Swylink
Legal

Privacy Policy

Last updated: April 2026

Swylink ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you use our SaaS CLI tool for AI coding context synchronization (the "Service").

1. What Data We Collect

Account Information

When you create an account, we collect your email address and authentication credentials (managed via Supabase Auth). If you sign in through a third-party provider (e.g., GitHub), we receive the profile information you authorize.

Context Snapshots

The core data Swylink manages includes summaries of coding sessions, key decisions made, topic tags, and files changed. These are captured by your AI coding tools via the MCP protocol and stored as structured context snapshots.

Usage Data

We collect basic usage data such as API request counts, connected IDE identifiers, and feature usage patterns. We do not use tracking cookies or third-party analytics trackers.

2. How We Use Your Data

  • Provide the Service: store and synchronize your context snapshots across AI coding tools, perform semantic search using 768-dimension vector embeddings, and deliver real-time sync via WebSocket.
  • Improve the Product: analyze aggregated, anonymized usage patterns to enhance features and performance.
  • Communicate: send essential service notifications such as security alerts or billing updates.

3. Data Storage & Security

All data is stored in Supabase with row-level security (RLS) enabled, ensuring each user can only access their own data.

All communication between your IDE and Swylink is encrypted in transit via TLS/WSS (encrypted WebSocket). Data at rest is encrypted by Supabase's infrastructure.

We follow security best practices including regular dependency audits, minimal data collection, and the principle of least privilege for all service components.

4. Data Retention

We retain your context snapshots and account data for as long as your account is active. If you delete your account, all associated data (context snapshots, metadata, and personal information) will be permanently deleted within 30 days.

Anonymized, aggregated usage statistics may be retained indefinitely for product improvement purposes.

5. Third-Party Services

We use the following third-party services to operate Swylink:

  • Supabase: database storage, authentication, and row-level security. Supabase processes your data in accordance with their privacy policy.
  • Stripe: payment processing for the Pro plan. Stripe handles all payment data and never shares your card details with us. See Stripe's privacy policy.

We do not sell your data to any third party. We do not use third-party analytics trackers or advertising cookies.

6. Your Rights

You have the right to:

  • Access all personal data we hold about you.
  • Export your context snapshots and account data in a portable format.
  • Delete your account and all associated data at any time.
  • Correct inaccurate personal information.
  • Object to processing of your data for purposes beyond providing the Service.

To exercise any of these rights, contact us at contact@swylink.com. We will respond within 30 days.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance.

8. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: contact@swylink.com

Company: Swylink