Your data, your rules.

Most privacy policies are unreadable on purpose. Ours is not. If you are here you probably just want to know what we collect, why we collect it, who sees it, and how to delete it. So let us just answer that.

Last updated April 19, 2026

The short version

We collect the minimum we need to deliver your campaign and keep your dashboard working. Your email so we can email you. Your X handle so we know where to ship followers. A list of your orders and campaigns because that is literally the product. Your payment data does not even touch our servers, it lives with NowPayments. We do not sell anything to anyone. We do not use ad tracking. We do not have a data broker business on the side. That is the whole shape of it, the rest is just detail.

Who runs this privacy policy

Twitterz is operated by Outline Technologies, an agency established in 2015 that runs more than fifteen products in house. Twitterz itself has been operating since 2010. We operate worldwide. There is no single country we are pinned to for tax or legal purposes. This policy uses GDPR (European Union) and CCPA (California) as the conservative defaults, because if we comply with those, we comply with basically everywhere.

What we collect

Account data

When you sign up we collect your email address, a password you pick (hashed, we never see the plain text), the name you choose to use, and optionally your X handle if you want to link it. That is it. We do not ask for your phone number, your date of birth, your home address, or your mother's maiden name. None of those are necessary for what we do.

Order and campaign data

Every campaign you run creates a record that includes the handle you targeted, the package you bought, the quantity, the pace you chose, the delivery status, and the warranty expiration date. We keep this for as long as the warranty is active plus seven additional years for accounting purposes. After that it gets deleted unless you have an active warranty or an open dispute.

Payment data

This is the part that matters. Twitterz does not store credit card numbers because we do not accept credit cards. Checkout runs through NowPayments in custodial mode. You pay in crypto, the transaction settles on the blockchain, NowPayments sends us a webhook that says paid, and we store only the NowPayments invoice ID, the coin you used, the amount, and the confirmation timestamp. Your wallet address is visible on chain to anyone who looks, that is how crypto works, but we do not keep a database of your wallet address associated with your personal identity.

Usage data

When you visit the site we log standard request data for debugging and security. IP address, user agent, referrer, requested URL, response status. This lives in Cloudflare and Vercel's edge logs and rolls off automatically after thirty days. If you use our free tools (Follower Audit, Engagement Calculator, Tweet Timing, Algorithm Checker, Handle Checker) we store the query, the result, and optionally your email if you provided one, so we can send you the report. Those records roll off after ninety days unless you opt in to the newsletter.

Analytics

We run PostHog for product analytics, which tracks page views, button clicks, and feature usage in aggregate. PostHog is configured in privacy friendly mode, which means it does not collect personal identifiers unless you are signed in, and it respects your Do Not Track browser setting. You can opt out at any time by toggling the Analytics switch in your account settings. Vercel Analytics handles basic traffic numbers, also privacy friendly, no cookies.

What we do not collect

Your X account password. We never ask for it. We never need it. If a service ever asks for your password, walk away from that service forever.
Credit card numbers. We do not process cards, so they never land in our systems.
Third party cookies for advertising. We do not run ads on the site. We do not retarget you across the internet. We do not sell your browsing data to a data broker.
Data we do not need. If a field is optional and you skip it, we do not collect it. We do not sneak requests past you in modals.

Who sees your data

A small number of people and services, listed in full so you know:

The Twitterz team. Three humans who answer support tickets and maintain the system. They can see your account record and your campaign history if you write in for help. They cannot see your password because nobody can.
Supabase. Hosts our database. Certified SOC 2 Type 2. Data sits on their servers encrypted at rest.
Vercel. Hosts the site. Also SOC 2 Type 2. Handles edge compute and CDN.
NowPayments. Handles the crypto checkout. They see the transaction but not your other Twitterz activity.
SMM City. Fulfillment partner. They see your X handle and the package you bought, because they deliver the followers. They do not see your email, your name, your payment, or any other personal data.
Resend. Sends your transactional emails. Sees your email address and the contents of what we email you.
Cloudflare. Edge security and CDN. Sees IPs for abuse protection. Does not retain your content.

Nobody else sees your data. We do not sell to data brokers. We do not share with advertisers. We do not rent lists. If a court or government agency sends us a legal request, we evaluate it carefully and only comply with valid, narrowly scoped orders that meet the standards of the jurisdiction involved.

Your rights under GDPR, CCPA, and everywhere else

You have the right to see what we have on you, correct it if it is wrong, delete it, export it, and object to certain processing. All of those rights are available via your account settings, or by emailing [email protected]. We respond inside thirty days, usually inside forty eight hours. There is no charge for these requests. We do not require you to jump through identity verification hoops beyond what is necessary to make sure we are actually talking to you.

Data retention

Active account: we keep your data as long as your account is active.
Closed account: thirty days for grace period recovery, then account data is deleted.
Orders and campaigns: kept for the warranty window plus seven years for accounting.
Support tickets: two years, then deleted.
Free tool queries: ninety days.
Request logs: thirty days at the edge layer.

Cookies

We use the minimum necessary cookies. Essential cookies for authentication and session management. Optional analytics cookies that respect your Do Not Track setting. No third party ad cookies. No cross site retargeting. The full cookie list with purpose and lifespan lives on the cookies page.

Children

Twitterz is not for anyone under eighteen. We do not knowingly collect data from minors. If we learn that a minor has created an account, we close it immediately and delete the associated data.

Changes to this policy

If we materially change what we collect or who sees it, we email everyone with an active account at least fourteen days before the change takes effect. Minor clarifications get pushed with an updated date stamp at the top. We do not silently change the terms and hope nobody notices.

Contact

Privacy questions, data requests, or anything you want a human to look at: [email protected]. A human replies in about three minutes during working hours, a bit slower on weekends.