ChirpieBack to home

Privacy Policy

Last updated: March 23, 2026

Chirpie ("we", "our", "us") is operated by Fireflo LLC. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at chirpie.ai and our API, CLI, MCP server, and SDK (collectively, the "Service").

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (hashed, never stored in plaintext).

Social Media Account Data

When you connect an X (Twitter) account, we store your X user ID, username, display name, and profile image URL. We store OAuth access and refresh tokens encrypted with AES-256-GCM. We do not read your X timeline, direct messages, or followers list.

Content You Create

We store the text of posts and threads you create through the Service, along with scheduling metadata and publishing status.

Usage Data

We track monthly aggregate usage (post counts, API call counts) for billing and rate limiting purposes. We collect standard web analytics (page views, referrer) via privacy-friendly, cookie-free analytics.

Payment Information

Payment processing is handled by Stripe. We store your Stripe customer ID and subscription ID but never store credit card numbers, CVVs, or full payment details on our servers.

2. How We Use Your Information

  • To provide the Service — posting content to social media platforms on your behalf
  • To manage your account, subscriptions, and billing
  • To send transactional emails (verification, password reset, welcome)
  • To enforce usage limits per your subscription plan
  • To monitor and improve the reliability and security of the Service
  • To comply with legal obligations

3. How We Share Your Information

We do not sell your personal information. We share data only with:

  • X (Twitter) — to post content on your behalf, via their API using your OAuth tokens
  • Stripe — to process payments
  • Resend — to send transactional emails
  • Sentry — to capture error reports for debugging (no personal content is sent)
  • Vercel — our hosting provider
  • Neon — our database provider

4. Data Security

We implement industry-standard security measures including: encrypted OAuth token storage (AES-256-GCM), SHA-256 hashed API keys, HTTPS-only communication, and database encryption at rest.

5. Data Retention

We retain your account data for as long as your account is active. Post content and analytics are retained per your plan tier. You may request deletion of your account and associated data at any time by contacting us.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to or restrict processing of your data

To exercise any of these rights, contact us at privacy@chirpie.ai.

7. Cookies

We use essential session cookies for authentication only. We do not use advertising cookies or third-party tracking cookies.

8. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact

For questions about this Privacy Policy, contact us at:
Fireflo LLC — privacy@chirpie.ai