Swan Power Dialer

Privacy Policy

Last updated: 17 July 2026

This Privacy Policy explains how Vyxr Labs FZE ("Swan", "we", "us"), the operator of Swan Power Dialer (the "Service" — a GoHighLevel marketplace application and companion Chrome extension), handles information. By installing or using the Service you agree to this Policy.

1. Who we are

Vyxr Labs FZE, Business Centre, Sharjah Publishing City Free Zone, Sharjah, United Arab Emirates. Contact: support@vyxrlabs.com.

2. Our role

Swan Power Dialer is a tool used by businesses ("Customers") inside their GoHighLevel ("GHL") sub-accounts. For the contact data we handle on a Customer's behalf, the Customer is the data controller and we act as a data processor — we process that data only to provide the Service and only on the Customer's instructions (see our Data Processing Addendum). For our own account, billing and operational records we act as a controller.

3. Information we access and process

When a Customer installs Swan Power Dialer, GHL grants us access, via OAuth, to the following in that sub-account, which we use solely to run the dialing workflow:

The Chrome extension reads only the current GHL page you are on (to place calls through GHL's native dialer and read the contact being dialed) and stores a pairing token locally in your browser. It does not read pages on other websites.

We also collect limited technical data automatically — IP address, request timestamps and error logs — to operate and secure the Service.

4. What we store — and what we deliberately do not

We practise data minimisation. On our servers we store:

We do not store the content of your contacts' data. We do not retain the text of call notes, the values written to custom fields, or contact names/phone numbers/emails in our analytics. Those pass through the Service to GoHighLevel and are saved in your GHL account, not ours.

We do not sell personal information, and we do not use your or your contacts' data to train AI models or for advertising.

5. How we use information

6. Legal bases (EEA/UK)

Where GDPR/UK GDPR applies, we rely on: performance of a contract (to provide the Service); our legitimate interests (to secure and improve the Service); and, for Customer contact data, the Customer's instructions as controller. Customers are responsible for having a lawful basis and any required consents for the contact data they process through the Service.

7. Sub-processors

We share data only with service providers that help us run the Service:

ProviderPurposeLocation
Railway (hosting & PostgreSQL database)Application hosting and encrypted data storageUnited States
HighLevel (GoHighLevel / LeadConnector)The platform the Service integrates with; billing & payoutsUnited States

We do not otherwise disclose personal data, except where required by law or to protect our rights.

8. International transfers

We operate from the UAE and use providers in the United States, so data may be transferred internationally. Where required, such transfers are protected by appropriate safeguards (e.g. Standard Contractual Clauses).

9. Retention

We keep tokens and settings for as long as the app remains installed. When a Customer uninstalls the app, GHL revokes our tokens and we delete or de-identify the associated tokens and settings within 90 days. Minimised activity events are retained for up to 24 months for analytics, then deleted or aggregated. You may request earlier deletion (see below). Backups are purged on a rolling basis.

10. Security

We protect data with encryption in transit (HTTPS/TLS) and at rest (AES-256-GCM for tokens), scoped access so a token for one sub-account cannot reach another, rate limiting, and signed, verified webhooks. No method of transmission or storage is completely secure, but we work to protect your information.

11. Your rights and choices

Depending on your location you may have rights to access, correct, delete, or restrict processing of your personal data, and to data portability. Because we mostly act as a processor, requests about contact data are usually best directed to the Customer that controls it; we will assist them. For data we control, email support@vyxrlabs.com. Uninstalling the app is the quickest way to stop processing and trigger deletion. You will not be discriminated against for exercising your rights.

12. Cookies and local storage

Our embedded settings page does not use advertising or cross-site tracking cookies. The Chrome extension stores a pairing token and your session settings in your browser's local storage so the extension can function.

13. Children

The Service is a business tool and is not directed to children under 16. We do not knowingly collect their data.

14. Changes

We may update this Policy. Material changes will be reflected by the "Last updated" date and, where appropriate, additional notice. Continued use after changes take effect constitutes acceptance.

15. Contact

Questions or requests: support@vyxrlabs.com, Vyxr Labs FZE, Sharjah Publishing City Free Zone, Sharjah, UAE.