Security & Privacy
How we protect your account, your data, and your clients' trust.
You're trusting us with data about your business and your clients' websites. Here is, plainly and without small print, how we look after it.
Your account
- Passwords are stored only as strong one-way hashes — we couldn't read your password if we wanted to. Minimum 8 characters; we warmly recommend a password manager.
- Sessions use secure, HTTP-only cookies over HTTPS — everything between your browser and SeoSwift is encrypted in transit.
- Your Sign-in history (user menu → Sign-in history) shows the date, IP address, and browser of recent sign-ins, so you can verify it's always been you.
- Password reset links are single-use and expire quickly.
Your agency's data
- Agencies are isolated from each other at the database level — tenant separation is enforced by the database itself, not just by application code. Your data is never visible to another agency.
- Sensitive actions — role changes, invitations, member removal, settings changes — are written to an audit trail your owners can review in the activity log.
- Client portal links are long random tokens, read-only by design, and revocable the moment you disable the portal.
Payments
All payments are processed by Stripe, a PCI-DSS Level 1 certified payment provider. Your card number is never sent to or stored on SeoSwift's servers.
What we collect from your sites
Our crawler reads only what any visitor's browser would: public pages and their metadata. It identifies itself honestly as SeoSwiftBot, fetches gently at about one page per second, and never submits forms, never logs in, and never changes anything. Full page data is kept for 30 days; the change history that powers your changelog and timeline is kept for as long as you keep the site.
Where your data lives
SeoSwift runs on servers in the European Union, with encrypted backups. We collect only the data needed to run the service — no selling, no sharing with advertisers, no surprises.
The fine print, in full
The complete details live in our Privacy Policy, Data Processing Agreement (GDPR), and Terms of Service. Questions, concerns, or a security report? Write to us at hello@seoswift.io — a human reads it.Still stuck? Email hello@seoswift.io — a human reads it.