We use cookies for analytics and affiliate attribution. See our Privacy Policy.
Last Updated: March 2026 | Effective Date: March 2026
SWOP Holdings Inc. ("SWOP," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the SWOP platform and associated services (the "Platform").
By creating an account and using the Platform, you agree to the collection and use of your information in accordance with this Policy. If you do not agree, you must not use the Platform.
This Policy applies to users in all jurisdictions including the United States, the European Union, the United Kingdom, and the United Arab Emirates. Where applicable law requires specific protections — such as GDPR for EU/UK users or the UAE Personal Data Protection Law for UAE users — we comply with those requirements.
| Category | Examples |
|---|---|
| Account information | Name, email address, username, password |
| Profile information | Location, dealer/collector status, specialisation, bio |
| Contact information | WhatsApp number, phone number |
| Asset and inventory data | Watch listings, descriptions, prices, photos, condition notes, reference numbers, provenance documents |
| Transaction data | Offers made/received, completed sales, trade proposals, negotiation history |
| Payment information | Billing details processed by Stripe (we do not store full card numbers) |
| Communications | Messages sent through the Platform, support requests, dispute submissions |
| Dealer verification data | Business registration documents, trade credentials, company identification, KYB materials |
| Authentication and dispute data | Third-party authentication reports, dispute submissions, evidence submitted during the 14-day dispute window |
| Category | Examples |
|---|---|
| Usage data | Features used, searches performed, pages visited, time spent, click patterns |
| Device data | IP address, browser type, operating system, device identifiers |
| Log data | Access times, error logs, API calls |
| SWOPi autonomous action logs | Records of autonomous actions SWOPi takes on your behalf including offers submitted, listings created, and contacts initiated |
| Cookies and tracking | Session cookies, preference cookies, analytics identifiers |
| AI interaction data | All prompts, responses, and interactions with SWOPi including via WhatsApp |
When you connect third-party accounts to SWOP, we collect:
| Platform | Data Collected |
|---|---|
| Phone number, full message interaction history with SWOPi bot including negotiation content, offers, and pricing discussions | |
| Shopify | Inventory data, store details, product listings |
| Public profile information, follower/following data (where you authorise via OAuth) | |
| Other platforms | Data you authorise when connecting accounts (Chrono24, eBay, WatchBox, etc.) |
As part of the Connection Value Graph (CVG), we collect and process:
Note: The CVG is a core transferable asset of SWOP Holdings Inc. In the event of a business transfer, acquisition, or investment, CVG data — including your network relationships and trust data — may transfer as part of that transaction. See Section 5.3.
When you upload images of assets to the Platform, those images may be processed by SWOP's AI systems including SWOPi for purposes including valuation, reference matching, condition assessment, and platform improvement. By uploading images you consent to this AI processing of your visual content.
IMPORTANT: By creating an account and using the Platform, you expressly consent to SWOP using any and all data generated through your use of the Platform to train, develop, fine-tune, enhance, and improve SWOPi and the Platform's AI systems, features, and capabilities.
This includes but is not limited to:
This data may be used in identifiable, pseudonymised, or fully anonymised form. Once anonymised and incorporated into AI training datasets, this data cannot be deleted or reversed. SWOP retains AI training data indefinitely in anonymised or aggregated form.
Your continued use of the Platform constitutes ongoing consent to this use of your data. If you do not agree to your data being used for these purposes, you must not use the Platform.
Your network data — who you connect with, your trust relationships, your transaction history — is used to build and update the Connection Value Graph. This graph is a core product feature that benefits all users by enabling network traversal and asset sourcing.
| Processing Activity | Legal Basis |
|---|---|
| Account creation and service delivery | Contract performance |
| Payment processing | Contract performance |
| CVG building and network data | Legitimate interests |
| AI training and platform improvement | Consent (obtained at registration) + Legitimate interests |
| Asset image AI processing | Consent |
| Dealer verification and KYB | Legal obligation + Legitimate interests |
| Safety, fraud prevention, and enforcement | Legitimate interests + Legal obligation |
| Banned user data retention | Legitimate interests (fraud prevention) |
| Marketing communications | Consent |
| Legal compliance | Legal obligation |
For users in the United Arab Emirates, SWOP processes your personal data in accordance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and its implementing regulations. Our processing of your data is based on:
UAE users have the right to access, correct, and request deletion of their personal data. To exercise these rights, contact contact@swop.com. We will respond within the timeframes required by applicable UAE law.
Certain information is visible to other SWOP users by design:
| Provider | Purpose |
|---|---|
| Stripe | Payment processing and subscription management |
| Escrow.com | Asset transaction escrow services |
| Shopify | Inventory synchronisation |
| WhatsApp / Meta | SWOPi bot delivery and message processing |
| SWOP authentication and other authentication partners | Asset authentication services (independent third parties) |
| Cloud infrastructure providers | Hosting and data storage |
| Analytics providers | Platform usage analytics |
All service providers are contractually bound to handle your data securely and only for specified purposes.
If SWOP is involved in a merger, acquisition, fundraising, investment, or sale of assets, your personal data — including Connection Value Graph data, trust relationships, transaction history, and network data — may be reviewed by or transferred to the acquiring or investing party as part of that transaction. The CVG is a core business asset of SWOP Holdings Inc. and will be treated as such in any corporate transaction.
We will notify you via email or prominent notice on the Platform before your data is transferred and becomes subject to a different privacy policy.
We may disclose your information if required by law, regulation, legal process, or governmental request, or where necessary to protect the rights, property, or safety of SWOP, our users, or the public. In cases involving suspected counterfeit asset transactions, we may proactively share relevant data with law enforcement authorities.
| Data Type | Retention Period |
|---|---|
| Account information | Duration of account + 3 years after deletion |
| Transaction data | 7 years (for legal and tax compliance) |
| CVG and network data | Duration of account + 2 years |
| AI training data | Retained indefinitely in anonymised/aggregated form |
| Asset images and visual data | Duration of account + 2 years; anonymised versions may be retained indefinitely for AI training |
| Payment records | 7 years (for legal and tax compliance) |
| Support communications | 2 years |
| Usage and analytics data | 2 years |
| Dealer verification and KYB documents | Duration of dealer status + 5 years (regulatory compliance) |
| Authentication and dispute data | 5 years from date of dispute |
| Banned user account data | 7 years from date of ban (fraud prevention and legal compliance) |
| SWOPi autonomous action logs | 3 years |
| WhatsApp conversation data | 2 years from date of conversation |
When data is no longer required, we delete or anonymise it securely. Note that data already incorporated into AI training models in anonymised or aggregated form cannot be individually deleted.
We implement industry-standard security measures to protect your data including:
No method of electronic transmission or storage is 100% secure. While we take all reasonable steps to protect your data, we cannot guarantee absolute security.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, SWOP will:
We use cookies and similar tracking technologies to operate and improve the Platform.
| Type | Purpose |
|---|---|
| Essential cookies | Required for the Platform to function |
| Preference cookies | Remember your settings and preferences |
| Analytics cookies | Understand how you use the Platform |
| Marketing cookies | Track effectiveness of our marketing (where applicable) |
You can manage cookie preferences through your browser settings. Disabling essential cookies may affect Platform functionality.
The SWOP Connector is an optional browser extension (Chrome Web Store, with planned releases for Firefox and Safari) that streamlines connecting Facebook Marketplace and Chrono24 to your SWOP account.
What the Connector reads. When you install the Connector and pair it with your SWOP account, the extension reads session cookies set by your browser on the following domains:
| Domain | Why |
|---|---|
| facebook.com | To mirror your Facebook Marketplace login into SWOP so listings and messages can be created on your behalf |
| messenger.com | Facebook Marketplace conversations route through Messenger; both cookie sets are required for replies to send reliably |
| chrono24.com | To mirror your Chrono24 login into SWOP for listing creation and inventory sync |
The Connector reads only cookies on these specific domains. It does not read browsing history, page content, form input, or cookies on any other site.
Where cookies go. Captured cookies are sent encrypted in transit (HTTPS / TLS) to SWOP's backend at api-demo.swop.trade, encrypted again at rest using AES-256 (Fernet) before being stored in your marketplace_accounts row in the SWOP database. They are accessible only to the SWOP services that act on your behalf — primarily the listing-creation and message-sync workers.
When cookies are sent. The Connector sends cookies on the following occasions:
What we don't do. The Connector does not read or transmit cookies for any domain not listed above. It does not inject scripts into pages you visit. It does not modify the pages you browse. It does not collect or store passwords. The captured session cookies are used exclusively to maintain your SWOP integrations — they are never sold, shared with advertisers, or shared with other SWOP users.
Your controls.
app.swop.trade.app.swop.trade.Retention. Cookie payloads are retained for as long as your connection to the corresponding platform is active. When you disconnect a platform or delete your SWOP account, stored cookies for that platform are deleted within 30 days (subject to the retention windows in Section 6).
Why this needs an extension. Cookies set by Facebook, Messenger, and Chrono24 are scoped to those origins by design — the SWOP web app at app.swop.trade cannot read them directly. A browser extension is the only way to capture an authenticated session without requiring you to enter your platform passwords on a SWOP-controlled page. We chose this pattern specifically so that your platform passwords never touch SWOP.
Regardless of location, you have the right to:
You may object to the use of your data for AI training purposes by closing your account. However, data that has already been incorporated into AI training models in anonymised or aggregated form cannot be individually identified, extracted, or deleted. SWOP is not able to remove anonymised contributions to AI models once training has occurred. This limitation applies to all users regardless of jurisdiction.
In addition to Section 9.1, you have the right to:
UAE users have the right to access, correct, delete, and restrict the processing of their personal data under the UAE PDPL. To exercise these rights contact contact@swop.com. We will respond within the timeframes required by UAE law.
California residents have the right to:
To exercise any of these rights, contact us at: contact@swop.com. We will respond to verified requests within 30 days (or 45 days for complex requests).
SWOP is a US-incorporated company headquartered in Delaware. Your data may be processed in the United States and other countries where our service providers operate, including the UAE and EU member states.
The Platform is not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, contact us immediately at contact@swop.com and we will delete it promptly.
The Platform may contain links to or integrations with third-party websites and services including authentication partners such as SWOP authentication. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you connect to SWOP. SWOP is not responsible for the privacy practices of any third-party service.
We may update this Privacy Policy from time to time. We will notify you of material changes by:
Continued use of the Platform after changes take effect constitutes your acceptance of the updated Policy.
Data Controller:
SWOP Holdings Inc.
A Delaware C-Corp company, United States
166 Geary St, Ste 1500, MailBox #108
San Francisco, CA 94108
Privacy enquiries: contact@swop.com
General support: contact@swop.com
Legal notices: contact@swop.com
For EU/UK & UAE users who wish to contact our representative for GDPR purposes: contact@swop.trade