Privacy Policy
Privacy Policy
Last Updated: May 4, 2026
This Privacy Policy for 7x Systems LLC ("we," "us," or "our") describes how and why we might collect, store, use, and/or share ("process") your information when you use Swipe Inbox and our related services ("Services"), such as when you:
- Visit our website at swipeinbox.co, or any website of ours that links to this Privacy Policy.
- Use Swipe Inbox, our AI-powered email management product, including any browser, mobile, or MCP-server interface.
- Connect a Google email account (Gmail, Google Workspace) or Microsoft email account (Microsoft 365, Outlook.com, Exchange) so that Swipe Inbox can read, send, and organize your email on your behalf.
- Engage with us in other related ways, including any sales, marketing, support, or events.
If you have questions or concerns, please contact us at swipe@aisimple.co.
1. Important Information and Who We Are
1.1 Data Controller and Data Processor
When we act as Data Controller: For personal data about you as a registered user (your account information, authentication data, billing details, usage patterns), 7x Systems LLC acts as the "data controller" under GDPR and similar data protection laws.
When we act as Data Processor: For personal data contained in the emails, calendar entries, contacts, and email account information that you submit to Swipe Inbox so we can deliver the Services (such as email content, sender/recipient information, calendar data), we act as the "data processor" on your behalf. If we are the data processor of your personal data, you (or your organization) are the data controller, and you should contact the controller party in the first instance to address rights with respect to such data.
1.2 Contact Details
Company: 7x Systems LLC Address: 1309 Coffeen Ave, Sheridan, WY 82801 Email: swipe@aisimple.co
You have the right to make a complaint at any time to your local data protection authority. In the EU, this is your national supervisory authority. In the UK, this is the Information Commissioner's Office (ICO) at www.ico.org.uk. We would, however, appreciate the chance to deal with your concerns before you approach a supervisory authority, so please contact us in the first instance.
1.3 Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date and will be effective as soon as it is accessible. If we make material changes, we may notify you by prominently posting a notice or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
2. Information We Collect
Personal information you disclose to us. We collect personal information that you voluntarily provide when you register on the Services, express interest in our products, participate in activities on the Services, or otherwise contact us. The personal information we collect may include:
- Names
- Email addresses
- Phone numbers (if provided)
- Usernames and passwords (passwords are stored hashed)
- Billing addresses and payment information (last four digits, transaction history)
- Contact or authentication data (OAuth tokens for connected email accounts)
Payment data. We may collect data necessary to process your payment if you make purchases. Full payment data (card number, security code) is stored by our payment processor (Stripe) and is not retained on our servers. You may find Stripe's privacy notice at https://stripe.com/privacy.
Email Account Data. When you connect a Google or Microsoft email account via OAuth, we receive access to email content, metadata (sender, recipient, subject lines, timestamps, folders/labels), calendar events, and email account settings as needed to deliver the Services. We process this data as your data processor (see Section 1.1).
Information automatically collected. We automatically collect certain technical and usage information when you use the Services, including:
- IP addresses
- Browser and device characteristics (type, operating system, language preferences)
- Referring URLs
- Country, location, and time zone
- Information about how and when you use the Services
- Device identifiers
- Pages and features accessed
- Click and scroll behavior
Communication Data. Includes your communications with us — support requests, feedback, and survey responses.
We may create aggregated, de-identified, or anonymized data from the personal data we collect by removing information that makes the data personally identifiable. We may use such data and share it with third parties for our lawful business purposes, including to analyze, build, and improve the Services, provided that we will not disclose such data in a manner that could identify you.
What We Store and What We Don't
We do NOT permanently store:
- Full email body content
- Email subject lines beyond what is needed for active features
We DO store:
- Sender information (email addresses of people who email you) for analytics and features like bulk unsubscribe
- Summaries and analysis of your email history to provide personalized features and insights
- Email metadata needed for automation rules and account insights
- Temporary email summaries for active features (e.g., digest emails), which are deleted after the feature completes
Email content is analyzed to deliver the Services but is not retained in our systems beyond what is necessary to provide the requested features.
3. How We Process Your Information
We process your personal information for a variety of reasons, depending on how you interact with the Services, including:
- To provide and maintain the Services — including account creation, OAuth authentication, and delivering Swipe Inbox features.
- To improve and develop the Services — to understand how users interact with the platform so we can enhance functionality and user experience.
- To communicate with you — to send service-related information, updates, marketing communications, and respond to inquiries.
- To process transactions — to manage payments, refunds, and billing.
- For security and fraud prevention — to protect the Services, detect and prevent fraudulent activity, and ensure the safety and integrity of the platform.
- To comply with legal obligations — to respond to legal requests and prevent harm as required by applicable law.
- To power AI features — to provide AI-powered email categorization, drafting, summarization, and automation features through third-party AI providers.
4. Legal Bases for Processing
We only process your personal information when we have a valid legal basis to do so under applicable law. Depending on your location, the applicable legal basis may include:
- Consent — you have given us permission to process your personal information for a specific purpose. You may withdraw your consent at any time.
- Contractual necessity — processing is necessary to fulfill our contractual obligations to you (e.g., providing the Services you signed up for).
- Legitimate interests — processing is necessary for our legitimate business interests, such as improving the Services, marketing, fraud prevention, and security, provided those interests are not overridden by your rights.
- Legal obligations — processing is necessary to comply with applicable laws, regulations, or legal processes.
Please contact us if you need details about the specific legal ground we rely on to process your personal data.
5. Data Shared with Third-Party AI Models
5.1 What We Share
To provide email categorization, response generation, summarization, and automation features, the Services use machine learning models from third-party AI providers (such as Anthropic, OpenAI, and Google Cloud AI). We require our AI service providers to use your information only for the purpose of providing the Services on our behalf. We do not allow those providers to train their models on your data.
The following data types may be shared with AI providers:
- Email Content and Metadata: email subject lines, email body text, sender and recipient information, timestamps, and folder/label information — only when needed to deliver a feature you are actively using.
This data is processed for the sole purpose of delivering the AI-powered features you have requested and is not used for any other purpose within the AI providers' systems.
5.2 Zero Data Retention
Our AI service providers have policies that prohibit using customer data submitted via their APIs to train their models. AI providers process data only as necessary to deliver the requested service and do not store your data on their servers beyond what is required for short-term abuse and misuse monitoring.
6. When and With Whom We Share Information
We may share your information in the following situations:
- Service providers — IT support, hosting, data storage, monitoring, analytics, email delivery, and AI language model providers acting as processors on our behalf, who may be based in the US or elsewhere.
- Analytics providers — third-party analytics services (e.g., PostHog, Google Analytics) help us understand how the Services are used.
- Payment processors — we share payment information with Stripe and similar processors to process transactions securely.
- AI platforms — Anthropic, OpenAI, Google Cloud AI, and similar AI platforms power AI-driven features within the Services. Data shared with these providers is limited to what is necessary for the feature to function.
- Cloud and hosting services — we use cloud infrastructure providers to host and deliver the Services.
- Email and communication services — we use third-party providers to send transactional and marketing communications.
- Business transfers — we may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.
- Legal requirements — we may disclose your information where required to comply with applicable laws, governmental requests, judicial proceedings, court orders, or legal processes.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
7. Email Provider API Compliance
7.1 Google API Services User Data Policy
Swipe Inbox's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
We only use access to your Google email account (Gmail, Google Workspace, or other Google-hosted email) to:
- Read emails for AI processing and automation features you have enabled.
- Send emails on your behalf as directed by you.
- Manage email labels, categories, and organization.
- Access email metadata for automation rules.
We do not:
- Use your Google email data for advertising purposes.
- Share your Google email data with third parties except as described in this Privacy Policy.
- Permanently store your email body content on our servers.
- Allow humans to read your email except where (a) you give us explicit consent for a specific message, (b) it is necessary for security purposes such as investigating abuse, (c) it is necessary to comply with applicable law, or (d) data is aggregated and anonymized for internal operations.
7.2 Microsoft Graph API Services
Swipe Inbox's use of information received from Microsoft Graph API adheres to Microsoft's data handling requirements and the Microsoft API Terms of Use.
We only use access to your Microsoft email account (Microsoft 365, Outlook.com, Exchange, or other Microsoft-hosted email) to:
- Read emails for AI processing and automation features you have enabled.
- Send emails on your behalf as directed by you.
- Manage email folders, categories, and organization.
- Access email metadata for automation rules.
We do not:
- Use your Microsoft email data for advertising purposes.
- Share your Microsoft email data with third parties except as described in this Privacy Policy.
- Permanently store your email body content on our servers.
8. Cookies and Tracking
We may use cookies, web beacons, pixels, and similar tracking technologies to access or store information. We use both session and persistent cookies for the following purposes:
- Essential cookies — required for the operation of the Services (authentication, security, load balancing).
- Analytics cookies — help us understand how visitors interact with the Services by collecting and reporting information.
- Advertising cookies — used to deliver relevant advertisements and track ad campaign performance.
- Functional cookies — enable enhanced functionality and personalization (e.g., remembering your preferences).
You can control cookies through your browser settings. Disabling cookies may limit your ability to use certain parts of the Services.
9. International Transfers
If you are located in the European Economic Area (EEA), UK, or other jurisdictions outside the United States, your personal data may be transferred to and processed in the United States or other countries where our service providers operate.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection by ensuring that either:
- We have a specific contract in a form approved by the European Commission (Standard Contractual Clauses) that ensures your personal data receives the same protection it has in Europe; or
- Our service providers are members of the EU-US Data Privacy Framework, which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanism used when transferring your personal data.
10. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
As a general guideline, we retain account-level personal information for up to 24 months following account termination or your last interaction with the Services, unless a longer period is required by law. Email content and metadata processed as data processor are governed by the storage rules described in Section 2.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
11. Data Security
We have implemented appropriate technical and organizational security measures designed to protect your personal data from unauthorized access, loss, alteration, or disclosure. OAuth tokens are encrypted at rest. Data is transmitted over TLS.
We have procedures in place to detect, report, and respond to any suspected personal data breach and will notify you and any applicable regulator where we are legally required to do so.
However, despite our safeguards and efforts, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. We cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. You should only access the Services within a secure environment.
12. Your Privacy Rights
Depending on your location and applicable law, you may have the following rights regarding your personal information:
- Right to access — request a copy of the personal information we hold about you.
- Right to correction — request that we correct any inaccurate or incomplete personal information.
- Right to deletion — request that we delete your personal information, subject to certain exceptions.
- Right to restrict processing — request that we restrict the processing of your personal information.
- Right to data portability — request a copy of your data in a structured, commonly used, and machine-readable format.
- Right to object — object to processing of your personal data where we are relying on legitimate interests.
- Right to opt out — opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.
- Right to withdraw consent — where we rely on your consent to process your personal information, you may withdraw consent at any time.
To exercise any of these rights, please contact us at swipe@aisimple.co. We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights) in most cases. We may need to request specific information from you to confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Account information. If at any time you would like to review or change the information in your account or terminate your account, you can do so from your account settings or by contacting us. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information to prevent fraud, troubleshoot problems, assist with investigations, enforce our legal terms, and/or comply with applicable legal requirements.
More information on EU/UK rights and when they apply is available at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
13. Do-Not-Track
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.
If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.
14. US State Privacy Rights
California residents. California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. To make such a request, please submit your request in writing to us using the contact information below.
If you are under 18, reside in California, and have a registered account with the Services, you have the right to request removal of unwanted data that you publicly post on the Services. To request removal of such data, please contact us using the contact information below.
CCPA / CPRA. California residents have specific rights regarding access to their personal information under the California Consumer Privacy Act (as amended by the California Privacy Rights Act): the right to request disclosure of what personal information we collect, use, disclose, and sell; the right to request deletion; and the right to not be discriminated against for exercising privacy rights. We do not sell your personal information.
Other US states. Residents of Colorado, Connecticut, Utah, Virginia, and other states with comprehensive privacy laws may have similar rights to access, correct, delete, and opt out of certain processing activities. To exercise these rights, please contact us at the information below.
15. Contact Us
If you have questions or comments about this Privacy Policy, you may contact us at:
7x Systems LLC 1309 Coffeen Ave, Sheridan, WY 82801 Email: swipe@aisimple.co Website: swipeinbox.co
16. Reviewing, Updating, or Deleting Your Data
Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please contact us at swipe@aisimple.co.
We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request. If we are unable to fulfill your request, we will provide you with an explanation.