Privacy Policy

Your API key stays in your browser and is sent only to the LLM provider you choose during setup. We do not operate a proxy for your key and do not store it on our servers.

Today, most of your data stays on your device in Chrome local storage. We do not run a cloud database or account backend for saved posts. Prompt content is sent to your chosen LLM provider when you generate posts. Product analytics may be sent to PostHog when analytics is enabled in the build.

• Email address — collected during extension setup. Stored locally in the extension. When analytics is enabled, we may use your email as an identifier in PostHog.
• API credentials — your LLM API key and routing settings (provider choice, optional custom endpoint URL). Stored in chrome.storage.local on your device only.
• Onboarding answers and voice profile — your responses to the five setup questions and the derived profile used to generate posts. Stored locally in the extension; included in prompts sent to your chosen LLM provider.
• Tweet content — text you paste into the extension. Sent to your LLM provider for generation. Not stored on our servers.
• Generated posts — AI output shown in the extension sidebar. You can copy posts to your clipboard; we do not persist them on our servers.
• Usage and product analytics — events such as setup completion, generation, and copy actions. Sent to PostHog when analytics keys are present in the build, identified by your email when identify is called.

• Provide post generation tailored to your startup voice and context.
• Measure product usage and improve reliability when analytics is enabled.

• On your device — API key, email, onboarding answers, voice profile, and related extension state in Chrome local storage.
• PostHog — product analytics events and email-based identity when analytics keys are present in the build.
• Your LLM provider— prompt content (voice profile, tweet text, and related context) is transmitted directly from the extension to the provider you select: Anthropic, Vercel AI Gateway, OpenRouter (api.tokenrouter.com), OpenAI, or a custom HTTPS endpoint you configure. That provider's privacy policy applies to those requests.
• Vercel — hosts this marketing site and privacy page. Visiting those pages may involve standard web server logs handled by Vercel.

We do not currently operate Supabase or any other cloud database for your posts, email, or account data. The extension may include code paths for cloud save in future releases; if we enable that, we will update this policy before it goes live.

• We do not store your API key on our servers.
• We do not store your posts, onboarding answers, or voice profile on our servers today.
• We do not read or scrape X/Twitter pages; you provide tweet text by pasting it.
• We do not sell your personal information.
• We do not display your internal voice profile fields in the product UI.

The Service relies on:

• LLM providers— you choose the provider; prompts leave your browser to that provider's API.
• PostHog — product analytics when enabled (PostHog privacy policy).
• Vercel — website hosting (Vercel privacy policy).

Data in Chrome local storage remains until you uninstall the extension or clear extension data. Analytics data retention follows PostHog's settings for our project when analytics is enabled.

• You can stop using the Service, clear extension storage, and uninstall the extension at any time.
• You can request deletion of analytics data associated with your email by contacting us (see Contact below).
• You choose which LLM provider receives your prompts; use a provider and region you are comfortable with.
• Depending on where you live, you may have rights to access, correct, or delete personal data we hold. We will respond to verified requests within a reasonable time.

API keys are kept in browser local storage and transmitted only to your configured LLM endpoint over HTTPS. No method of transmission or storage is completely secure; use a strong, private API key and protect access to your devices.

The Service is not directed at children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children.

We may update this policy from time to time. We will revise the "Last updated" date at the top when we do. Continued use of the Service after changes means you accept the updated policy.

For privacy questions, data access, or deletion requests, contact us at the developer email listed on our Chrome Web Store listing.