Skip to main content

Privacy Policy

Last updated: February 2026

Overview

Tonecast ("we", "our", or "us") respects your privacy. This policy explains how we collect, use, and protect your personal information when you use our service.

Information We Collect

Account Information

  • X (Twitter) account data via OAuth: username, display name, profile image, follower counts
  • X OAuth tokens (stored securely, used to publish on your behalf)
  • Email address (optional — for email login or notifications)
  • Password (securely hashed, only if using email login)

Content You Provide

  • Sample posts you share during onboarding
  • Your bio and topic preferences
  • Ideas you submit for draft generation
  • Feedback on generated drafts (publishes, discards, edits, tweaks)

Engagement & Usage Data

  • Post engagement metrics from X: likes, retweets, replies, link clicks, profile clicks
  • Features you use and when
  • Drafts you publish, edit, or discard
  • IP address and user agent per session

How We Use Your Information

  • To generate personalized drafts in your voice
  • To learn your writing preferences from implicit feedback
  • To show you post analytics and engagement insights
  • To send you important account updates
  • To process payments via Polar

Third-Party Services

We do not sell your personal information. We share data with these services to operate Tonecast:

  • Anthropic (Claude) — processes your text and voice profile to generate drafts
  • X (Twitter) — reads your posts and engagement metrics, publishes drafts on your behalf
  • Polar — handles subscription billing and payments
  • Infrastructure — cloud hosting (EU and US), email delivery, error tracking

Cookies & Sessions

  • We use a session cookie to keep you logged in
  • Sessions expire after 7 days and auto-refresh on activity
  • We do not use third-party tracking cookies

Data Security

All connections use HTTPS. OAuth tokens and passwords are stored using industry-standard encryption. We limit internal access to your data to what's necessary to operate the service.

International Data

Our database is hosted in the EU. Some data is processed in the US for AI generation and infrastructure services. By using Tonecast, you consent to this transfer.

Data Retention

We retain your data while your account is active. You can delete your account at any time from Settings, which permanently removes all your data within 30 days.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Revoke X OAuth access from your X account settings at any time

Contact

For privacy questions, email us at privacy@tonecast.app