Privacy Policy

We collect only the data strictly required to operate the service: your account email, billing information, and the configuration you provide for your X agent (tonality, target accounts, knowledge base).

We do not collect passwords or login credentials for your X account. All agent activity runs through X's native contributor access system.

We process your data only to deliver the service you signed up for, to bill you, and to comply with our legal obligations. Under GDPR, our legal basis is performance of contract, legitimate interest in operating the service, and legal compliance for billing records.

We use only strictly necessary cookies — the ones required to keep you logged in and to keep the application working.

We do not use advertising cookies, third-party analytics, tracking pixels, or any cross-site tracking technology. No consent banner is needed because no non-essential tracking takes place.

Everything is encrypted. All data is encrypted in transit (TLS) and at rest.

Access to production data is restricted to a minimal number of operators using strong authentication. Infrastructure is hosted with reputable providers and protected by industry-standard safeguards.

We share your data with no one. We do not sell, rent, license, or disclose your information to third parties.

The only exception is the minimum information required for our payment provider to process your subscription (name, email, billing details). The payment provider acts as an independent data controller for that purpose and is bound by its own privacy terms.

We will only disclose data if compelled by a valid legal request, and only the minimum required by law.

Our infrastructure and payment provider may store or process data outside your country of residence. Where this involves transfers out of the EU/UK, we rely on Standard Contractual Clauses or equivalent safeguards. The data remains protected to the same standard described in this policy regardless of where it is processed.

We retain only non-sensitive operational data — such as workflows, configuration, and reply history. Because this data is not sensitive, it is kept indefinitely so you can resume the service later without losing your setup.

We never store access to your X account or any login credentials. You can request deletion of your data at any time by contacting us.

You have the right to access, correct, export, restrict, or delete your data. You may also object to processing or withdraw consent at any time. We will respond to requests within 30 days at no cost.

If you are in the EU/UK, you also have the right to lodge a complaint with your local data protection authority. We would, however, prefer to address any concerns directly first.

Fireply is not intended for users under the age of 16. We do not knowingly collect data from anyone under 16. If you believe a minor has provided us data, contact us and we will delete it.

If we make material changes to this policy, we will update the “Last updated” date above and notify active customers by email. Continued use of the service after the change constitutes acceptance of the updated policy.

For any privacy-related questions, requests, or complaints, contact us at [email protected].