Privacy Policy

This policy describes how SWATGenX (the operator of this website and platform, reachable at the contact above) collects, uses, stores, and shares information when you use our hydrologic and watershed-screening analytics services, including accounts, workspaces, reports, and related workflows.

Analytical product; not an emergency service

SWATGenX provides analytical intelligence tools (maps, models, reports, and related outputs). It is not an official warning service, regulatory determination tool, or emergency-response guidance system. Map layers and public datasets used in the product remain governed by their stewards—follow each source’s citation and attribution requirements in publications. Example steward links (not exhaustive): PRISM climate data (Oregon State), NSRDB, USGS NHDPlus HR, USGS NWIS, NLCD, gSSURGO.

Information we collect

Account and profile. When you register or maintain an account, we may collect identifiers such as email address, username or display name, password hash (for password-based accounts), account status, and timestamps related to sign-in and account updates.

Authentication providers (including Google / OAuth). If you sign in with a third-party identity provider (for example Google), we receive information that provider shares with us, typically including a stable provider user identifier and email address, and we may store which provider you used. We use that data to authenticate you and maintain your account. The provider’s own privacy policy also applies to their processing.

Optional API access keys. If you create an API key in your account (for example from the subscription area), we store a cryptographic hash of that key, an optional label you provide, creation time, and coarse last-used timestamps so you can manage and revoke keys. We do not store the full secret after it is first shown to you.

Usage and product telemetry. We collect information about how the Service is used so we can operate, secure, and improve it. Examples include page or route visits, workspace or project opens, model or report orders and their outcomes (e.g. start, success, failure), feature usage, and—where available—administrative or editorial actions for platform operators. If we offer periodic digests or similar notifications, we may log delivery-related events (for example sends, opens, or clicks) at a level sufficient to measure engagement and troubleshoot delivery.

Technical and security data. Our servers and infrastructure may log IP addresses, request timestamps, URLs, HTTP status, device or browser type (when transmitted), session identifiers, and security-relevant events (such as failed logins or suspected abuse). We may use this information for security, abuse prevention, debugging, and capacity planning. IP addresses and similar online identifiers may be treated as personal information where applicable law defines them that way.

Generated content and history. The Service stores content you generate or request, such as saved reports, downloaded or generated model packages, configuration choices, map selections, watershed or station selections, and—where the product includes them—analytical briefs or feeds you save, view, or manage. Historical records may be retained to restore your workspace, fulfill orders, comply with law, or resolve disputes.

Communications. We process email addresses and message content needed to send account verification, password reset, transactional notices (for example model job status, queue updates, or support-related messages), and—if you opt in or if a feature is offered to you—product digests or newsletters. Marketing email, where used, will include a way to unsubscribe; transactional messages may continue as needed to operate your account.

How we use information

We use the information above to:

• Provide, operate, and improve the Service
• Authenticate users, enforce access tiers, quotas, and premium entitlements
• Process and deliver reports, models, and other outputs you request
• Maintain security, detect abuse, and protect the platform
• Communicate with you about the Service and, where permitted, product updates
• Meet legal obligations and respond to lawful requests

When we disclose information

We may preserve or disclose information when we reasonably believe it is required to comply with law, regulation, subpoenas, court orders, or other legal process, to cooperate with law enforcement or government requests where permitted, or to protect the security, integrity, or rights of the Service, our users, or the public, including detecting, investigating, and preventing fraud, abuse, or security incidents.

Service providers

We use third-party vendors for functions such as hosting, content delivery, email delivery, authentication, analytics, storage, backups, and monitoring. These providers process information on our behalf under contractual terms consistent with the purpose of the Service. We do not sell your personal information.

Cookies, local storage, and sessions

We use cookies and similar technologies (including browser local or session storage where applicable) to keep you signed in, remember preferences, protect against fraud, and understand aggregate usage. Session tokens or cookies may persist until you sign out or they expire. You can control cookies through your browser settings; disabling some cookies may limit certain features.

Analytics

We record limited usage and workflow events to understand reliability and product value. Where feasible, analytics may be aggregated or bucketed (for example by time window) rather than retained indefinitely in raw high-resolution form. IP addresses may still be processed for security and abuse prevention.

Retention

We retain information for as long as your account is active, as needed to provide the Service, and as required by law or legitimate operational needs (for example security logs, records relating to payment or metering if we introduce them, or dispute resolution). Technical logs may be kept for a rolling period (often weeks to months unless a longer period is needed for an investigation). Generated artifacts may be kept until you delete them, we delete them as part of retention policies, or your account is closed—subject to backups and legal holds.

Your choices and rights

You may request access to or correction of certain account information by contacting us. You may request deletion of your account; we will delete or anonymize personal information where practical, subject to legal retention requirements and residual backups. If we offer email digests or marketing messages, you may opt out via the mechanism provided in those messages or by contacting us; we may still send essential transactional emails about your account or the Service.

International users

The Service is operated from the United States. If you access the Service from other countries, you understand that your information may be processed, stored, and transferred in the United States or other jurisdictions where our providers operate, which may have different data protection rules than your country.

Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected such information, contact us and we will take appropriate steps to delete it.

Data security

We implement reasonable technical and organizational safeguards appropriate to the nature of the Service. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

Changes to this policy

We may update this policy from time to time by posting a revised version and updating the “Last Updated” date. Continued use of the Service after changes become effective constitutes acceptance of the updated policy where permitted by law.

Contact

Questions regarding this policy may be sent to: info@swatgenx.com.