Last Updated and Effective, September 8, 2025
This privacy notice for 21ST IDEA, INC., dba DevSwarm ("DevSwarm," "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you (“Customer,” “you” or “your”) use our services ("Service" or “Services”). When we use the terms “Service” or “Services,” we are referring to all of the services that we offer on our own behalf, including our product offerings and the web pages that post or link to our Privacy Policy (this “Privacy Notice”).
Key Definitions.
Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@devswarm.ai. For privacy rights requests, please email privacy@devswarm.ai with the subject line “Privacy Request.” We will respond within 45 days and may extend once by 45 days where reasonably necessary. We will not require you to create an account to submit a request, and we will use any information you provide only to verify and fulfill your request.
During normal use of the Services, we may collect personal information directly from you, from your device, and from our service providers. We aim to be transparent, minimize what we collect, and make discretionary data sharing opt‑in where feasible.
We collect the following personal information you provide in connection with our Services:
Contact Information: When you communicate with us, we may collect your contact information, including your full name, email address, mailing address, telephone number, company name and title. We only collect and store this information if you choose to provide it.
Terminal Content: By default, DevSwarm processes terminal interactions locally on your device and does not transmit raw Terminal Content to DevSwarm servers. When diagnostic sharing is explicitly enabled by you for support, we pseudonymize identifiers, scrub secrets and environment variables, and minimize fields before transmission.
Customer Service and Communication History: When you contact us through any method of communications, including through our Services or via email, we collect certain information including your name, address, email, account information and account history.
Inquiries and Feedback: Our Services provide individuals the ability to connect with us through an online web form that collects Contact Information (such as first and last name, email address, phone number), area(s) of interest or concern, or information on how we can help which includes a custom message from you. We may also collect this information when you join one of our waiting lists in connection with the launch of a new product or service.
Marketing Emails: If you sign up to receive news or alerts from us, or join our Services, we may collect your email address in order to send you regular updates about the Services. To unsubscribe from promotional messages, please follow the instructions within our messages and review the Your Communication Preferences section below. Note that you cannot unsubscribe from certain services-related email communications (e.g., account verification, confirmations of transactions, technical or legal notices).
Analytics and Crash Reports: Crash reporting is enabled by default to help us fix errors. When an error occurs, we collect limited telemetry such as IP address, device and operating system version, app version, timestamps, error codes, and stack traces. Before transmission we remove or hash tokens, secrets, file contents, and environment variables, and we configure our diagnostic tools to perform server‑side PII scrubbing. You can disable crash reporting in settings.
Session Replay: We may use session replay to diagnose product usability issues. Text and form inputs are masked by default and we do not capture your code, prompts, or Terminal Content through session replay. You can disable session replay in settings at any time. Note that session replay does not capture keystrokes, clipboard contents, code, prompts, repository contents, or environment variables.
As is true of most digital platforms, we and our third-party providers and partners collect certain personal information automatically when you visit or interact with our websites and:
Log Data: Including your internet protocol (IP) address, operating system, browser type, browser ID, the URL you entered and the referring page/campaign, date/time of your visit, the time you spent on our Service and any errors that may occur during your visit to our Service.
Analytics Data: For our website, including the electronic path you take to our Service, through our Service and when exiting our Service, as well as your usage and activity on our Service, such as the links, objects, products and benefits you view, click or otherwise interact with (also known as “Clickstream Data”). This data will allow us to better understand how you are using our Service and help improve your user experience. We use analytics tools such as Google Analytics and PostHog on our marketing site to understand aggregate usage.
Location Data: Including your general geographic location based on the Log Data.
Cookies and similar technologies: Our marketing site may use cookies, SDKs, pixels, and similar technologies. These may support site operation, analytics, performance measurement, and, in some cases, advertising/retargeting. You can control cookies via your browser settings. Where required by law, we provide additional choices, including an opt‑out of “sale”/“sharing” and targeted advertising, and we recognize Global Privacy Control (GPC) and other applicable universal opt‑out signals.
For details, see Cookie and Tracking Notice below, including how to manage preferences.
Although we often collect the personal information described above directly from you, we also collect this information through service providers and other third parties that collect it on our behalf, as noted below. We do not record keystrokes or the contents of unsubmitted forms. If we use session diagnostics, we mask sensitive fields, minimize collection, and provide an in‑product opt‑out.
Service Providers.
We require service providers to process personal information only to provide services to us and prohibit them from using personal information for their own marketing or to “sell” or “share” it.
Single Sign-On: We use single sign-on ("SSO"), such as Google, to allow a user to authenticate their account using one set of login information. We will have access to certain information from those third parties in accordance with the authorization procedures determined by those third parties, including, for example, your name, username, email, and profile picture. We use this information to operate, maintain, and provide to you the features and functionality of the Service. We may also send you service-related emails or messages (e.g., account verification, purchase confirmation, customer support, changes or updates to features of the Site, technical and security notices).
Scopes: When you sign in with Google we request OpenID Connect scopes openid, email, and profile. When you sign in with GitHub we request read:user and user:email. We do not store your SSO passwords and we do not request offline tokens.
We use the personal information we collect through our websites and other online Services to:
Please note that we link the personal information we collect in connection with your Services with the other personal information that we collect about you and may use it for the purposes we describe in more detail in the other sections of this Privacy Notice.
We retain personal information only as long as needed for the purposes described in this Notice, then delete or de‑identify it. Unless otherwise stated in product, diagnostics and analytics are retained for up to 180 days, and backups purge on a rolling basis within 35 days after deletion from active systems. We may retain certain records longer where necessary to comply with law, resolve disputes, maintain security or fraud prevention logs, or enforce our agreements.
We disclose personal information in the following ways:
Service Providers: We engage third parties to perform certain functions on our behalf in connection with the uses of personal information described in Our Use of Personal Information section above, including communication, printing, website hosting, advertising and marketing services, customer service, information technology support, content development, and fraud monitoring. Depending on the function the third party serves, the service provider may process personal information on our behalf or have access to personal information while performing functions on our behalf.
Third Party Tools and Services: As described in our Terms of Service, the Service enables you to connect to third‑party software agents and developer tools (“Third‑Party Agents”). These are provided by their respective providers, not by DevSwarm. You must have your own account and direct agreement with each provider. DevSwarm does not control any Third‑Party Agent, does not proxy your prompts or code to Third‑Party Agents unless you enable a feature that states otherwise, and is not responsible for any Third‑Party Agent’s data handling. Please review each provider’s privacy terms.Business
Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose personal information to a third party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal information may also be disclosed in the event of insolvency, bankruptcy, or receivership.
Legal Obligations and Rights: We may disclose personal information to third parties, such as legal advisors and law enforcement:
Consent: We may disclose personal information about you to certain other third parties with your consent.
We use encryption in transit and at rest for systems we control. Human access to any Customer Content stored in DevSwarm systems is exception‑based, least‑privileged, time‑bound, and logged, and used only for support, security, or legal compliance. You are responsible for securing data stored locally on your device by the DevSwarm application. Personnel with access to systems that may store personal information are bound by confidentiality obligations and multi‑factor authentication. To report a security vulnerability, contact security@devswarm.ai. We will notify you of security incidents as required by law.
In connection with our Service, we may send you email messages. You may ask us not to send you marketing communications or request a change to the method or frequency of communication by:
Legal Obligations and Rights: We may disclose personal information to third parties, such as legal advisors and law enforcement:
For state privacy opt‑outs, including “Do Not Sell or Share” for cross‑context behavioral advertising, please email us at privacy@devswarm.ai. These settings do not affect service emails or your newsletter subscriptions, which you can manage via unsubscribe. We process unsubscribe requests promptly and within the time required by applicable law. For email marketing unsubscribe requests, please allow up to 10 business days to take full effect. Please note that we may continue to send you non-marketing communications, such as maintenance of your account.
Depending on your state, you may have rights to request access, correction, deletion, and to opt out of targeted advertising or the sale or sharing of personal information. You can exercise these rights by emailing privacy@devswarm.ai. We may request information sufficient to verify your identity (for example, the email associated with your account). Authorized agents may submit requests with proof of authorization.
Opt‑out of targeted ads / “sale” / “sharing”: If we use personal information for targeted advertising or engage in “sale” or “sharing” of personal information as defined by applicable law, you may opt out by emailing privacy@devswarm.ai with the subject line “Opt‑Out” or by using any opt‑out mechanism we provide in product or on our site. Where required, we also honor recognized browser signals, including Global Privacy Control (GPC), as an opt‑out for the browser or device that sends the signal.
Appeals: If we deny your request, you may appeal by replying to our decision email or submitting an appeal by emailing privacy@devswarm.ai. We will respond within 60 days with our final decision and information on contacting your state attorney general if you disagree.
Oregon residents: Upon request, you may obtain a list of the specific third parties to whom we disclosed your personal data during the preceding 12 months.
California Residents. California residents have rights under the California Privacy Rights Act, including to know, access, correct, delete, and to opt out of the sale or sharing of personal information for cross‑context behavioral advertising, and to limit the use and disclosure of Sensitive Personal Information where applicable. You can exercise these rights by emailing privacy@devswarm.ai. We honor Global Privacy Control signals as an opt‑out of sale or sharing for the browser or device that sends the signal. We do not discriminate against you for exercising your rights.
The Service is not directed to children. You may not use the Service if you are under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it. Parents or guardians who believe we have collected information from a child may contact us at privacy@devswarm.ai.
The Service is offered to users in the United States. If you access the Service from another region, you do so at your own initiative and are responsible for compliance with local laws. If we later extend availability, we will update this Notice and provide any required regional disclosures.
Our Service may include links to or redirect you to third-party websites, plug-ins and applications, including social media services where you may connect with us. Third-party websites may also reference or link to our websites and online service. Except where we post, link to or expressly adopt or refer to this Privacy Notice, this Privacy Notice does not apply to, and we are not responsible for, any personal information practices of third-party websites and online service or the practices of other third parties. To learn about the personal information practices of third parties, please visit their respective privacy notices or policies. For convenience we maintain links to certain Third‑Party Agent provider terms and privacy notices in our documentation so you can review their retention and training settings. Those providers are solely responsible for their practices. Some third‑party content embedded in our site (for example, videos or social widgets) may set their own cookies. We do not control those technologies. Please review the third party’s privacy notice.
We use cookies and similar technologies to operate the site and understand usage. We may also use technologies that support advertising/retargeting. When required by law (for example, for “sale”/“sharing” or targeted advertising under certain state laws), we will provide a way to opt out and will recognize Global Privacy Control (GPC) and other applicable universal opt‑out signals. If we later offer the Service in the EEA/UK, we will seek consent for non‑essential cookies consistent with local law.
We will update this Privacy Notice from time to time. When we make changes to this Privacy Notice, we will change the date at the beginning of this Privacy Notice. If we make material changes to this Privacy Notice, we will notify individuals by email to their registered email address, by prominent posting on our Service, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.
If you have any questions or requests in connection with this Privacy Notice or other privacy-related matters, please send an email to privacy@devswarm.ai.
Alternatively, inquiries may be addressed to:
DevSwarm
Attn: Privacy Compliance Officer
590 Pearl Street Suite 315
Eugene, OR 97401
