SWOOP PRIVACY POLICY

Last Updated: 13 October 2025

1. INTRODUCTION

Welcome to Swoop. This Privacy Policy explains how Swoop ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you use our mobile application ("App"), website, and services (collectively, "Services").

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services.

This Privacy Policy should be read in conjunction with our Terms of Service.

2. INFORMATION WE COLLECT

We collect several types of information from and about users of our Services:

2.1 Information You Provide Directly

Account Registration Information:

Full name
Email address
Phone number
Password (encrypted and stored securely)
Payment information (credit/debit card details, billing address)

Service Information:

Service address (where trash bins are located)
Property access instructions (gate codes, entry directions, bin locations)
Return location preferences
Special instructions or notes
Pet information and disclosures
Preferred service times and scheduling preferences

Communication Information:

Messages sent through the App to Service Providers or customer support
Customer support inquiries and correspondence
Feedback, reviews, and ratings
Survey responses

Profile Photos (optional):

Property photos (bin locations, access points)
Profile picture (if you choose to upload one)

2.2 Information Collected Automatically

Device Information:

Device type, model, and manufacturer
Operating system and version
Unique device identifiers
Mobile network information
IP address
Browser type and version

Usage Data:

App features accessed and used
Pages or screens viewed
Time and date of access
Time spent on pages/screens
App crashes and performance data
Click patterns and navigation paths

Location Data:

Service address location (required for service delivery)
Approximate device location when using the App (with your permission)
GPS data if you enable location services (optional)

We use location data to:

Connect you with nearby Service Providers
Provide accurate service delivery
Improve service availability in your area
Display relevant information based on your location

You can disable location services through your device settings, but this may limit some App functionality.

2.3 Information from Third Parties

Authentication Services:

If you use Apple Sign-In or Google Sign-In, we receive your name, email address, and profile information from those services

Payment Processors:

We use third-party payment processors (such as Stripe) who collect and process your payment information
We receive transaction confirmation and limited payment details (last 4 digits of card, transaction status)

Service Providers (Independent Contractors):

Service completion status and notes
Photos of completed services or access issues
Service quality feedback

2.4 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to:

Remember your preferences and settings
Keep you logged in
Analyze App usage and performance
Improve user experience

You can control cookies through your browser settings, but disabling cookies may limit some functionality.

3. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

3.1 Service Delivery

Create and manage your account
Process and fulfill service requests
Connect you with available Service Providers
Send service confirmations, reminders, and updates
Process payments and billing
Handle cancellations and refunds
Provide customer support

3.2 Communication

Send transactional messages about your services
Respond to your inquiries and requests
Send important notices about Terms or Policy changes
Provide service updates and notifications
Send promotional offers and marketing communications (with your consent)

You can opt out of marketing emails by clicking "unsubscribe" in any marketing email or adjusting your notification preferences in the App.

3.3 Service Improvement

Analyze usage patterns and trends
Monitor and improve App performance
Develop new features and services
Conduct research and analytics
Test new functionalities
Personalize your experience

3.4 Safety and Security

Verify your identity
Prevent fraud and unauthorized access
Detect and prevent security incidents
Investigate violations of our Terms of Service
Protect the safety of users and Service Providers
Comply with legal obligations

3.5 Legal Compliance

Comply with applicable laws and regulations
Respond to legal requests and court orders
Enforce our Terms of Service
Protect our rights and property
Resolve disputes

4. HOW WE SHARE YOUR INFORMATION

We share your information in the following circumstances:

4.1 With Service Providers (Independent Contractors)

Information Shared:

Your first name and last initial
Service address and property access instructions
Special instructions and notes
Contact phone number (for service-related communication only)
Photos of property/bin locations (if provided)
Pet disclosure information

Purpose: To enable Service Providers to complete your scheduled services.

Important: Service Providers are independent contractors, not Swoop employees. They are required to use your information solely for completing services and must protect your privacy, but Swoop does not control their use of information beyond the service delivery.

4.2 With Service Providers (Business Vendors)

We share information with third-party service providers who perform services on our behalf:

Payment Processing:

Payment processors (e.g., Stripe) process your payment information
We do not store full credit card numbers on our servers

Backend Infrastructure:

Supabase (our backend provider) hosts our authentication, database, and file storage
Data is encrypted and stored securely

Cloud Services:

Cloud hosting providers for App infrastructure
Data backup and recovery services

Analytics and Performance:

Analytics providers to understand App usage
Crash reporting and performance monitoring tools

Communication Services:

Email service providers for transactional and marketing emails
SMS providers for text notifications
Push notification services

Customer Support:

Customer support and ticketing platforms

These service providers are contractually obligated to:

Use your information only for the specific services they provide to us
Protect your information with appropriate security measures
Not sell or share your information for their own purposes

4.3 For Legal Reasons

We may disclose your information if required to do so by law or in response to:

Court orders, subpoenas, or other legal processes
Government or regulatory requests
Legal investigations
Requests from law enforcement

We may also disclose information when we believe in good faith that disclosure is necessary to:

Protect our rights, property, or safety
Protect the rights, property, or safety of our users or Service Providers
Prevent fraud or illegal activity
Enforce our Terms of Service

4.4 Business Transfers

If Swoop is involved in a merger, acquisition, asset sale, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

4.5 With Your Consent

We may share your information for other purposes with your explicit consent.

4.6 Aggregated or De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for:

Business analytics
Industry research
Marketing purposes
Public reporting

We Do Not Sell Your Personal Information: Swoop does not sell, rent, or trade your personal information to third parties for their marketing purposes.

5. DATA SECURITY

We take the security of your information seriously and implement industry-standard security measures:

5.1 Security Measures

Encryption: Data is encrypted in transit using SSL/TLS and at rest using industry-standard encryption
Secure Infrastructure: We use Supabase, a secure backend platform with robust security features
Access Controls: Limited access to personal information on a need-to-know basis
Authentication: Secure password requirements and optional two-factor authentication
Regular Audits: Periodic security assessments and vulnerability testing
Payment Security: PCI-compliant payment processing through trusted providers

5.2 Your Role in Security

You are responsible for:

Keeping your password confidential
Using a strong, unique password
Logging out of your account when finished
Reporting any unauthorized access immediately
Not sharing your account credentials

5.3 No Absolute Security

Important: No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You provide information at your own risk.

If we become aware of a data breach that affects your personal information, we will notify you as required by applicable law.

6. DATA RETENTION

6.1 How Long We Keep Your Information

We retain your information for as long as necessary to:

Maintain your account and provide Services
Comply with legal obligations (tax, accounting, legal requirements)
Resolve disputes and enforce agreements
Prevent fraud and abuse
Improve our Services

6.2 Retention Periods

Account Information: Retained while your account is active and for a reasonable period after account closure (typically 3-7 years) for legal and business purposes.
Service History: Retained indefinitely for business records, tax compliance, and dispute resolution.
Payment Information: Retained as required by law and payment processor requirements (typically 7 years).
Communication Records: Retained for a reasonable period to provide support and resolve disputes.
Usage Data: Retained for up to 2 years for analytics and improvement purposes.

6.3 Deletion After Retention Period

After the retention period expires, we will:

Delete your personal information from our active systems
Anonymize your information so it can no longer identify you, OR
Securely archive information if required by law

7. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal information:

7.1 Rights You May Have

Access: Request a copy of the personal information we hold about you.
Correction: Request correction of inaccurate or incomplete information.
Deletion: Request deletion of your personal information, subject to certain legal exceptions.
Portability: Request a copy of your information in a portable format.
Opt-Out: Opt out of marketing communications and certain data uses.
Object: Object to certain processing of your information.
Restrict Processing: Request that we limit how we use your information.
Withdraw Consent: Withdraw consent for processing based on consent (where applicable).

7.2 How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: [PRIVACY EMAIL ADDRESS]
Subject Line: "Privacy Rights Request"
Include: Your name, email address, and specific request

Response Time: We will respond to your request within 30 days (or as required by applicable law).

Verification: We may need to verify your identity before processing your request.

Limitations: Some rights may be limited by legal requirements or legitimate business interests.

7.3 Account Management

You can also manage some information directly in the App:

Update your account information in Settings
Change notification preferences
Update property and access information
Delete saved payment methods

7.4 Right to Complain

If you believe we have not handled your information properly, you have the right to lodge a complaint with a data protection authority in your jurisdiction.

8. CHILDREN'S PRIVACY

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children.

If you are under 18, do not:

Use the Services
Create an account
Provide any personal information

If we become aware that we have collected personal information from a child under 18, we will promptly delete that information.

Parents/Guardians: If you believe your child has provided us with personal information, please contact us immediately at [PRIVACY EMAIL ADDRESS].

9. LOCATION-SPECIFIC PRIVACY RIGHTS

9.1 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: What personal information we collect, use, disclose, and sell.
Right to Delete: Request deletion of your personal information (with exceptions).
Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (Note: We do not sell personal information).
Right to Correct: Request correction of inaccurate information.
Right to Limit: Limit use of sensitive personal information (property access codes, precise location).
Non-Discrimination: We will not discriminate against you for exercising your rights.
Authorized Agent: You may designate an authorized agent to make requests on your behalf.

To Exercise California Rights: Email [PRIVACY EMAIL ADDRESS] with "California Privacy Request" in the subject line.

Shine the Light: California residents may request information about disclosure of personal information to third parties for direct marketing purposes (we do not do this).

9.2 European Economic Area (EEA), UK, and Switzerland Residents (GDPR)

If you are in the EEA, UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

Contract: To provide Services you requested
Legitimate Interests: To improve Services, prevent fraud, ensure security
Consent: For marketing communications and optional data uses
Legal Obligation: To comply with laws

Your Rights:

Access, correction, deletion, portability, objection, restriction
Withdraw consent at any time
Lodge complaints with your data protection authority

Data Transfers: Your information may be transferred to and processed in the United States. We use appropriate safeguards for international transfers.

Data Protection Officer: Contact [DPO EMAIL if applicable]

9.3 Other Jurisdictions

We comply with applicable privacy laws in all jurisdictions where we operate. If your jurisdiction provides specific privacy rights, contact us at [PRIVACY EMAIL ADDRESS].

10. MARKETING AND COMMUNICATIONS

10.1 Types of Communications

Transactional Messages (cannot opt out):

Service confirmations and updates
Payment receipts
Account security alerts
Changes to Terms or Privacy Policy
Customer support responses

Marketing Messages (can opt out):

Promotional offers and discounts
New features and services
Tips and recommendations
Company news and updates

10.2 How to Opt Out

Email Marketing:

Click "Unsubscribe" at the bottom of any marketing email
Adjust preferences in App Settings > Notifications

SMS/Text Marketing:

Reply "STOP" to any marketing text
Adjust preferences in App Settings

Push Notifications:

Disable in your device Settings > Notifications > Swoop
Adjust preferences in App Settings

Note: Opting out of marketing does not affect transactional messages required for service delivery.

11. THIRD-PARTY LINKS AND SERVICES

Our Services may contain links to third-party websites, apps, or services (e.g., payment processors, social media).

We Are Not Responsible for:

Privacy practices of third-party services
Content on third-party websites
Third-party data collection or use

We Recommend that you review the privacy policies of any third-party services you access through our Services.

Third-Party Login: If you use Apple or Google Sign-In, your use of those services is governed by their respective privacy policies.

12. CHANGES TO THIS PRIVACY POLICY

12.1 Right to Modify

We may update this Privacy Policy from time to time to reflect:

Changes in our practices
Legal or regulatory requirements
New features or services
Industry best practices

12.2 Notice of Changes

We will notify you of material changes by:

Updating the "Last Updated" date at the top of this Policy
Posting the revised Policy in the App
Sending an email to your registered email address
Displaying an in-app notification

12.3 Effective Date

Changes become effective seven (7) days after posting, unless otherwise specified.

Your Continued Use of the Services after changes take effect constitutes acceptance of the revised Privacy Policy. If you do not agree, you must stop using the Services and may close your account.

12.4 Review Regularly

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. INTERNATIONAL DATA TRANSFERS

Swoop is based in the United States. If you use our Services from outside the United States, your information will be transferred to, stored, and processed in the United States.

By using our Services, you consent to the transfer of your information to the United States, which may have different data protection laws than your country.

We take appropriate safeguards to ensure your information receives adequate protection in accordance with this Privacy Policy and applicable laws.

14. DO NOT TRACK SIGNALS

Some browsers support "Do Not Track" (DNT) signals. Our Services do not currently respond to DNT signals, as there is no industry standard for how to respond to them.

15. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Swoop Privacy Team

Email: [PRIVACY EMAIL ADDRESS]
Address: [YOUR BUSINESS ADDRESS]
Phone: [PHONE NUMBER] (if applicable)

For Privacy Rights Requests: Use subject line "Privacy Rights Request"

For Data Breaches: Use subject line "Security Incident Report"

Response Time: We strive to respond to all inquiries within 30 days.