Your privacy matters. This policy explains what data we collect, how we use it, and the choices you have — in plain language.
This Privacy Policy describes how Lookout Software, LLC ("Company," "we," "us," or "our") collects, uses, stores, and protects information when you use the SwiftMerge for Outlook 365 application, website, and related services (collectively, the "Service").
We are committed to protecting your privacy and handling your data transparently. We only collect information that is necessary to provide and improve the Service, and we never sell your personal data to third parties.
In short: We collect the minimum data needed to run SwiftMerge, we protect it with industry-standard encryption, we never sell it, and you can delete it at any time.
We collect information in the following categories:
When you sign in via Microsoft OAuth, we receive your name, email address, and Microsoft 365 tenant identifier. We do not receive or store your Microsoft password.
When you import contacts and create campaigns, we process recipient names, email addresses, custom merge field values, email content, and scheduling preferences. This data is stored securely on our servers to enable campaign delivery and tracking.
We automatically collect information about how you interact with the Service, including features used, campaign actions performed, and general usage patterns. This helps us improve the product experience.
When email tracking is enabled, we collect data on email opens, link clicks, and bounce events associated with your campaigns. This data is tied to recipient email addresses and timestamps.
| Data Category | Examples | Purpose |
|---|---|---|
| Account info | Name, email, tenant ID | Authentication & account management |
| Contact data | Recipient names, emails, custom fields | Mail merge personalization & delivery |
| Campaign content | Email subject, body, templates | Email composition & scheduling |
| Tracking data | Opens, clicks, bounces, timestamps | Campaign analytics & reporting |
| Usage data | Features used, session duration | Product improvement & support |
| Device info | Browser type, OS, Outlook version | Compatibility & debugging |
We use the information we collect to:
We do not use your data for advertising, profiling, or any purpose unrelated to providing and improving the Service.
For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions that require a legal basis for processing personal data, we rely on the following:
We do not sell, rent, or trade your personal data. We may share limited data with the following categories of third parties, solely as necessary to operate the Service:
All third-party service providers are contractually obligated to protect your data and use it only for the purposes we specify.
We take the security of your data seriously and implement industry-standard measures to protect it:
While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security, but we commit to promptly notifying affected users in the event of a data breach.
We retain your data only as long as necessary to provide the Service and fulfill the purposes described in this policy:
You may request early deletion of your data at any time through your account settings or by contacting us. We will process deletion requests within 30 days, except where retention is required by law.
Depending on your jurisdiction, you may have the following rights regarding your personal data:
To exercise any of these rights, please contact us at privacy@swiftmerge.com. We will respond to your request within 30 days. We may ask for additional verification to protect your account security.
For California residents (CCPA): You have the right to know what personal information we collect and how it is used, request deletion, and opt out of the sale of personal information. We do not sell personal information. To exercise your rights, email privacy@swiftmerge.com.
Our website and Service use a limited number of cookies and similar technologies:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, session management, security | Session / 30 days |
| Functional | Remember your preferences (e.g., sidebar state) | 1 year |
| Analytics | Understand usage patterns, improve features | 1 year |
We do not use advertising cookies or third-party tracking cookies. You can configure your browser to refuse cookies, but some features of the Service may not function properly without essential cookies.
Email tracking pixels: When open tracking is enabled on a campaign, a small transparent pixel is included in outgoing emails. Recipients' email clients load this pixel upon opening, which registers the open event. Click tracking works by routing links through our tracking server. Recipients can disable image loading in their email client to prevent open tracking.
The Service integrates with third-party services that have their own privacy policies. We encourage you to review them:
We carefully vet all third-party providers for security and privacy compliance. Data shared with third parties is limited to what is strictly necessary for them to perform their designated functions.
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child under 18, we will take immediate steps to delete that information.
If you believe a child has provided us with personal data, please contact us at privacy@swiftmerge.com and we will promptly investigate and take appropriate action.
Your data may be transferred to, stored, and processed in the United States or other countries where our service providers operate. If you are accessing the Service from outside the United States, please be aware that your data may be transferred to a jurisdiction with different data protection laws than your own.
For transfers from the EEA and UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical and organizational safeguards where appropriate, to ensure an adequate level of data protection.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you disagree with the changes, you should stop using the Service and delete your account.
If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:
Lookout Software, LLC
Privacy inquiries: privacy@swiftmerge.com
General support: support@swiftmerge.com
Website: swiftmerge.com
We aim to respond to all privacy-related inquiries within 30 days. For urgent data protection matters, please include "URGENT" in your email subject line.
You also have the right to lodge a complaint with your local data protection authority if you believe your data protection rights have been violated.