GoTweet is an enterprise X automation infrastructure that uses AI to automate replies, DMs, content scheduling, and audience growth. It operates 24/7 on secure cloud infrastructure with built-in anti-ban protection.

Is GoTweet safe to use with X API?

Yes. GoTweet uses official X API v2 endpoints and includes built-in rate limiting, human-like behavior patterns, and anti-ban protection. We manage the technical infrastructure to ensure compliance with X's terms of service.

Privacy Policy

Effective Date: February 24, 2026

1. Data Encryption and Institutional Security

At GoTweet, preserving the integrity and confidentiality of your X (Twitter) credentials is the absolute, foundational priority of our entire backend architecture. In order to provide autonomous AI agents that operate reliably on social networks, we must store the cryptographic keys required to prove your identity to the network. We implement a non-negotiable "Encryption-First" policy for all sensitive configurations.

All API Keys, API Secrets, Access Tokens, and Access Token Secrets entrusted to our system are never stored in plaintext. Below are the rigid security constraints governing our credential management system:

AES-256 Encryption Standard: Your X (Twitter) developer credentials are synchronously encrypted using advanced AES-256 cryptographic algorithms the moment they are transmitted. The raw keys are not readable in the database.
End-to-End Cryptographic Transit: Every single API request bridging GoTweet, our proprietary self-hosted AI compute grid, and the X Developer network is transmitted via uncompromised SSL/TLS encrypted channels, prohibiting man-in-the-middle attacks.
Internal Operational Silos: Strict access control measures ensure that no member of our engineering or support team can access, extract, or reconstruct your raw API tokens via the admin dashboard, preserving your absolute ownership over the keys.

2. Precise Classification of Collected Data

To maintain an enterprise-grade automated ecosystem, GoTweet collects only the finite set of data points required to orchestrate AI activity on your designated accounts. We categorize this data strictly:

Master Account Data

Your registered email address, securely hashed passwords (or OAuth tokens), subscription tier identifiers, billing history references, and login timestamps. This dataset exists solely for authentication, account recovery, and subscription validation.

Bot Profile Matrices

Strategic variables inputted by the user, explicitly including target industry parameters, Degen/News behavioral flags, custom X handles, and specific account names. This is the non-PII contextual data our proprietary LLMs consume to shape the bot's outgoing personality and interaction style.

3. Data Utility, Sharing, and the "No-Monetization" Mandate

GoTweet strictly adheres to a "No-Monetization-of-Data" operational thesis. We unequivocally reject the practice of selling, trading, or renting your personal information or API secrets to advertisers, data brokers, or third-party marketing entities.

The data you provide exists entirely as operational fuel for the AI engine you purchased access to. Information mathematically leaves our secure infrastructure only in these explicitly defined paths:

The X Developer Network (API)

Authenticated JSON payloads containing your API tokens and generated tweet content are transmitted directly to the X API to successfully publish replies, posts, or analyze your timeline.

Our Proprietary Compute Grid

Your configuration preferences (Tone, Industry) are passed securely into our isolated, internal Large Language Models. We use self-hosted, dedicated servers for text generation to prevent your context from leaking to overarching third-party cognitive APIs.

Secure Database Clusters

All configurations, users, and bot statuses are stored in isolated Supabase/PostgreSQL clusters secured behind complex Row-Level Security (RLS) policies.

4. Data Subject Rights and Control Interfaces

While our services scale globally, we align our data rights policies seamlessly with modern privacy frameworks, guaranteeing control to the user regardless of their jurisdiction mapping:

Right of Access: You may request a complete JSON export of the non-encrypted data profile tied to your GoTweet account.
Right to Erasure ("The Permanent Wipe"): The GoTweet admin dashboard provides a verifiable mechanism to execute a hard delete of your bots. Doing so irrevocably purges the records, forcing a complete termination that clears API keys and logic models from the active database.
Right of API Revocation: You do not need to rely on us to stop automation; you retain the ultimate power to revoke GoTweet's authorization manually via the 'Settings and Privacy > Security and Account Access > Apps and Sessions' menu natively on X at any time.

5. Strict Data Retention Schedules

We adhere to a minimalist retention ideology. User data and bot configurations are actively held within our database only as long as an account is classified as "Active" or holds unexpired service plans.

When a user manually deletes a bot via the dashboard, the agent is halted. It is initially marked as disabled ("Soft Delete") on the frontend, breaking the automation cycle. At your command ("Permanently Clear from DB") or automatically upon an account surpassing 365 days of total inactivity, the data is subjected to a final database wipe, rendering recovery utterly impossible.

6. Modifications to the Privacy Policy

GoTweet reserves the right to amend, update, or overhaul this Privacy Policy entirely at our discretion. Significant alterations affecting how we utilize data will be actively communicated via email or an unmissable administrative notice in the dashboard prior to taking effect. Continuous use of GoTweet subsequent to any policy modification constitutes explicit acceptance of the revised terms.

Spacer