CloudSwipe Data Policy

We only use necessary session and preference data so login, language, theme, and onboarding work reliably.

• Secure session cookies for authentication (HTTP-only).
• Local preferences for language, color mode, and onboarding state.
• Contextual ads in the free tier, but no advertising or third-party tracking cookies.

We store only what is needed for account, security, progress, and product operations.

• Account data: email, verification, and session records.
• Progress data: swipe decisions and cleanup run status.
• Admin/system logs for reliability, debugging, and security.

Passwords are never stored in plain text. Authentication relies on secure hash-based approaches.

• Password hashes instead of plain text.
• HMAC/salt-based protection for sensitive identifiers.
• Additional login hardening such as rate limiting.

Photos are fetched from your provider directly. CloudSwipe does not store photo binaries on backend services.

• No central photo storage in CloudSwipe.
• File content remains with your cloud provider.
• Keep/delete actions are processed as metadata decisions.

File/folder names and IDs are protected via secret-key-based hashes, so we cannot infer details from raw names.

• No plain filename storage in progress tables.
• Hash-based pseudonymization of file/folder identifiers.
• Reduced risk of direct content inference.

Our focus is product function and security, not ad tracking.

• Technical logs for uptime and troubleshooting.
• Security events for abuse prevention.
• Contextual ads without personalized ad profiling.

CloudSwipe connects to your provider, processes cleanup decisions, and stores only required operational data.

• Provider connections via OAuth/session flows.
• Server-side progress orchestration, not photo binary storage.
• You can log out and disconnect providers at any time.