The default posture of this entire service is that we do not want your data. No passwords. No OAuth scopes. No email required for orders. No phone, no name, no address. We only collect what we need to ship the order and honor the warranty. Everything below is the specific explanation of what that means in practice.
Twitterz has operated for sixteen years without ever collecting a customer password, and without ever requesting an OAuth scope from a customer X account. This is not a security feature we added, it is the security posture of the entire service from day one. The follow mechanic happens from outside your account, pointed at your public handle. Nothing on our side ever needs inside your account.
The posture extends beyond passwords. We do not collect emails unless you opt into a dashboard login, and even then email is for login only, not for marketing or product updates. We do not collect phone numbers ever. We do not collect names, addresses, or any demographic data. Wallet addresses on crypto payments are public data once the transaction confirms, so we log them because they are already public, but we do not link them to a customer identity unless you tell us about yourself voluntarily.
The tradeoff of this posture is that customer support costs more. We cannot personalize outreach. We cannot do targeted upsell based on purchase history without a dashboard login. We cannot send transactional email updates without an email address. Those are real constraints we accept because the security upside is worth more than the marketing convenience.
We have never asked a customer for a Twitter or X password in sixteen years of operation. Never will. The handle is public and that is all we need. Any service asking for your password is not a follower service, it is account takeover with better marketing. The rule has not changed since 2010.
We do not request OAuth scopes from your X account. No read access, no write access, no DM access, no follow access. Most panel services ask for some OAuth grant because it simplifies automation on their side. We do not because it expands the attack surface on your side. We only work with the public follow graph.
For each order we retain the handle you submitted, the delivery tier and parameters, the wallet address settlement hit, and the 24 month warranty state. Nothing else. No email required for orders, no name required, no phone number ever. If you never ask for a dashboard login, we have no identity record of you beyond the wallet.
Primary infrastructure runs on SOC 2 Type II certified cloud hosting for long running services and a separate certified edge provider for customer facing traffic. Both sit inside the European data protection envelope. We hold no certifications ourselves because we are small enough that certification overhead would outweigh benefit, which is a tradeoff we publish on purpose. Specific vendor details available under NDA for enterprise diligence reviews.
Security researchers reporting vulnerabilities get coordinated disclosure, bug bounty payment in crypto, and public credit on this page if they want it. Scope includes our infrastructure (api.twitterz.net, twitterz.net, dashboard surface) but not upstream providers. Report to [email protected] with encrypted details.
We never hold customer funds beyond the seconds it takes for a crypto payment to clear through our crypto processor into our operating wallet. No escrow, no stored balances, no trusted deposit account. The non custodial approach means there is nothing to hack that would cost a customer funds. The warranty is operational, not financial, which is also a security property.
Eight questions that come up in every enterprise security review we have been through. For encrypted reports, PGP key at twitterz.net/.well-known/pgp-key.txt.
The formal documented version of the posture above.
Who runs this and why the security posture is the default.
The operational warranty, different from security but related.
NDA and MNPI handling for enterprise buyers.
Live uptime and incident history.
General support routes, or [email protected] direct.
Sixteen years of never holding a customer password. The posture is the product. Report security issues to [email protected].
Crypto checkout · No password · 24 month warranty
Algorithm notes and quiet announcements go up on X. We reply to DMs in about three minutes on average.
Twitterz is operated worldwide by Outline Technologies (established 2015). Twitterz has been active since 2010. We are not affiliated with X Corp or Twitter Inc. The X logo and name are trademarks of X Corp, used here only to refer to the platform.
All services are sold as is. Results depend on your content, your account age, and the platform's current enforcement mood. We make no promises about viral outcomes, only about the numbers we ship, the warranty we honor, and the reply time we keep. Read the full Terms, Warranty, and Refund policy before you buy.
Checkout runs on a regulated crypto rail. Crypto only, non reversible, no chargebacks.