IMPORTANT LEGAL NOTICE
The Service must NOT be used for illegal activities, including doxxing, harassment, stalking, extortion, blackmail, impersonation, unlawful surveillance, discrimination, or swatting facilitation.
Users are solely responsible for ensuring lawful use and having a valid legal basis for any lookup or downstream use.
Policy Update Notice: We have updated our Terms of Service, Privacy Policy, and Legal Notice. All users must review and re-accept these updates in the dashboard. Until accepted, access to modules is disabled.
1. Scope
This Privacy Policy explains how swattedw.tf ("we", "us") collects and processes personal data in connection with the Service. It applies to visitors, account holders, and API users.
2. Data Controller and Contact
Contact: privacy@swattedw.tf. If a data protection officer is required and appointed, we will list the contact details here. At this time, no DPO is appointed; please use the contact above.
Owners (Telegram): @swattedintokyo, @csintlarp
3. Roles for Lookup Inputs
For account, billing, and security logs, we act as the data controller. For Lookup Inputs you submit and your downstream use of Results, you typically act as the controller. We may act as a processor solely to execute your requested lookups and return Results. You must ensure a lawful basis for any third-party data you submit.
4. Categories of Personal Data
Registration and Account Data: Username, email address (if provided), password hash, account creation timestamp, registration IP address, account status, verification tokens, API keys (if issued), plan tier, and account preferences. If you enable two-factor authentication or add profile details or recovery options, we collect those fields as provided.
Billing Data: Payment status, invoices, and transaction references. Payment card data is handled by our payment processor and is not stored by us.
Support and Communications: Messages you send to support or legal channels and related metadata.
Technical and Security Logs: IP address, user agent, privacy-preserving device identifiers, timestamps, and security events for rate limiting, exploit detection, and fraud prevention. Security events may include request paths, query parameters, header metadata, and detection signals used to identify abuse.
Lookup Inputs: Identifiers or data you submit to run queries.
Query Metadata: Limited technical data about a lookup (for example timestamp, module name, rate-limit outcome, and request identifiers) and does not include full query content.
Cookies: Strictly necessary cookies and session tokens to keep you logged in and protect the Service.
5. Purposes of Processing
- Account access: Create, authenticate, and manage accounts
- Service delivery: Execute lookups and return Results
- Security and abuse prevention: Detect fraud, exploitation attempts, enforce rate limits, and protect infrastructure (including automated blocking)
- Reliability: Troubleshooting, debugging, and service stability
- Legal compliance: Respond to lawful requests and enforce terms
6. Legal Bases (GDPR)
Contract: We process data to provide the Service you request, including account creation and executing lookups.
Legitimate Interests: We process data for security, abuse prevention, and service reliability. We balance these interests against your rights and consider less intrusive alternatives; you can object at any time.
Consent: Optional analytics or non-essential features (if enabled) require opt-in consent. You may withdraw consent at any time without affecting prior processing.
Right to object: If processing is based on legitimate interests, you may object by contacting privacy@swattedw.tf. We will stop processing unless we have compelling legitimate grounds or need the data for legal claims.
7. Data Retention
Security and access logs: Up to 30 days.
Query metadata: Up to 24 hours.
Account deletion: Personal data is deleted or anonymized within 30 days after account deletion.
We may retain data longer where required to comply with legal obligations, resolve disputes, or investigate fraud, abuse, or security incidents.
8. Sharing and Third Parties
We share data with service providers strictly as needed to operate the Service (hosting, security, payment, and support). For lookup functionality, we may send minimal query parameters to third-party data sources to fulfill your request. These providers process data under their own terms and policies.
We may disclose data where required by law, to protect rights and safety, or to enforce our Terms.
9. International Transfers
Your data may be processed outside your country. Where GDPR applies and data is transferred outside the EU/EEA/UK, we rely on adequacy decisions or Standard Contractual Clauses (SCCs), and conduct transfer impact assessments where required. We do not promise that all destinations provide equivalent protections, but we implement appropriate safeguards.
10. Cookies and ePrivacy
We use strictly necessary cookies and session storage to operate the Service (authentication, security, rate limiting). We currently do not use optional analytics or advertising cookies.
If we introduce optional analytics in the future, they will be opt-in only and will be disclosed in the cookie banner or settings.
11. Security
We apply reasonable technical and organizational measures to protect personal data, including access controls, password hashing, monitoring, and automated abuse prevention. No system is perfectly secure; please report security issues to abuse@swattedw.tf or admin@swattedw.tf.
12. Your Rights
Depending on your location, you may have rights to access, rectify, erase, restrict, object, or port your personal data. You may also withdraw consent where processing is based on consent.
If you are in the EU/EEA/UK, you have the right to lodge a complaint with your local supervisory authority.
To exercise rights, contact privacy@swattedw.tf. We may verify your identity to protect your account.
13. Children and Minors
The Service is not intended for users under 16. If local law requires a higher age, that higher age applies. If you believe a minor has provided data, contact privacy@swattedw.tf and we will delete it promptly where required.
14. Changes to This Policy
We may update this policy from time to time. We will post changes here and update the "Last Updated" date. Material changes may be notified by email or in-product notice where feasible.
15. Notices and Contact
Formal legal notices should be sent to legal@swattedw.tf. Optional support is available at admin@swattedw.tf or https://t.me/swattedwtf, but Telegram is not an official channel for legal notices.
Additional contacts: privacy@swattedw.tf abuse@swattedw.tf blacklist@swattedw.tf