Privacy & data

Short version: we store the minimum we need to schedule and publish your posts, your 𝕏 tokens are encrypted at rest, and you can delete your account anytime. Full legal language is in our Privacy Policy and Terms of Service.

What we store

• Your 𝕏 username, display name, profile image, bio, and follower/following counts (refreshed periodically).
• Your email address (used for transactional and (optionally) recap emails).
• 𝕏 OAuth access & refresh tokens (encrypted at rest with AES-256-GCM).
• Drafts, scheduled posts, posted-tweet history, and any media you upload to the gallery.
• Synced engagement metrics (likes, retweets, views) for posts on your connected accounts.
• Logs of unfollow actions performed through the browser extension.
• Subscription & payment metadata via Stripe (we don't see card numbers).

What we don't do

• We never sell or share your data with third parties.
• We don't post on your behalf without an explicit action you take in our UI.
• We never read your 𝕏 DMs (we don't request that scope).

Exporting your data

Email support@futurepost.ai and we'll send a JSON dump of everything tied to your account within 7 days. Self-serve export is on the roadmap.

Deleting your account

Under Settings → Account → Delete account. Account deletion is immediate and permanent. We:

1. Revoke all your 𝕏 OAuth tokens (kills our access to your 𝕏 account).
2. Delete all your drafts, scheduled posts, gallery items, snapshots, and unfollow logs.
3. Remove you from every team you're a member of.
4. Delete your subscription record (cancel via Stripe first if you have an active sub).

Cookies

We use only essential cookies (auth session, OAuth state). No analytics cookies, no third-party trackers. Detail in our Privacy Policy.

Security incident reports

If you spot a vulnerability, please email security@futurepost.ai instead of disclosing publicly. We acknowledge within 48 hours.