscription, billing, and service usage data.
  • Exchange connection data, including API keys and related metadata.
  • Portfolio, order, performance, and log data required to operate the service.
  • Communication data when you contact support.
  • Technical data such as session tokens, error logs, browser preferences, and local storage settings.

3. Purposes of processing

We process personal data for the following purposes:

  • creating and managing user accounts;
  • verifying and securing users;
  • providing dashboards, strategies, signals, and exchange connectivity;
  • supporting or enabling automated trading functionality;
  • sending service messages, activation codes, and support responses;
  • preventing fraud, abuse, and security incidents;
  • complying with legal obligations and handling disputes;
  • internal analysis, logging, and improving service stability.

4. Legal bases

We process personal data on one or more of the following legal bases:

  • performance of a contract with you;
  • compliance with legal obligations;
  • legitimate interests such as security, fraud prevention, and logging;
  • consent, where we explicitly ask for it for a specific purpose.

5. Exchange API keys and security-related information

If you connect exchange API keys, they are used solely to provide the requested functionality. SWING processes such information only for account management, validation, order execution, and related security purposes.

API keys are stored in encrypted form. No technical system can be guaranteed to be fully secure, and we do not guarantee absolute security.

6. Recipients and processors

To operate the service, personal data may be shared with or processed by hosting providers, email providers, infrastructure and security providers, exchange APIs, and other processors reasonably necessary for the service.

We do not sell personal data to third parties.

7. International transfers

If personal data is processed outside the European Economic Area, we will rely on appropriate safeguards such as standard contractual clauses, an adequacy decision, or another legally valid transfer mechanism where required.

8. Retention periods

  • Account data: while the account is active and thereafter as reasonably necessary.
  • Contract and support data: as long as needed for evidence and dispute handling.
  • Billing and administrative data: at least as long as legally required.
  • Security, session, and log data: as long as needed for security, investigation, and service stability, unless a longer legal retention period applies.

If specific laws require a longer retention period, that longer period will apply.

9. Cookies and local storage

SWING uses functional storage mechanisms, including local storage, for purposes such as authentication, language settings, and ongoing account flows. If additional cookies or tracking technologies are used in the future, this Privacy Policy and/or a separate cookie notice will be updated accordingly.

10. Your rights

To the extent the GDPR applies, you may have the right to:

  • access your personal data;
  • correct inaccurate personal data;
  • request deletion where legally possible;
  • request restriction of processing;
  • object to certain processing activities;
  • request data portability where applicable;
  • withdraw consent where processing is based on consent.

You can submit a request via nick.olivier03@gmail.com.

11. Complaints

If you have a privacy complaint, we ask that you contact us first. Without prejudice to your other rights, you also have the right to file a complaint with a competent supervisory authority, such as the Dutch Data Protection Authority.

12. Changes to this Privacy Policy

We may update this Privacy Policy if the service, applicable law, or our processing activities change. The most recent version will always be published on this website.