Privacy Policy
Last updated 5 July 2026
This policy explains what personal information Swazona Ltd (registered in England and Wales, company no. 15457516) collects when you use Swazona, how we use it, who we share it with, and the choices and rights you have. Swazona Ltd is the controller of your personal information.
1. Information you give us
When you create an account and use the workshop, we collect the information you give us, including:
- Account details: your name, email address, password (stored only in hashed form), and language preference.
- Business content: the ideas, discovery inputs, briefs (BRDs), and documents you create or upload for processing.
- Support messages: anything you send us when you contact us.
2. Information we collect automatically
When you use the service we collect usage and diagnostic data, such as the actions you take, credit consumption, approximate device and browser information, IP address, and log data. We use strictly necessary cookies to keep you signed in and to remember your theme and language; we do not use advertising or cross-site tracking cookies.
3. Billing information
Payments are handled by Paddle, our Merchant of Record. Your card details are entered with Paddle and stored by Paddle, not by us; we do not store full card numbers. We keep limited billing records, such as your plan, subscription status, and transaction history, so we can manage your subscription and meet our legal obligations.
4. The Runner and your source code
The Swazona Runner executes jobs on your own machine, and your repositories are not continuously mirrored to us. However, when you run a job or an agent session, the Runner streams the resulting activity to Swazona and we store it: the contents of files the agent reads or writes, the changes (diffs) it makes, the commands it runs and their output, the assistant's messages, and job logs. We keep this history so you can watch, audit, review, and resume your work from the dashboard.
If you use the live preview, the pages and responses served by your local development app are relayed through Swazona to your browser. If you connect a Git repository, we fetch its contents into your workspace corpus on our servers to power search, audits, and context.
If you enable the optional mesh, your Runner can expose direct file, terminal, and preview transports to your other devices over a private WireGuard network; access to these transports is controlled by network access rules.
We keep this activity history while your account is active. It is deleted when you delete your account, or earlier on request, as described in section 10.
5. How we use your information
We use your information to provide and operate the service, generate the AI features you request, manage your account and subscription, keep the service secure and prevent abuse, provide support, meet legal obligations, and improve how Swazona works. We may send you service and account messages; any non-essential marketing messages are sent only where permitted, and you can opt out.
6. AI processing and providers
When you use an AI feature, the content needed for that feature is sent to a model provider to generate a response. By default this is Anthropic (Claude), and our default pipeline runs in the cloud. If you configure your own model for codebase audits — including a self-hosted model such as Ollama — that audit's model calls follow your configuration and can run on your own machine; other features continue to use our cloud providers.
Providers process the content under their own terms. We do not sell your information, and we do not use your private business content to train our own models.
7. How we share information
We share information with the service providers (sub-processors) that help us run Swazona — hosting and infrastructure, AI model providers, web search, analytics, error monitoring, email delivery, and Paddle, our Merchant of Record for payments — each acting on our instructions. We publish and maintain the full list of these providers, what each one does for us, and where it processes data. We may disclose information where required by law or to protect rights and safety, and we may transfer information as part of a merger, acquisition, or sale of assets. We do not sell your personal information.
8. International transfers
Swazona and some of our providers operate in the United Kingdom, the European Economic Area, the United States, and elsewhere, so your information may be processed outside the country where you live. Where we transfer personal information across borders, we rely on appropriate safeguards, such as standard contractual clauses, where required.
9. How long we keep information
We keep your account and business content for as long as your account is active and for a limited period afterwards. Drafts created before you sign up are kept for a short window (currently about seven days) so you can recover them; documents you upload are kept for a limited period after they are saved (currently about ninety days). We keep billing records for as long as the law requires and diagnostic logs for a limited period.
When you ask us to delete your account, we delete or anonymise your personal information within a reasonable period, except where we must keep some records to meet legal, accounting, or security obligations.
Records of your payments and invoices are retained by Paddle, our Merchant of Record, for as long as tax and accounting law requires — including after your Swazona account is deleted.
10. Your rights
Depending on where you live, you may have the right to access the personal information we hold about you, to correct or delete it, to restrict or object to certain processing, to receive a copy in a portable format, and to withdraw consent where we rely on it. You can export a machine-readable copy of your data and permanently delete your account directly from Settings — this is the fastest channel. You can also contact us at privacy@swazona.com, and we will respond within the time the law allows.
If you are in the United Kingdom or the European Economic Area, you also have the right to complain to your data-protection authority; in the UK this is the Information Commissioner's Office (ICO).
11. Security
We use technical and organisational measures to protect your information, such as encryption in transit, hashed passwords, and access controls. Credentials you give us — such as Git, model, or ClickUp keys — are stored encrypted at rest and are handed only, just in time, to your own paired Runner when a job needs them. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
12. Children
Swazona is not intended for anyone under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will remove it.
13. Changes to this policy
We may update this policy from time to time. When we make material changes, we will update the date at the top of this page and, where appropriate, notify you.
14. Contact us
For any privacy question, or to exercise your rights, contact us at privacy@swazona.com. You can also write to Swazona Ltd at the registered address on file for company no. 15457516 in England and Wales.