Your data, your rules.
Most privacy policies are unreadable on purpose. Ours is not. If you are here you probably just want to know what we collect, why we collect it, who sees it, and how to delete it. So let us just answer that.
The short version
We collect the minimum we need to deliver your campaign and keep your dashboard working. Your email so we can email you. Your X handle so we know where to ship followers. A list of your orders and campaigns because that is literally the product. Your payment data does not even touch our servers, it lives with our payment processor, not with us. We do not sell anything to anyone. We do not use ad tracking. We do not have a data broker business on the side. That is the whole shape of it, the rest is just detail.
Who runs this privacy policy
Twitterz is operated by Outline Technologies, an agency established in 2015 that runs more than fifteen products in house. Twitterz itself has been operating since 2010. We operate worldwide. There is no single country we are pinned to for tax or legal purposes. This policy uses GDPR (European Union) and CCPA (California) as the conservative defaults, because if we comply with those, we comply with basically everywhere.
What we collect
Account data
When you sign up we collect your email address, a password you pick (hashed, we never see the plain text), the name you choose to use, and optionally your X handle if you want to link it. That is it. We do not ask for your phone number, your date of birth, your home address, or your mother's maiden name. None of those are necessary for what we do.
Order and campaign data
Every campaign you run creates a record that includes the handle you targeted, the package you bought, the quantity, the pace you chose, the delivery status, and the warranty expiration date. We keep this for as long as the warranty is active plus seven additional years for accounting purposes. After that it gets deleted unless you have an active warranty or an open dispute.
Payment data
This is the part that matters. Twitterz does not store credit card numbers because we do not accept credit cards. Checkout runs through a regulated crypto payment processor in custodial mode. You pay in crypto, the transaction settles on the blockchain, our processor sends us a webhook that says paid, and we store only the invoice ID, the coin you used, the amount, and the confirmation timestamp. Your wallet address is visible on chain to anyone who looks, that is how crypto works, but we do not keep a database of your wallet address associated with your personal identity.
Usage data
When you visit the site we log standard request data for debugging and security. IP address, user agent, referrer, requested URL, response status. These logs live at the edge of our infrastructure and roll off automatically after thirty days. If you use our free tools (Follower Audit, Engagement Calculator, Tweet Timing, Algorithm Checker, Handle Checker) we store the query, the result, and optionally your email if you provided one, so we can send you the report. Those records roll off after ninety days unless you opt in to the newsletter.
Analytics
We use privacy friendly aggregate analytics to track page views, button clicks, and feature usage. Configured with IP anonymization on, ad personalization signals off, and the minimum retention window our tooling supports. It respects your Do Not Track browser setting and does not load at all if you opt out in cookie preferences. You can opt out at any time by toggling the Analytics switch in your account settings.
What we do not collect
- Your X account password. We never ask for it. We never need it. If a service ever asks for your password, walk away from that service forever.
- Credit card numbers. We do not process cards, so they never land in our systems.
- Third party cookies for advertising. We do not run ads on the site. We do not retarget you across the internet. We do not sell your browsing data to a data broker.
- Data we do not need. If a field is optional and you skip it, we do not collect it. We do not sneak requests past you in modals.
Who sees your data
A small number of people and services, listed in full so you know:
- The Twitterz team. A small number of humans who answer support tickets and maintain the system. They can see your account record and your campaign history if you write in for help. They cannot see your password because nobody can.
- Our infrastructure providers. We run on SOC 2 Type 2 certified cloud hosting, edge CDN, transactional email, and crypto payment rails. Each processor sees only the narrow slice of data required for its function (for example, the email provider sees your email address to deliver receipts, the payment processor sees the transaction, the hosting layer sees request logs). Data at rest is encrypted. A current list of data processors with subprocessor details is available on request to [email protected].
- Our analytics layer. Aggregate, anonymized, cookie free by default. Does not run at all for visitors who opt out of analytics in cookie preferences.
- Our edge security and DDoS protection. Sees IPs for abuse detection. Does not retain your content.
Nobody else sees your data. We do not sell to data brokers. We do not share with advertisers. We do not rent lists. If a court or government agency sends us a legal request, we evaluate it carefully and only comply with valid, narrowly scoped orders that meet the standards of the jurisdiction involved.
Your rights under GDPR, CCPA, and everywhere else
You have the right to see what we have on you, correct it if it is wrong, delete it, export it, and object to certain processing. All of those rights are available via your account settings, or by emailing [email protected]. We respond inside thirty days, usually inside forty eight hours. There is no charge for these requests. We do not require you to jump through identity verification hoops beyond what is necessary to make sure we are actually talking to you.
Data retention
- Active account: we keep your data as long as your account is active.
- Closed account: thirty days for grace period recovery, then account data is deleted.
- Orders and campaigns: kept for the warranty window plus seven years for accounting.
- Support tickets: two years, then deleted.
- Free tool queries: ninety days.
- Request logs: thirty days at the edge layer.
Cookies
We use the minimum necessary cookies. Essential cookies for authentication and session management. Optional analytics cookies that respect your Do Not Track setting. No third party ad cookies. No cross site retargeting. The full cookie list with purpose and lifespan lives on the cookies page.
Children
Twitterz is not for anyone under eighteen. We do not knowingly collect data from minors. If we learn that a minor has created an account, we close it immediately and delete the associated data.
Changes to this policy
If we materially change what we collect or who sees it, we email everyone with an active account at least fourteen days before the change takes effect. Minor clarifications get pushed with an updated date stamp at the top. We do not silently change the terms and hope nobody notices.
Contact
Privacy questions, data requests, or anything you want a human to look at: [email protected]. A human replies in about three minutes during working hours, a bit slower on weekends.