Privacy Policy

Table of Contents

1. Information We Collect
2. How We Use Your Information
3. Sharing Your Information
4. Data Security
5. Cookies and Tracking
6. Your Privacy Rights
7. Data Retention
8. Children's Privacy
9. Changes to This Policy
10. Contact Us

1. Information We Collect

1.1 Personal Information You Provide

We collect information you provide directly to us:

• Account Information: Name, email address, password (hashed), profile picture
• Payment Information: Billing address, payment method details (processed by third-party payment providers)
• Communications: Support requests, feedback, survey responses
• Business Information: Company name, tax ID, business address (for enterprise accounts)

1.2 Automatically Collected Information

When you use the Platform, we automatically collect:

• Usage Data: Features accessed, time spent, actions performed
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Pages visited, referring URL, timestamps, clickstream data
• Location Data: General geographic location derived from IP address
• Performance Metrics: Resource usage, API calls, error logs

1.3 Information from Third Parties

We may receive information about you from:

• Authentication Providers: Google OAuth (profile information)
• Payment Processors: Payment confirmation, transaction IDs
• Analytics Services: Usage patterns, behavior data
• Public Sources: Business registries, public databases

1.4 Customer Data

"Customer Data" refers to data you store, process, or transmit using the Platform (e.g., VM configurations, databases, DNS records). We do not claim ownership of Customer Data and do not access it except:

• To provide and maintain the Service
• To comply with legal obligations
• With your explicit consent
• To protect rights and safety (as described in Section 3)

2. How We Use Your Information

We use collected information for the following purposes:

2.1 Service Provision

• Create and manage your account
• Provision and manage cloud resources
• Process payments and send invoices
• Provide customer support
• Send service-related communications (updates, security alerts)

2.2 Platform Improvement

• Analyze usage patterns and trends
• Test new features and functionality
• Monitor and improve performance
• Conduct research and development

2.3 Security and Compliance

• Detect and prevent fraud, abuse, and security incidents
• Verify identity and authenticate users
• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service
• Protect rights, property, and safety of SwiftCloud and users

2.4 Marketing (With Consent)

• Send promotional communications (you can opt-out anytime)
• Provide personalized content and recommendations
• Invite you to events, webinars, or surveys

3. Sharing Your Information

We do NOT sell, rent, or trade your personal information. We may share information in the following circumstances:

3.1 Service Providers

We engage trusted third-party providers who assist in operations:

• Infrastructure: Hosting providers, CDN services
• Payment Processing: DPO Pay, Lenco, banks
• Communications: Email service providers (SendGrid, etc.)
• Analytics: Usage analytics, error tracking
• Support: Customer support tools

These providers have access only to perform specific tasks on our behalf and are obligated to maintain confidentiality.

3.2 Legal Requirements

We may disclose information when required by law, subpoena, court order, or government request, or when we believe disclosure is necessary to:

• Comply with legal obligations
• Protect and defend our rights and property
• Prevent or investigate wrongdoing
• Protect personal safety of users or the public
• Protect against legal liability

3.3 Business Transfers

In connection with a merger, acquisition, financing, or sale of assets, customer information may be transferred as a business asset. Users will be notified via email or prominent notice before transfer.

3.4 With Your Consent

We may share information with your explicit consent for specific purposes.

3.5 Aggregated/De-identified Data

We may share aggregated, de-identified data that cannot reasonably identify you for analytics, industry analysis, and marketing purposes.

4. Data Security

4.1 Technical Measures

• Encryption in Transit: TLS 1.3 for all data transmission
• Encryption at Rest: AES-256 encryption for stored data
• Access Controls: Role-based access, multi-factor authentication
• Network Security: Firewalls, intrusion detection, DDoS protection
• Regular Audits: Security assessments, penetration testing

4.2 Organizational Measures

• Employee training on data protection
• Strict access policies and need-to-know basis
• Confidentiality agreements with employees and contractors
• Incident response procedures

4.3 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you within 72 hours via email and prominent notice on the Platform, as required by applicable law.

4.4 No Guarantee

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

5. Cookies and Tracking Technologies

5.1 What We Use

We use cookies and similar technologies:

• Essential Cookies: Required for Platform functionality (session management, security)
• Functional Cookies: Remember preferences and settings
• Analytics Cookies: Understand usage patterns (Google Analytics, etc.)
• Marketing Cookies: Deliver relevant advertisements (with consent)

5.2 Your Choices

You can control cookies through:

• Browser settings (block or delete cookies)
• Cookie consent banner (manage preferences)
• Opt-out of third-party analytics and advertising

Note: Disabling essential cookies may impair Platform functionality.

5.3 Third-Party Tracking

Some third-party services (analytics, advertising) may collect information about your online activities. We do not control these practices. Review their privacy policies for details.

6. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights:

6.1 Access and Portability

Request a copy of your personal information in a structured, machine-readable format.

6.2 Correction

Request correction of inaccurate or incomplete information.

6.3 Deletion

Request deletion of your personal information, subject to legal obligations.

6.4 Restriction

Request restriction of processing in certain circumstances.

6.5 Objection

Object to processing, particularly for direct marketing.

6.6 Withdrawal of Consent

Withdraw consent at any time (does not affect prior processing).

6.7 How to Exercise Rights

To exercise these rights:

• Email: privacy@swiftcloud.co.zm
• Dashboard: Settings → Privacy
• Mail: Data Protection Officer, Cairo Road, Lusaka, Zambia

We respond within 30 days. We may require identity verification.

6.8 Right to Complain

You have the right to lodge a complaint with your local data protection authority:

• Zambia: Data Protection Commissioner
• Tanzania: Personal Data Protection Commission
• Zimbabwe: Data Protection Authority

7. Data Retention

We retain personal information only as long as necessary:

• Active Accounts: Duration of account plus 3 years
• Deleted Accounts: 90 days after deletion
• Financial Records: 7 years (legal requirement)
• Logs: 12 months for security purposes
• Marketing Data: Until consent withdrawal

After retention periods, data is securely deleted or anonymized.

8. Children's Privacy

The Platform is not intended for children under 18. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 18, we will delete it promptly.

If you believe a child has provided us with information, contact us at privacy@osystems.africa.

9. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date.

For material changes:

• We will notify you via email or Platform notice
• Changes become effective 30 days after notice
• Continued use constitutes acceptance

10. Contact Us