SwipeTrack Solutions

Request A Demo

SwipeTrack Solutions Privacy Policy

Effective Date: January 18, 2011
Last Updated: December 1, 2025

SwipeTrack Solutions, LLC (“SwipeTrack,” “we,” “us,” or “our”) is committed to protecting the privacy and security of personal information processed through our products and services, including the XTruLink Guest Experience Platform (“Service”). This Privacy Policy describes how we collect, use, disclose, and protect information when you interact with our websites, systems, and offerings.

By using our Services, you agree to this Privacy Policy.

1. Information We Collect

We collect personal information in the following ways:

Information You Provide

  • Contact information (name, email, phone, organization)

  • Account login details

  • Support communications

  • Payment information (processed by trusted PCI-compliant providers — we do not store card numbers)

Information Automatically Collected

  • IP address and device information

  • Browser details and Service usage logs

  • System performance and security telemetry

Customer & Visitor Data

Our customers may upload or manage guest information such as:

  • Ticket and membership records

  • Access control and attendance data

  • Transaction history for digital products or entry services

We process this only as instructed by the customer.

2. How We Use Personal Information

We use data to:

  • Provide and improve our Services

  • Authenticate users and enhance security

  • Respond to inquiries and provide support

  • Process payments and fulfill transactions

  • Analyze performance and user behavior

  • Comply with legal and regulatory obligations

We do not sell personal information.

3. Legal Basis for Processing (GDPR)

Where applicable, SwipeTrack relies on:

  • Contract performance

  • Legitimate interest (security, fraud prevention, Service improvement)

  • Consent (when explicitly required)

  • Compliance with law

4. Cookies and Similar Technologies

We use cookies to support essential platform functionality, performance analytics, preference settings, and edge security.

Types include:

  • Strictly Necessary Cookies — platform authentication, secure access

  • Analytics & Performance Cookies — metrics, error tracking

  • Functional Cookies — preference and accessibility features

  • Security Cookies — bot detection, rate limiting

You may modify browser settings to limit cookies; however, some Service functions may not work as intended.

More information is available at our Trust Center:
🔒 https://trust.swipetrack.com

5. Data Sharing & Subprocessors

We may share personal data with trusted vendors who support platform operations, including:

  • Liquid Web — hosting & database availability

  • Cloudflare — DNS, WAF, SSL, edge performance & content security

  • Stripe & Blackbaud Integrated Payments — secure payment processing

  • Google Workspace — business operations, secure communication

  • Atlassian (Confluence / Bitbucket) — documentation & code versioning

All vendors are subject to confidentiality and data protection requirements.

The current list of subprocessors is maintained at:
🔒 https://trust.swipetrack.com

6. Data Security

We implement administrative, technical, and physical safeguards including:

  • Encryption at rest and in transit

  • Role-based access controls

  • Monitoring, logging, and vulnerability scanning

  • Incident response and disaster recovery programs

  • Independent penetration testing & SOC 2 compliance

Security is a top priority and reviewed continuously.

7. Data Processing Terms (Public DPA Summary)

SwipeTrack acts as a Data Processor for customer-submitted personal data and processes it only according to the customer’s written instructions.

We support:

  • Data subject access and deletion rights

  • Breach notification without undue delay

  • Geographic transfer protection (e.g., SCCs where required)

  • Secure data return or deletion upon contract termination

Customers may request a full executed DPA by contacting us.

8. Retention of Data

We retain personal information only as long as necessary for:

  • Contract fulfillment

  • Legal compliance

  • Internal recordkeeping and audit support

Data is securely deleted when no longer needed.

9. Your Rights

Depending on jurisdiction, you may:

  • Access or correct your personal information

  • Request deletion or restrict processing

  • Object to automated processing

  • Request a copy of your data

Submit requests to:
📧 [email protected]
📞 888-855-5024

We may request information to verify identity before fulfilling requests.

10. International Users

Information may be processed in the United States. When transferring data across borders, we apply appropriate protection mechanisms consistent with GDPR and other global regulations.

11. Children’s Privacy

Our Services are not directed to children under 13.
If we learn we have collected such data without authorization, we will promptly delete it.

12. Updates to This Policy

We may update this Privacy Policy from time to time. If changes are significant, we will provide notice as required by law.

13. Contact Us

SwipeTrack Solutions, LLC
2727 NW Loop 410, Suite 300
San Antonio, TX 78230
📧 [email protected]
📞 888-855-5024
🔒 https://trust.swipetrack.com