Privacy Policy
This policy explains how UnrollX handles information when you browse public X threads as a guest, sign in to an account, or manage a paid subscription.
Last updated: March 16, 2026
Owner and Data Controller
Quick Overview
Guest access still exists: You can read public X threads without an account, subject to anonymous rate limits.
Accounts now matter: Free, Pro, and Premium plans require sign-in, which means we process account, session, and plan information for those users.
Paid features store more data: Pro and Premium can save private Thread history and AI-generated titles to your account.
No ad-tech tracking: We use Plausible and Umami for privacy-friendly site analytics and do not run cross-site behavioral advertising.
Information We Collect
Guest Browsing and Device Data
- IP address and request metadata used for rate limits, security, and abuse prevention
- Browser, operating system, device type, and similar technical details
- Pages visited, referral source, visit timing, and country-level analytics data
- Operational logs needed to keep the service available and diagnose failures
Account and Sign-In Data
- Email address if you sign in with a magic link
- Basic profile data from the provider you choose, such as name, email, username, and avatar
- Account identifiers, plan status, and authentication records
- Session data needed to keep you signed in across page loads and server requests
Subscription and Billing Data
- Selected plan, trial or subscription status, billing cycle, and next billing date
- Billing history and limited payment metadata such as card brand and last four digits
- Paddle customer or transaction references used to manage checkout and payment updates
- Tax or billing-region information handled through the checkout process when required
Saved Content and Support Data
- Public thread URLs and public X/Twitter content you ask us to render
- Cached copies of public thread data used to speed up future reads
- Private Thread history entries, saved titles, and title edits for eligible paid plans
- Messages and account context you send to support
Important: Guest browsing remains available, but account-based and subscription features require us to process personal data such as email, profile details, plan status, and private history data.
How We Use Information
Service Delivery
- Fetch and display the public thread you requested
- Apply usage quotas for guests, free accounts, and paid plans
- Save private Thread history and generate or store titles when your plan includes those features
Accounts and Billing
- Authenticate you through OAuth or email magic links
- Maintain your session across the web app
- Manage subscriptions, trials, cancellations, billing history, and support requests
Security and Improvement
- Detect abuse, fraud, scraping, and other misuse
- Debug outages, monitor performance, and improve reliability
- Measure site usage with privacy-friendly analytics
Cookies and Similar Technologies
We do not use advertising cookies or cross-site tracking.
Plausible and Umami are configured without analytics cookies. However, account features rely on essential browser storage so you can stay signed in and complete secure login flows.
Essential Sign-In Storage
- Authentication cookies and browser storage for access tokens, refresh tokens, and expiry times
- Data required for logged-in pages such as subscription management and Thread history
- Session refresh data so the app can keep your login active when appropriate
Temporary OAuth and Login State
- Session storage for OAuth state, redirect URI, and PKCE verifier values
- Temporary values used to complete secure OAuth callbacks
- Magic-link verification data needed to finish email sign-in
Third-Party Services
X / Twitter Public Content
UnrollX displays public X/Twitter thread data you request to read, including public posts, usernames, profile images, and engagement metadata.
Privacy Policy: https://twitter.com/privacy
Plausible Analytics
We use Plausible to measure anonymous page views, referral sources, and country-level traffic patterns without analytics cookies.
Privacy Policy: https://plausible.io/privacy
Umami Analytics
We use Umami to measure privacy-friendly page views and product events without advertising cookies or cross-site profiling.
Privacy Policy: https://umami.is/privacy
Authentication Providers
If you choose OAuth sign-in, providers such as Google or GitHub authenticate you and may share basic profile data with us. If you choose email sign-in, we process your email address and use service providers to deliver sign-in links.
Paddle Billing
Paid subscriptions are processed by Paddle, our merchant of record and payment processor. Paddle handles checkout and payment collection. We receive subscription status, billing dates, billing-history records, and limited payment metadata, but we do not store full payment card numbers ourselves.
Data Sharing and Disclosure
We do not sell or rent your personal information.
We share information only when needed to operate the service or meet legal obligations, including:
- Service providers that help with hosting, security, authentication, analytics, email delivery, and billing
- X/Twitter or sign-in providers when needed to complete the action you requested
- Professional advisers, regulators, or authorities when required by law or to protect rights and safety
- A buyer or successor if UnrollX is involved in a merger, acquisition, or asset sale
Thread history is private to your account. We do not publish your saved Thread history for other users to browse.
Data Retention
Your Choices and Privacy Rights
Browse as a Guest
You can use the basic thread reader without creating an account, subject to anonymous rate limits.
Manage Your Subscription
Paid users can review plan and billing details, and cancel a subscription from the account area. Paddle continues to process the payment relationship.
Access, Correction, and Deletion
You can delete saved history entries in the app where available. For account closure, data access, correction, deletion, or export requests, contact [email protected].
Analytics Choice
You can block Plausible and Umami with browser privacy tools. The public reading experience should still work, but blocking essential auth storage will prevent account features from functioning correctly.
If you live in a region with privacy laws such as the EEA, UK, or California, you may have additional rights to access, correct, delete, export, or object to certain processing, subject to applicable law.
We do not sell personal information or use it for cross-site behavioral advertising.
Children's Privacy
Age Restriction: UnrollX is not intended for children under 13 years of age.
If you believe a child under 13 has provided personal information to us, contact [email protected] and we will investigate and remove the information where appropriate.
Security Measures
Safeguards We Use
- HTTPS/TLS encryption for site traffic
- Authentication tokens with expiration and refresh handling
- Rate limits, abuse controls, and operational logging
- Access controls and regular maintenance of service infrastructure
Limits of Security
No online service can promise absolute security. We use reasonable administrative, technical, and organizational measures, but you should also protect your account credentials and email inbox.
Changes to This Policy
We may update this policy as the product changes, including when account, billing, or paid features change. When we do, we will revise the "Last updated" date on this page.
For material changes, we may also notify you by email or by posting a prominent notice in the service.
Contact Us
If you have questions, concerns, or requests about this privacy policy or our data practices, contact us:
Email: [email protected]
Website: https://unrollx.app