Privacy Policy

Effective date: January 1, 2026  ·  Last updated: June 1, 2026

1. Information We Collect

SecondSwype Inc. ("SecondSwype," "we," "us," or "our") collects information you provide directly, information generated automatically when you use our services, and information from third-party sources.

• Account data: name, email address, company name, and billing information provided during registration.
• Transaction data: tokenized payment signals processed through our S2 Engine. We never receive or store raw Primary Account Numbers (PAN).
• Usage data: log files, IP addresses, browser type, pages visited, and feature interactions.
• Communications: messages you send us via email or support channels.

2. How We Use Your Information

We use collected information to:

• Provide, operate, and improve the SecondSwype platform and S2 Engine.
• Process transactions and deliver recovery routing decisions in real time.
• Send transactional emails, billing notices, and service updates.
• Detect and prevent fraud, abuse, or security incidents.
• Comply with applicable legal obligations.

3. Sharing of Information

We do not sell your personal data. We share information only in the following circumstances:

• Service providers: VGS (tokenization vault), AWS (infrastructure), and Stripe/NMI (payment rails) process data on our behalf under confidentiality agreements.
• Legal requirements: when required by law, court order, or government authority.
• Business transfers: in connection with a merger, acquisition, or sale of assets, with advance notice provided.

4. Data Retention

We retain account data for the duration of the contract and for up to 7 years thereafter to satisfy legal and financial record-keeping obligations. Tokenized transaction signals are retained for up to 3 years for model training purposes. You may request deletion of personal data subject to applicable retention requirements.

5. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or restrict the processing of your personal data, as well as the right to data portability. To exercise these rights, contact us at privacy@secondswype.com.

6. Cookies

We use essential cookies for authentication and session management, and analytics cookies (anonymized) to understand product usage. You can disable non-essential cookies in your browser settings without affecting core functionality.

7. Security

SecondSwype employs industry-standard security controls including TLS encryption in transit, AES-256 encryption at rest, and role-based access controls. Raw card data is never stored in our environment — tokenization occurs at the point of capture via VGS.

8. Contact

For privacy-related questions or requests, contact our Data Protection team at privacy@secondswype.com or write to SecondSwype Inc., Attn: Privacy, [Address].