🦀 XtoClaw
Home Plans Terms Support
Privacy Policy

How XtoClaw collects, uses, and protects your information.

XtoClaw converts X posts and bookmarks into Markdown, manages API access, and supports account billing. This policy explains what information we collect when you use the site, dashboard, API, and linked X account features.

Last updated March 18, 2026 Questions: [email protected]

Information We Collect

We collect the information needed to operate XtoClaw and provide API access, billing, and X account features.

  • Account information. When you sign in through Clerk, we receive identifiers such as your Clerk user ID and primary email address.
  • Billing and subscription information. Polar processes purchases and subscription renewals. We store subscription metadata such as plan, status, customer identifier, and renewal period. We do not store your full payment card number.
  • Linked X account information. If you connect your X account, we store your X user ID, handle, display name, and OAuth access credentials. X OAuth access and refresh tokens are stored encrypted at rest.
  • API credentials. We store API key hashes, issuance data, last-used timestamps, and revocation metadata so keys can be authenticated and rotated safely. We do not store the plain-text key after issuance.
  • Usage and service activity. We store usage events such as endpoint, billable units, and timestamps to enforce quotas, operate subscriptions, prevent abuse, and support account reporting.
  • Communications. If you contact support, we receive the information you include in your message.

Third-party hosted flows. Clerk, Polar, Cloudflare, and X may collect technical data such as IP address, browser details, or cookies when you use their hosted authentication, billing, or API services.

How We Use Information

  • Provide and maintain the XtoClaw website, dashboard, and API.
  • Authenticate users, secure accounts, issue and rotate API keys, and detect misuse.
  • Process subscriptions, verify billing state, and manage access to paid features.
  • Support linked X account actions, including bookmark import and related API requests.
  • Track usage for quota enforcement, fraud prevention, debugging, and service improvement.
  • Respond to support requests and service-related communications.
  • Comply with legal obligations and protect our rights, users, and systems.

How We Share Information

We do not sell your personal information. We share information only as needed to operate XtoClaw, comply with law, or protect the service.

  • Cloudflare. Hosting, edge delivery, Worker execution, D1 database, and related infrastructure.
  • Clerk. Account authentication and session management.
  • Polar. Subscription checkout, billing, payment processing, and customer portal access.
  • X. OAuth account linking and requests you authorize, such as bookmark import.
  • Legal or safety disclosures. We may disclose information if required by law or if reasonably necessary to investigate fraud, abuse, or security issues.

Data Retention

We keep information for as long as reasonably necessary to operate the service, maintain billing and audit records, enforce quotas, resolve disputes, and comply with legal obligations.

If you disconnect your X account or stop using the service, some data may remain in backups, logs, and billing records for a limited period. We may retain deidentified or aggregated operational data after account closure.

Security

We use measures designed to protect account and service data, including encrypted storage for X OAuth tokens and hashed storage for API keys. No system is completely secure, and you are responsible for keeping your account credentials and API keys confidential.

Your Choices and Rights

  • You can avoid linking an X account if you do not want bookmark import features.
  • You can rotate your API key from the dashboard if you believe it has been exposed.
  • You can manage subscription status through the billing portal provided in the dashboard.
  • You may request access, correction, or deletion of personal information by contacting [email protected]. We may need to retain some data for billing, security, or legal reasons.

Children's Privacy

XtoClaw is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make a material change, we may update the date at the top of this page and take additional steps that are appropriate under the circumstances.

Contact

Questions or privacy requests can be sent to [email protected].