SwiftTool Cloud is rolling out for faster subtitle, translation and conversion workflows.
SwiftTool

Workflows

Solutions for every media pipeline.

AI Subtitle Generation Generate accurate SRT, VTT and caption files from messy audio or video in minutes. Subtitle Translation Translate subtitles into 100+ languages while preserving timing, tone and readability. Vocal Separation Separate vocals, drums, bass and other stems for music, karaoke and edit-ready audio. Media Downloader Download supported media with format selection, quality controls and batch-friendly workflows. Media Conversion Convert video, audio and caption files into reliable formats for publishing and editing. Cloud Processing Run heavy subtitle, translation and conversion jobs through cloud workers and priority queues. Automation / API Connect SwiftTool to internal systems with REST-style jobs, webhooks and workflow automation.
Web AppPreview dashboard for browser workflows. FeaturesWorkflow dashboard, automation and UI patterns. Workflow EngineQueue, process, export and hand off jobs. Cloud ProcessingPrivate workers and scalable job queues. APIDeveloper workflow concepts and endpoints. SecurityPrivacy-aware processing and admin security. IntegrationsTelegram, editors, web and API routes.
DocsAPI and workflow documentation. BlogProduct updates and guides. FAQAnswers for common setup and workflow questions. SupportContact the SwiftTool team. Changelog / NewsLatest launch notes and product updates. GuidesWorkflow examples for media teams.
AboutSwiftTool Studio, mission and roadmap. ContactReach support and partnership channels. Privacy & SecurityTrust, processing and admin posture. Terms of UseResponsible platform usage. Media KitBrand and product notes.

Last updated June 28, 2026

Privacy & Security

A clear overview of how SwiftTool protects media workflows, account access, Telegram bot activity and private download infrastructure.

Privacy-first workflow design

SwiftTool is designed to process only the information needed to run requested media jobs, operate accounts, answer support requests, protect the system and maintain reliable service.

  • Avoid collecting unnecessary personal details.
  • Keep raw uploads and generated outputs private by default.
  • Separate support records, admin logs and public website content.

Account and authentication security

The web app supports account-based access and may use email/password login or approved OAuth providers such as Google. Administrative access is protected separately from public user accounts.

  • Passwords are stored as hashes, never as plain text.
  • Admin sessions use CSRF protection, login rate limiting and audit trails.
  • Admin two-step verification can send a one-time code through the configured Telegram bot.

Telegram bot safeguards

When a SwiftTool Telegram bot is enabled, it may receive commands, support messages, Telegram identifiers, chat identifiers, files, URLs and workflow status data needed to complete the requested action.

  • Bot messages should be used only for service actions, support and security notices.
  • Owner notifications can be sent to the configured Telegram administrator.
  • Users should not send sensitive media or files they are not allowed to process.

Media and output protection

Submitted media, URLs, captions, translations, separated audio, converted files and generated downloads should be treated as private user content unless the user intentionally publishes them.

  • Use signed or otherwise authorized links for private downloads.
  • Clean temporary processing files on a defined schedule.
  • Keep uploaded files outside editable public content unless intentionally approved.

Private cloud endpoint

cloud.swifttool.org is a private download and processing endpoint for SwiftTool server workflows. It is not intended to be a public file browser or a separate customer dashboard.

  • Directory listing should remain disabled.
  • Direct access to private storage and configuration files must be blocked.
  • Download activity may be logged for security, debugging and abuse prevention.

Infrastructure posture

The recommended nginx configuration serves only the intended web roots, denies direct access to sensitive folders and routes PHP through the application front controller.

  • Keep private runtime files outside public directories.
  • Use HTTPS on swifttool.org, app.swifttool.org and cloud.swifttool.org.
  • Deny access to storage, includes, configuration, backup and environment files.

Operational monitoring

SwiftTool may keep security and reliability logs such as IP address, user agent, timestamps, requested path, login status, support events, queue status and download endpoint activity.

  • Use logs to troubleshoot failed jobs and protect the service.
  • Limit log access to trusted administrators.
  • Avoid using operational logs for unrelated marketing purposes.

Incident response

If suspicious activity is detected, administrators should rotate credentials, review logs, disable affected accounts and temporarily pause risky workflows.

  • Rotate Telegram bot tokens, OAuth secrets and API keys if exposed.
  • Preserve audit logs for investigation.
  • Notify affected users when required by law or policy.

Important note

This page is operational guidance and starter site content. It should be reviewed by a qualified professional before production launch.

  • It is not legal advice.
  • Retention periods and processor lists should match the real deployment.
  • Update this page whenever infrastructure, bot behavior or data handling changes.

Questions or corrections?

Send feedback if this page should reflect a production configuration, processor list or policy update.

Contact support