Privacy Policy

Last Updated: November 24, 2025

This Privacy Policy explains how Trust Swiftly (“we,” “us,” or “our”) collects, uses, and discloses information about you when you visit our website (TrustSwiftly.com) (the “Site”), use our identity verification services (the “Services”), or otherwise interact with us.

This policy is divided into two parts to clarify our role in different contexts:

  • Part I applies to the personal information of individuals (“End-Users”) whose identities are verified using our Services. In this situation, we act as a data processor on behalf of our business customers (“Customers”), who are the data controllers.
  • Part II applies to the personal information we collect from our Customers’ representatives and visitors to our Site for our own purposes. In this situation, we act as a data controller.

Table of Contents

  1. Part I: Information We Process for Our Customers (End-User Data)
  2. Part II: Information We Process for Ourselves (Customer & Site Visitor Data)
  3. Cookies and Tracking Technologies
  4. Your Privacy Rights and Choices
  5. International Data Transfers
  6. Data Security and Retention
  7. Other Important Information
  8. Contact Us

1. Part I: Information We Process for Our Customers (End-User Data)

This section describes our processing of personal information of End-Users, which we do on behalf of and at the direction of our Customers. The Customer is the data controller and is responsible for ensuring the lawful collection and use of End-User data, including providing necessary notices and obtaining consents. The Customer’s privacy policy, not this one, governs the collection and use of this data. Trust Swiftly disclaims liability for any Customer misuse of End-User data.

A. Information We Collect from End-Users

At the direction of our Customer, we collect the following types of information from you to perform an identity verification:

  • Identity Information: This can include your full name, date of birth, phone number, email address, physical address, and images of your government-issued identity documents (like a driver’s license, passport, or national ID card) and any information contained on them.
  • Biometric Information: With your explicit consent, we may ask you to provide one or more photos or a short video of yourself. We use facial recognition technology to extract a scan of your facial geometry from this media. Our Customer, as the data controller, is responsible for obtaining your explicit, written consent prior to our collection of any biometric information. This biometric data is used for the sole purposes of comparing it to the photo on your identity document to help verify your identity (“Verification”) and prevent fraud (“Fraud Prevention”). We never sell, lease, trade, or otherwise profit from End-User biometric data. For specific details on how long we retain this sensitive data, please see the Biometric Data Retention section below.
  • Device and Usage Information: We automatically collect information about your device, including your IP address, browser type, and operating system, to assist with Fraud Prevention.
  • Wireless Carrier Information: You may be asked to authorize your wireless carrier to disclose information about your account and device to us or our service provider to help us identify you and prevent fraud.

B. How We Use End-User Information

We process End-User information strictly to provide the Services to our Customers. Our purposes are:

  • To perform identity Verification and Fraud Prevention on behalf of our Customers.
  • To provide the results of the Verification to the Customer that requested it.
  • To troubleshoot, maintain, and improve our Services.

Purpose Limitation: We are committed to data minimization. We do not use biometric data for marketing, profiling, or any purpose beyond identity verification and fraud prevention as described herein.

C. Automated Decision Making

Our Services utilize automated logic and algorithms to analyze identity documents and biometric data to verify identities and detect fraud. While many verification checks are fully automated, some verifications may undergo manual review by our team or the Customer’s team, depending on the Customer’s specific configuration and instructions.

Because we act as a data processor, the final decision regarding your verification status (e.g., approving or rejecting your application) is made by the Customer. If you wish to contest the result of an automated verification or request human intervention, please contact the Customer directly.

D. How We Disclose End-User Information

We only disclose End-User information as directed by our Customer or as required by law. This includes disclosures to:

  • Our Customer: We provide the results of the Verification and related data to the Customer who initiated the identity check.
  • Service Providers (Subprocessors): We may engage third parties to assist us in providing the Services, such as cloud hosting providers. These providers are contractually bound to protect the data and only use it to perform services for us. We maintain a current list of our subprocessors here. We will notify Customers of any material changes to this list.
  • For Legal Reasons: We may disclose your information if we believe in good faith that it is required to comply with a law, regulation, legal process, or governmental request.

2. Part II: Information We Process for Ourselves (Customer & Site Visitor Data)

This section applies to personal information we collect from representatives of our Customers and from visitors to our Site.

A. Information We Collect

  • Account and Contact Information: When a Customer creates an account, requests information, or communicates with us, we collect business contact information such as name, email address, phone number, and company name.
  • Payment Information: When you purchase our Services, our third-party payment processor collects your payment details. We do not store your full credit or debit card information.
  • Communications and Survey Responses: We collect information you provide when you contact our support team, participate in surveys, or otherwise communicate with us.
  • Device and Usage Information: When you interact with our Site, we automatically collect technical information, including your IP address, browser type, operating system, pages visited, and the duration of your activities.

B. How We Use Your Information

We use this information for our legitimate business purposes, including:

  • To Provide and Maintain the Services: To create and manage Customer accounts, process transactions, and provide customer support.
  • To Improve and Personalize Our Services: To understand how our Site is used, develop new products, and improve user experience.
  • For Communication: To respond to your inquiries and send you service-related communications, such as billing and technical notices.
  • For Marketing and Advertising: To provide you with information about our products and services, as permitted by law. You can opt out of marketing communications at any time.
  • For Compliance, Fraud Prevention, and Safety: To enforce our terms, protect our rights, and prevent illegal activity.

C. How We Disclose Your Information

We do not sell your personal information for monetary consideration. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. We may disclose your information to:

  • Service Providers: We use third-party companies for services such as payment processing, data analysis, marketing, and IT services.
  • For Legal Reasons: We may disclose your information if we believe it is required to comply with the law or to protect the rights, property, or safety of Trust Swiftly, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred.

3. Cookies and Tracking Technologies

We and our third-party partners use cookies, pixel tags, and similar technologies to automatically collect information when you visit our Site. These technologies help us operate our Site, understand user engagement, and support our advertising efforts. You can control the use of cookies at the individual browser level.

Do Not Track Policy: Some web browsers have a “Do Not Track” feature. Except for the Global Privacy Control (GPC) signals discussed below, we do not currently respond to “Do Not Track” browser signals.

We use Google Analytics to process analytics information. You can learn about Google’s practices and opt out by visiting google.com/policies/privacy/partners/ and tools.google.com/dlpage/gaoptout.

4. Your Privacy Rights and Choices

Depending on your jurisdiction, you may have specific rights regarding your personal information. We are committed to facilitating these rights.

A. Rights for End-Users

Because we act as a data processor on behalf of our Customers, you should direct any requests to exercise your privacy rights to the Customer (the business that required you to verify your identity). They are the data controller and are responsible for managing your data. We will assist our Customers in responding to your requests as required by law. Your rights may include:

  • Right to Access, Correct, or Delete: The right to request access to, correction of, or deletion of your personal information under certain conditions.
  • Right to Data Portability: The right to receive a copy of your data in a machine-readable format.
  • Right to Restrict or Object to Processing: The right to request the restriction of or object to the processing of your personal information.

B. Rights for Customers and Site Visitors

As a Customer or Site Visitor, you have rights regarding the personal information we control.

  • Right to Opt-Out of Marketing: You can opt out of marketing emails by using the “unsubscribe” link at the bottom of the email. You will continue to receive essential service-related communications.
  • Your U.S. State Privacy Rights: Residents of certain U.S. states, such as California, Colorado, Virginia, and Connecticut, have specific rights regarding their personal information. Subject to certain exceptions, you may have the right to:
    • Know / Access: Request to know what personal information we collect, use, and disclose.
    • Correct: Request to correct inaccurate personal information we maintain about you.
    • Delete: Request to delete personal information we have collected from you.
    • Opt-Out of “Sharing” or “Targeted Advertising”: As described in our “Cookies” section, we may use tracking technologies for advertising purposes. This activity may be considered “Sharing” or “Targeted Advertising” under applicable state laws. You have the right to opt-out of this activity.
  • How to Exercise Your Rights:
    • To exercise your rights to Know, Correct, or Delete, please email us at privacy@trustswiftly.com.
    • To Opt-Out of Targeted Advertising / Sharing related to tracking technologies, please manage your preferences via our cookie consent banner or by enabling the Global Privacy Control (GPC) signal on your browser.

We will not discriminate against you for exercising any of your privacy rights.

5. International Data Transfers

Your information may be transferred, processed, and stored in countries outside of your own, including the United States, which may have data protection laws that differ from your home country.

When we transfer personal information from the European Economic Area (EEA), United Kingdom (UK), or Switzerland to other countries, we take steps to ensure an adequate level of protection. We rely on legal mechanisms such as the European Commission’s Standard Contractual Clauses (SCCs) and the UK Addendum. We also conduct Transfer Impact Assessments (TIAs) as required to supplement these mechanisms and ensure your information remains protected to a standard equivalent to that in your home country.

6. Data Security and Retention

Security: We implement robust technical and organizational measures, including encryption of data in transit and at rest, designed to protect your information from unauthorized access, use, or disclosure. However, no system is 100% secure.

Data Breach Notification: In the event of a data breach involving personal information, we will notify affected Customers and regulators as required by applicable law without undue delay.

Retention: We store personal information for as long as directed by our Customer and as necessary to fulfill our legal obligations. The Customer, as the data controller, determines the retention period for End-User data, such as images of identity documents and other verification details, based on their specific business and legal requirements.

Biometric Data Retention: Notwithstanding the general retention policy, scans of facial geometry collected from End-Users are subject to a specific retention schedule. This biometric data will be permanently destroyed from our systems when it is no longer needed for the purposes of Verification and Fraud Prevention for which it was collected, or within a maximum of three years of your last interaction with our Services, whichever comes first. This is subject to different requirements under applicable law or specific, lawful instructions from the data controller (our Customer).

7. Other Important Information

  • Children’s Information: Our Services are not directed to children under 16 (or 13 in the United States, or a higher age as required by local law), and we do not knowingly collect personal information from them.
  • Supervisory Authority: If you are in the European Economic Area, UK, or Switzerland, you have the right to lodge a complaint with your local data protection authority if you believe our processing violates applicable law.
  • Changes to this Policy: We may revise this Privacy Policy from time to time. If we make material changes, we will notify you as required by law by posting the updated policy on our Site and revising the “Last Updated” date.

8. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at: privacy@trustswiftly.com

We have also appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. You can contact our DPO at: dpo@trustswiftly.com