Privacy Policy

Privacy Policy

SwayChain Pty Ltd (“SwayChain”, “we”, “us” or “our”) respects your privacy and is committed to protecting your personal data. Please take a few minutes to read this privacy policy (this “Privacy Policy”), which applies to your use of the SwayChain website and the Services accessible through our website.

A. Contact

As the provider of SwayChain Services, we are responsible for the processing of your personal data, as defined in the EU General Data Protection Regulation (“GDPR”). Our contact details are as follows:

135-141 Cardigan St, Carlton Victoria 3053

B. Third Party Links

Our website may, from time to time, contain links to or from partner websites or other third-party sites. These sites and any services that may be accessible through them have their own privacy policies. As we are not responsible for the privacy practices of these sites, we recommend that you review their privacy policies before submitting personal data to them.

C. General Purposes and Legal Bases

When we use the term “personal data”, we are referring to any information that can be used, directly or indirectly, to identify you personally. We process your personal data in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) if at least one of the following applies:

  1. Performance of Contractual or Pre-Contractual Measures. The data processing is needed for the performance of a contract to which you are a party or in order to take the steps requested by you prior to entering into a contract (Art. 6 (1) lit. b GDPR). Data processing that falls under this category is done when requested by you and can include performing transactions, customer support, requirement analysis and processing your tax-related data needed for your tax declaration in order to fulfill our Service Agreement with you.
  2. Consent. Where you have agreed to the processing of your personal data for one or more specific purposes, such data processing by us is permitted on the legal basis of your consent (Art. 6 (1) lit. a, Art. 9 (2) lit. a GDPR). Your consent is revocable at any time. Where you revoke your consent, we will not process your personal data on the basis of your consent following your revocation.
  3. Legitimate Interests. The data processing is needed for the purposes of the legitimate interests pursued by us SwayChain, the controller, or a third party, except where those interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (Art. 6 (1) lit. f GDPR). Data processing that falls under this category can include marketing or market and opinion analysis, ensuring IT security, assessment and optimization of processes, analysing and improving our products and services, enhancing your user experience, enforcement of claims or defences in legal proceedings and developing our Services and App.
  4. Legal Compliance. The data processing is necessary for compliance with a legal obligation to which we are subject (Art. 6 (1) lit. c GDPR). We are subject to several legal obligations that necessitate certain data processing activities. This includes verification of your identity, prevention of fraud and upholding our control and reporting obligations.
  5. Processing on Behalf of SwayChain. In several instances, we engage service providers and processors to process personal data on our behalf under Art. 28 GDPR. The data processing that falls under this category is carried out pursuant to a separate agreement with the respective processor. We ensure that this agreement contains sufficient protection and guarantees for the protection of your personal data and your rights with respect to that data, in each case in compliance with the GDPR.

D. Personal Data 

We process your personal data in order to provide you with our best Services. We collect your personal data either through your voluntary input or automatically when you use our website (including through the use of tracking technologies. This section discusses the specific categories of personal data that we process.

  1. Device and Technical Data. Certain technical data is automatically collected and transmitted to us by your browser when you access our website. Such information includes data about your internet browser, operating system, IP address, time of the page request, referrer URL, device information, session information, size of the requested file and any status or error codes. The information is logged in server log files, which we process in order to ensure the functionality of our website, gather statistical information about the use and development of our website, for general data security and error analysis purposes and for marketing purposes and general product improvement. With respect to ensuring the functionality of our website, the basis for our data processing is Art. 6 (1) lit. b GDPR (i.e. contractual or pre-contractual measure). With respect to monitoring for data security and error analysis, the basis for our processing is Art. 6 (1) lit. f GDPR (our legitimate interests to ensure the stability and security of the website and app). With regard to marketing purposes and general product improvement, the basis of our processing is Art. 6 para. 1 lit. f GDPR (our legitimate interest to attract more customers and improve sales and products).
  2. Marketing and Communications Data. If you have used the Services previously or if you have subscribed to receive marketing materials from us , we or our service providers acting on our behalf may send you certain marketing e-mails including for example newsletters, customer satisfaction or review surveys, information about updates to our Services or special offers from us. Our legal basis for processing this data is Art. 6 (1) lit. f GDPR (i.e. legitimate interests). If you do not wish to receive any marketing e-mails from us, you can opt-out anytime by using the “unsubscribe” link in any e-mail we send you or by sending us an e-mail at

E. Your Rights Under the GDPR

  1. Data Subject Rights. As the data subject, you have the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure of your personal data (Art. 17 GDPR), the right to restriction of processing of your personal data (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR).
  2. Right of Revocation. If you have given your consent to the processing of your data, you can revoke your given consent at any time pursuant to Art. 7 (3) GDPR and we will no longer continue any such processing that is based on your consent moving forward. Note that such revocation will not affect the legality of any processing carried out on the basis of your consent up to the point of revocation.
  3. Right to Object. You can object to the processing of your personal data insofar as we base such processing on the balance of legitimate interests under Art. 6 (1) lit. f GDPR. This is the case in particular if the processing is not necessary for the fulfilment of a contractual obligation or for compliance with our legal obligations. In case you wish to object, we kindly ask you to provide an explanation of the reasons for the objection against the processing of your personal data, so that we may examine and assess the situation, and either discontinue or adapt the data processing, or point out to you our compelling legitimate reasons based on which we continue the processing of your data. You may, of course, object to data processing for the purposes of advertising or direct marketing at any time.