Privacy & Data Security
ThreadTrak is designed with a "Local-First" architecture. We believe your browsing data and drafts belong to you, not us.
No Remote Database
We do not store your tweets, replies, or drafts on our servers. All application data is stored locally in your browser using chrome.storage.local.
Scoped Keys
Your API keys (OpenAI, X API) are stored encrypted in your browser. They are never sent to ThreadTrak servers.
Data Handling Details
What we DO see
- License Validation: When the extension starts, it checks your license key against our Supabase backend to verify your subscription status.
- Error Logs: If the extension crashes, anonymous error reports may be sent to help us fix bugs (you can opt-out).
What we DO NOT see
- Your Browsing History: We do not track which pages you visit.
- Your Tweets: We do not read or analyze your tweets unless you explicitly use the AI features.
- Your Passwords: We never ask for your X password. We use standard OAuth or existing session cookies.
Third-Party Services
ThreadTrak integrates with select third-party services to provide features. Data is only shared when you actively use these features.
| Service | Purpose | Data Shared |
|---|---|---|
| OpenAI / Anthropic | AI Analysis & Drafting | Only the text of the tweet you are analyzing/replying to. |
| Tenor | GIF Search | Search terms you type into the GIF picker. |
| Unavatar.io | Profile Images | Twitter handles (to fetch public profile pictures). |
| Supabase | Licensing | License key, IP address (for fraud prevention). |