Privacy Policy

Data Controller, Contact Details, and Representatives

Data Controller Information

Swytch-Swap operates as the data controller for the personal data we collect from users of our app and services. Swytch-Swap is registered as a Limited Liability Company (LLC) based in New York City, New York, USA.

Contact Details

For any privacy-related inquiries, users can reach out to our dedicated team via email at privacy@swytch-swap.com or send correspondence to our headquarters at 123 Main Street, Suite 400, New York, NY 10001.

EU/UK Data Protection

To better serve our users in the EU/UK where GDPR regulations apply, Swytch-Swap has appointed a Data Protection Officer (DPO). Our DPO can be contacted directly at DPO@swytch-swap.com for any concerns related to data protection and privacy rights applicable under these regulations. If you are a resident of the EU or UK, please ensure to include "EU/UK Inquiry" in the subject line to guarantee timely response and appropriate handling of your request.

Key Terms and Definitions

Introduction

In this section, we define important terms to enhance your understanding of our privacy practices.

Personal Data

'Personal data' refers to any information relating to an identified or identifiable individual. This includes information such as your name, contact details, and location data, which can directly or indirectly identify you.

Linked and De-identified Data

'Linked data' involves data that remains connected to personal identifiers, allowing for the identification of a person. In contrast, 'de-identified data' refers to information that has been processed to remove or obscure personal identifiers, rendering it impossible to link back to an individual without additional data.

Age-related Terms

Age-related terms relevant to Swytch-Swap are also essential. 'Minor' denotes any individual under the age of 18 years. Our app is primarily designed for users who are 18 years or older. If we inadvertently collect personal data from a minor, we will take steps to delete such information promptly.

Age Verification

Furthermore, 'age verification' is a process employed to confirm that users meet our age requirements, ensuring compliance with both legal obligations and protection standards for younger users. By understanding these key terms, users can better comprehend how Swytch-Swap handles, processes, and protects the data it collects.

Types of Data We Collect

In this section, we aim to provide Swytch-Swap users with a comprehensive overview of the types of data we collect to enhance our services, as well as to comply with legal and regulatory requirements. Swytch-Swap collects various categories of data related to your use of the app and engagement with our services. This is obtained directly from you and automatically through various technologies, all with your consent and in adherence to legal standards.

Categories of Data Collected

1. Personal Identification Information: This includes information such as your name, email address, phone number, and profile picture. You voluntarily provide this data when you create an account or update your profile within the app.
2. Location Data: To facilitate the core functionality of matching listers and seekers for parking spaces, we collect geolocation data. This is obtained through your mobile device's GPS, with your explicit consent via device settings. This data helps us provide real-time parking availability and matched coordinates for scheduling exchanges.
3. Transaction Data: Details of transactions conducted on the platform, including seeker fees, service fees, and subscription payments, are logged. This ensures transparency and verifiability of services offered and is crucial for resolving customer support queries.
4. Device Information: This category involves collecting data related to the device you use to access the app, including hardware model, operating system version, unique device identifiers, and mobile network information. This helps improve app compatibility, performance, and user experience.
5. Usage Data: We automatically collect information about your interactions with the app, such as the pages you visit, features you use, and your preferences. This is tracked via cookies and similar technologies for analytical and service optimization purposes.
6. Communication Data: If you contact customer support or participate in surveys, all correspondence and feedback will be logged and reviewed to improve our service offering.
7. Optional Data: Occasionally, we may request additional optional data to personalize your experience. This includes user interests, feedback for improvements, or participation in ongoing promotions. Providing these is entirely voluntary and based on user discretion.

Data Collection Methods

Swytch-Swap utilizes both direct collection methods and automated technologies to gather data efficiently and securely. Personal identification and optional data, for instance, are collected directly when you sign-up or engage with certain app features. Conversely, location, device, and usage data are gathered through automated systems, which activate upon app usage, always respecting your granted permissions.

Age Verification and Specific Data Requirements

In compliance with age-related requirements, Swytch-Swap uses age verification processes during account creation to ensure users meet the age threshold of 18 years. This involves collecting basic identification details to affirm compliance with legal obligations, especially when the service extends to app features critical for safety and legality. In cases where age verification is not satisfactorily concluded, access may be restricted until further confirmation is presented.

By outlining these data types and their collection methods, we assure you that Swytch-Swap is committed to transparency and the ethical handling of all user data. This ensures not only the effective functionality of the marketplace but also the safeguarding of user privacy and trust.

Legal Bases and Purposes for Processing

Legal Bases for Data Processing

Swytch-Swap processes your data in alignment with the legal bases outlined in the General Data Protection Regulation (GDPR) and other applicable data protection laws. These legal bases guide our data handling practices to ensure compliance and protect user privacy. Here are the primary legal bases we rely on and their associated data processing purposes:

Consent

We process your data with your explicit consent, obtained at the point of data collection. Consent serves as a primary legal basis when you voluntarily provide data, such as during the account registration process or subscription for enhanced services. By consenting, you authorize us to process data categories that include personal identifiers like name, email address, and age verification details. Consent allows Swytch-Swap to verify user eligibility, deliver personalized service enhancements, and communicate effectively with you about app features, updates, and promotional offers.

Performance of a Contract

Processing data is essential to fulfilling the terms of the services we offer. This is applicable when you engage in actions like listing or reserving parking spots. To facilitate these peer-to-peer transactions, we process operational data that includes parking location, reservation timings, and user preferences. Without processing this data, Swytch-Swap cannot provide its core service of connecting listers and seekers efficiently, thus ensuring the reliability and predictability of parking exchanges.

Legal Obligation

Compliance with legal obligations underpins the collection and processing of specific data categories. For instance, age verification data is processed to comply with legal regulations that require all users to be at least 18 years old. The platform uses this verification as a safeguard against unauthorized access by minors, thereby upholding legal and community standards. This processing is a legal necessity to ensure the safety and appropriateness of the service for eligible users.

Legitimate Interests

Swytch-Swap processes certain user data to further its legitimate business interests, while carefully considering the balance between these interests and user privacy rights. For example, device and usage data are analyzed to enhance user experience and optimize app functionality. This includes refining user interface design, conducting market research, and preventing fraudulent activities. Legitimate interest is a crucial basis for ongoing improvements, ensuring that the platform remains effective, secure, and competitive in providing valuable urban parking solutions.

We generally do not rely on the "public interest" legal basis for our processing activities, as our services are provided on a commercial basis rather than under a specific legal mandate to perform public functions. Each data category processed by Swytch-Swap is aligned with these legal bases and serves specific purposes to ensure effective service delivery, regulatory compliance, and continuous improvement of user experience. Our commitment to these principles reflects our dedication to maintaining transparency, building user trust, and providing a secure and reliable parking marketplace.

Data Sharing and Disclosure to Third Parties

Categories of Recipients

Swytch-Swap is committed to maintaining transparency regarding the sharing of user data with third parties. We categorize the recipients of user data into several distinct groups to ensure clarity and understanding.

Service Providers and Partners

Firstly, service providers and partners are integral recipients of data, assisting in the operation and improvement of our platform. These entities may include cloud storage services, data analytics companies, and customer support providers. The data shared typically encompasses user information required for technical support, service optimization, and maintaining security standards within our peer-to-peer parking marketplace.

Legal Disclosures

Secondly, we may disclose user data to law enforcement agencies and regulatory authorities when we are legally obligated to do so. This legal requirement ensures we comply with applicable laws, regulations, court orders, or governmental requests. In such instances, data sharing is strictly limited to what is necessary to fulfill legal obligations and protect the rights, property, or personal safety of Swytch-Swap, our users, or the public.

Business Transfers

Additionally, business transfers may involve the sharing of user data. If Swytch-Swap is involved in a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction. In such scenarios, we will ensure that the confidentiality of personal data is safeguarded and that users are informed of any changes regarding their data’s handling.

Anonymized Data Sharing

To uphold transparency, we also share anonymized data with third parties. This data is stripped of identifiers that can be used to pinpoint individual users, and it is typically utilized for commercial analysis, market research, or partnership opportunities. Sharing anonymized data helps us to collaborate effectively with industry stakeholders while protecting individual privacy.

Purposes of Data Sharing

The purpose of sharing user data with third parties is multifaceted. Primarily, it supports the delivery of our services and enhances the user experience by ensuring efficient platform operations and functionality. Shared data helps drive innovations, inform pricing strategies, and improve the reliability of the user experience, all central to fulfilling Swytch-Swap's commitment to a trusted, efficient parking solution.

Compliance with Legal Requirements

Furthermore, applicable legal requirements play a crucial role in our data sharing practices. Swytch-Swap adheres to data protection laws such as the General Data Protection Regulation (GDPR) and other regional legislations to ensure all data sharing is lawful, fair, and transparent. These legal frameworks guide our interactions with third parties and ensure user data is handled responsibly and ethically.

In essence, our data sharing practices are designed to balance the privacy rights of our users with our operational needs and legal obligations, thereby maintaining a secure, reliable, and transparent environment for all users.

International Data Transfers

Security and Compliance in International Transfers

Swytch-Swap recognizes the importance of safeguarding your data during international transfers. When your data is transferred across borders, we follow rigorous procedures to ensure its security and compliance with relevant data protection laws, including the GDPR and other similar legal frameworks. These regulations require us to implement robust safeguards, such as incorporating standard contractual clauses and engaging in data processing agreements with partners handling your information.

Assessment of Legal Requirements

Our international data transfer procedures involve assessing the legal requirements of the destination country, ensuring they provide a comparable level of protection for your data. This process may include evaluating adequacy decisions or applying supplementary measures if necessary to maintain the privacy and security of your information. In scenarios where data is accessed by service providers outside of your home country, we take proactive steps to ensure compliance with applicable data protection principles.

Mitigating Cross-Border Data Risks

Cross-border data transfers inherently carry potential risks such as unauthorized access, data breaches, or inadequate legal protection in recipient countries. To mitigate these risks, Swytch-Swap employs a combination of encryption technologies, access controls, and regular security assessments. Additionally, we actively monitor international developments in data protection to update our policies and procedures accordingly.

Commitment to Privacy and Security

Our commitment to implementing these protective measures demonstrates our dedication to securely managing your data across borders, ensuring both legal compliance and the maintenance of your privacy rights. By observing these practices, we strive to create a reliable and transparent environment, contributing to your trust in Swytch-Swap as a globally-operating service provider.

Data Retention

General Data Retention Principles

Swytch-Swap's data retention policy is crafted to respect user privacy while complying with legal and operational requirements. Our general data retention principles involve retaining personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. We regularly assess the purpose and necessity of retained information, ensuring data is securely deleted or anonymized when no longer needed.

Retention of Transactional Data

Transactional data related to activities on the Swytch-Swap platform, such as parking spot reservations and confirmations, is retained for as long as necessary to provide the services, manage your account, enforce our Terms of Use, resolve disputes, prevent fraud, and comply with applicable legal, tax, and accounting obligations. Thereafter, we delete or anonymize such data in accordance with our data retention practices.

User Account Information

User account information is retained for up to three years after the account becomes inactive, based on our legitimate business needs (such as dispute resolution, fraud prevention, and record-keeping), unless a longer retention period is required or permitted by applicable law, such as AML/KYC record-keeping obligations that may require retention for at least five years.

Data Concerning Minors

We are also sensitive to the retention of data concerning children and minors. In compliance with age-related data retention obligations, any personal data collected from users identified as minors is handled with additional care and not retained beyond the point of necessity for the purposes initially collected. We also respect requests from parents or guardians to delete personal data of minors.

Commitment to Continuous Improvement

By adhering to these data retention principles, Swytch-Swap is committed to safeguarding personal information while upholding the convenience, security, and rights of our users. Our practices are subject to continuous review and improvement to align with evolving legal standards and technological advancements.