1. Information We Collect
We collect information you provide directly:
- Account data: name, email address, and password hash (never plaintext)
- OAuth data: GitHub/GitLab username, avatar, and access tokens (used only to scan repos you authorize)
- Repository data: code files accessed during scans; not stored long-term
- Usage data: agent run logs, scan results, timestamps
2. How We Use Your Information
- To provide and improve the Service
- To send transactional emails (welcome, scan results, billing)
- To enforce our Terms of Service
- To respond to support requests
We do not sell your data to third parties.
3. GitHub / GitLab Integration
When you connect a repository, we request only the minimum necessary permissions. OAuth tokens are stored encrypted and used solely to perform scans you initiate. You can revoke access at any time from your GitHub/GitLab settings.
4. Data Retention
Scan results are retained for the duration of your account. You may delete your account and all associated data at any time by contacting us at hello@swarmflow.one.
5. Security
Passwords are hashed with bcrypt. Data in transit is encrypted via TLS. We use Supabase (SOC 2 certified) for data storage. Despite these measures, no system is 100% secure — please use a strong, unique password.
6. Third-Party Services
We use the following third-party services:
- Supabase — database and authentication infrastructure
- Resend — transactional email delivery
- Vercel — frontend hosting
- Railway — backend hosting
7. Cookies
We use minimal cookies necessary for authentication (JWT token storage). We do not use tracking or advertising cookies.
8. Your Rights
You have the right to access, correct, or delete your personal data. Contact us at hello@swarmflow.one for any privacy-related requests.
9. Contact
SwarmFlow Neural Labs · Dubai / Abu Dhabi, UAE
hello@swarmflow.one