Privacy Policy

The data controller for Swept is:

Gil Faria (sole proprietor) Email: privacy@swe.pt Address: [To be updated]

You may contact us at any time regarding privacy matters at privacy@swe.pt.

Swept is designed to collect as little data as possible. Here is exactly what we process:

- Spam reports: When you report a phone number, we store the number and category (spam, scam, or telemarketing). Reports are fully anonymized — we do not store your identity, device ID, or any personal information alongside them.
- App analytics: We use TelemetryDeck, a privacy-first analytics provider based in Germany. TelemetryDeck collects anonymous event names and aggregated usage patterns. It does not collect personal data, device identifiers, or IP addresses.
- Blocklist downloads: When the app fetches database updates, the request is processed by Cloudflare. No user-identifying information is logged.
- Waitlist: If you sign up for our launch waitlist, we store your email address and preferred locale.

We do NOT collect:
- Your contacts or address book
- Your call history or call metadata
- Your phone number
- Your location
- Your device identifiers (IDFA, IDFV)
- Cookies or browser fingerprints

Swept uses Apple's CallKit Call Directory Extension to block and identify phone numbers. Here is how it works:

- The app downloads a database of known spam numbers and institution numbers to your device.
- All call matching happens locally on your iPhone. The CallKit extension reads the database and pushes number lists to iOS.
- When a call comes in, iOS checks the number against the on-device list. Swept never sees the call, the caller's number, or any call metadata.
- This is GDPR Article 25 privacy by design — the architecture itself prevents personal data from being processed.

We use the data we collect for the following purposes:

- Spam reports: To build and maintain the community spam blocklist. Reports are aggregated — individual reports are used only to calculate a number's spam score.
- Waitlist emails: To notify you when Swept launches and to send product updates. You can unsubscribe at any time.
- TelemetryDeck analytics: To understand anonymized usage patterns (e.g., how many users enable call blocking, how often updates are downloaded). This helps us improve the product.

We do not use your data for profiling, advertising, or automated individual decision-making.

We process personal data under the following legal bases:

- Spam protection and blocklist delivery: Legitimate interest (Article 6(1)(f)) — protecting users from unwanted and fraudulent calls. We have conducted a balancing test and concluded that the minimal data processed (anonymized phone number reports) does not override your rights.
- Waitlist: Consent (Article 6(1)(a)) — you provide your email voluntarily and can withdraw consent at any time.
- Spam reports: Legitimate interest (Article 6(1)(f)) — improving the spam database for the benefit of all users.
- TelemetryDeck analytics: Legitimate interest (Article 6(1)(f)) — understanding product usage to improve the service. TelemetryDeck processes no personal data.

We do not use cookies on our website or in our app.

We do not use tracking pixels, browser fingerprinting, or any other client-side tracking technology. Our website analytics are provided by Cloudflare Web Analytics, which operates without cookies, without collecting personal data, and without JavaScript tracking scripts that follow you across the web.

Because we do not use cookies or similar tracking technologies, no cookie consent banner is required.

When you submit a spam report, our backend Worker receives your IP address as part of the HTTP request. We handle it as follows:

- The IP address is immediately hashed using SHA-256 with a rotating salt. The original IP is never stored.
- The hash is used solely for duplicate report detection (preventing the same source from flooding reports for a single number).
- The hash is retained for a maximum of 24 hours, after which it is discarded.

For the waitlist signup endpoint, IP addresses are used for rate limiting in-memory only and are never written to persistent storage.

We use the following third-party processors, all of which meet GDPR requirements:

- Cloudflare, Inc. — Infrastructure (Workers, R2 storage, D1 database). We use Cloudflare's EU data residency options. Cloudflare acts as a data processor under a Data Processing Addendum (DPA). Cloudflare privacy policy
- TelemetryDeck GmbH (Berlin, Germany) — Privacy-first app analytics. TelemetryDeck does not process personal data — it collects only anonymous, aggregated signals. TelemetryDeck privacy FAQ
- Apple Inc. — App Store distribution. Apple privacy policy

We take care to keep your data within the EU wherever possible:

- Cloudflare: We use EU data residency settings. Data is processed and stored within the European Union.
- TelemetryDeck: Based in Berlin, Germany. All data stays within the EU.
- Apple: App Store distribution may involve data transfer to the United States. Apple relies on Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework (DPF) for lawful transfers.

We implement appropriate technical and organizational measures to protect your data:

- All backend infrastructure is hosted on Cloudflare EU.
- All data in transit is protected by TLS 1.2 or higher.
- Data at rest is encrypted using Cloudflare's encryption.
- IP addresses are hashed on receipt — originals are never stored.
- Rate limiting is applied to all public endpoints to prevent abuse.
- Access to production infrastructure is restricted to authorized personnel only.

We retain data only as long as necessary for its stated purpose:

- Waitlist emails: Retained until you unsubscribe or the waitlist closes, then deleted within 30 days.
- Spam reports: Individual reports are deleted after 12 months. Aggregated spam counts (number + total report count) are retained as long as the number remains in the active blocklist.
- On-device data: The blocklist database stored on your device is deleted when you uninstall the app.
- TelemetryDeck data: Retained per TelemetryDeck's own retention policy (anonymous, aggregated data).
- IP hashes: Deleted within 24 hours.

Under the GDPR, you have the following rights regarding your personal data:

- Right of access (Article 15): Request a copy of any personal data we hold about you.
- Right to rectification (Article 16): Request correction of inaccurate personal data.
- Right to erasure (Article 17): Request deletion of your personal data ("right to be forgotten").
- Right to restriction (Article 18): Request that we limit how we process your data.
- Right to data portability (Article 20): Receive your data in a structured, commonly used, machine-readable format.
- Right to object (Article 21): Object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds.
- Right to withdraw consent (Article 7(3)): Where processing is based on consent (e.g., waitlist), you may withdraw at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email us at privacy@swe.pt. We will respond within 30 days. If your request is complex, we may extend this by a further 60 days and will inform you of the reason.

Swept does not make automated decisions that produce legal or similarly significant effects on individuals (GDPR Article 22).

Our spam blocking is a database lookup — numbers are flagged based on community reports and curated data sources, not on individual profiling. If your number has been incorrectly flagged, you can dispute it (see Section 16).

Swept is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children.

If we become aware that we have collected personal data from a child under 16, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us at privacy@swe.pt.

Swept allows users to submit institution identification data to help improve its caller identification database. When you submit an institution, we collect the following:

- Phone number of the institution
- Institution name
- Category (e.g., healthcare, banking, government)
- Department (if provided)

No personal data about you as the submitter is stored. Submissions are fully anonymous — we do not record who submitted an entry, nor do we associate submissions with any user identity, device, or account.

Submitted data is reviewed and, if verified, added to the shared institution identification database that benefits all Swept users.

If you believe a number has been incorrectly categorized, contact disputes@swe.pt. We will review disputes within 14 business days and correct any verified errors.

If your phone number has been incorrectly flagged as spam in our database, you may request its removal:

- Email disputes@swe.pt with the phone number in question and proof of ownership (e.g., a recent phone bill with the number, or documentation from your telecoms provider).
- We will investigate and respond within 14 business days.
- If the dispute is upheld, the number will be removed from the blocklist and marked as disputed to prevent re-addition from automated sources.

In the event of a personal data breach:

- We will notify the Comissão Nacional de Proteção de Dados (CNPD) within 72 hours of becoming aware of the breach, as required by GDPR Article 33.
- If the breach is likely to result in a high risk to your rights and freedoms, we will notify affected individuals without undue delay (GDPR Article 34).
- Notification will include the nature of the breach, likely consequences, and measures taken or proposed to address it.

You have the right to lodge a complaint with a supervisory authority. For Portugal, this is:

Comissão Nacional de Proteção de Dados (CNPD) Rua de São Bento, 148, 3.° 1200-821 Lisboa, Portugal Website: www.cnpd.pt

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Material changes will be communicated via the app and, where applicable, by email.

For any questions about this Privacy Policy, contact us at privacy@swe.pt.