Privacy Policy

Privacy Policy

Last updated: May 26, 2026

Tweetary ("we", "us", or "our") operates the Tweetary service. This page explains how we collect, use, and protect your data when you use our platform.

1. Who We Are

Tweetary is a SaaS tool that connects your GitHub and Stripe accounts to automatically generate and schedule marketing tweets on X (formerly Twitter). We are the data controller for the personal data described in this policy.

2. Data We Collect

2.1 Account Data

When you sign up, we collect:

  • Your name and email address
  • Your X (Twitter) account credentials, username, and profile image (via OAuth)
  • Billing information (processed by Stripe — we never store card numbers)

2.2 Integration Data

When you connect external services, we access:

  • GitHub: repository owner, repository name, branch name, commit SHA, commit message, author name, author email, and push timestamp. We do not access your source code content.
  • Stripe: event type, Stripe event ID, and payment/subscription metadata (e.g. amounts for MRR milestone tracking). We do not store full payment details or your customers' personal data.

2.3 Generated Content

We store every tweet generated on your behalf, including its content, status (draft, scheduled, published, failed, archived), scheduled and published timestamps, X post ID, and any attached images. This data is necessary to operate the scheduling and publishing features.

2.4 Settings & Preferences

We store your per-account configuration, including publishing window, timezone, tone examples, tweet strategy, auto-schedule preference, minimum time between tweets, build-in-public photos, and commit filter sensitivity. This data is used solely to personalise your experience.

2.5 Usage & Quota Data

We track your monthly event and tweet consumption against the limits of your subscription plan (Starter, Growth, or Pro) to enforce quotas and display usage information.

2.6 Usage Analytics

We collect standard service analytics: IP address, browser type, pages visited, and feature usage patterns. This data helps us improve the product.

3. How We Use Your Data

We use your data to:

  • Provide and operate the Tweetary service
  • Detect GitHub commits and Stripe events and generate marketing tweets from them
  • Schedule and automatically publish tweets on your X account (if auto-schedule is enabled)
  • Enforce subscription plan limits (events per month, tweets per month, number of projects and X accounts)
  • Send transactional emails (account, billing, alerts)
  • Improve our AI models and product experience
  • Comply with legal obligations

We do not sell your data to third parties. We do not use your data to train general-purpose AI models without your explicit consent.

4. Data Sharing

We share data only with:

  • X (Twitter) — to publish tweets on your behalf via their API
  • GitHub — to receive webhook events from your repositories via their API
  • Stripe — to receive payment and subscription webhook events, and to manage your Tweetary subscription
  • OpenAI / AI providers — commit messages and Stripe event metadata are sent to generate tweet content. No personal customer PII from your Stripe account is included.
  • Infrastructure providers — hosting, database, and CDN services under appropriate data processing agreements

All third-party processors are contractually bound to protect your data.

5. Data Retention

We retain your data for as long as your account is active. This includes your account information, settings, connected integration data (GitHub commits, Stripe events), generated tweets, build-in-public photos, and usage records.

When you delete your account, we delete all associated data within 30 days, except for billing records which we are required to retain for 7 years for legal and accounting purposes.

You may request deletion of specific data at any time without closing your account (see Section 9).

6. Auto-Schedule & Published Content

If you enable the Auto-schedule feature, tweets are generated from your GitHub and Stripe activity and published to X automatically, without manual review. You remain solely responsible for all content published through your account. We recommend configuring your tone examples and content strategy carefully before enabling this feature.

7. Cookies & Tracking

We use only essential cookies required to operate the service (session authentication). We do not use advertising cookies or third-party tracking pixels.

8. Security

We protect your data with:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • OAuth access tokens and refresh tokens stored encrypted and never exposed in plaintext
  • Webhook secrets stored encrypted
  • Access controls limited to authorised personnel
  • Regular security reviews

No system is 100% secure. In the event of a breach affecting your data, we will notify you within 72 hours as required by applicable law.

9. Your Rights

Depending on your jurisdiction, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict or object to processing
  • Portability — receive your data in a structured format
  • Withdraw consent at any time

To exercise any of these rights, email us at lrzalexandre@gmail.com.

10. Children

Tweetary is not directed at children under 16. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us and we will delete it promptly.

11. Changes to This Policy

We may update this policy from time to time. We will notify you by email or in-app notice at least 14 days before material changes take effect. Continued use after the effective date constitutes acceptance.

12. Contact

Questions about this policy? Reach us at:

Email: lrzalexandre@gmail.com

Address: Tweetary, 3B Impasse Barnabé, 34000 Montpellier