Privacy Policy for Privacy Advocates
Yes, we collect data to provide our scheduling service. Modern web services require some data collection. We collect only what's necessary to maintain your automated posting schedule.
Our Approach
Online privacy is complex in the modern internet. We can't control what other services do with your data. What we can do is maintain a minimal-data approach to our scheduling service.
This policy explains exactly what we collect, what we don't, and why we need it.
What We Collect
- Email address: For magic links. No passwords = one less thing to leak
- OAuth tokens: To post on your behalf. Encrypted with AES-256-GCM, rotated monthly
- Recent posts: To mimic your style. Analyzed locally, deleted after 90 days
- Payment info: Stripe handles this. We see "customer_xyz paid" not your card
- Basic analytics: Page views, not behavior. We use Plausible, not Google Analytics
Acxiom has data on 700 million people with 1,500 data points each. They know your income, health issues, and political leanings. They sell this for $0.0005 per record. Your entire digital soul is worth half a penny.
Our Zero-Knowledge Architecture
We've designed the system so we know as little as possible:
- Content separation: We don't know which posts are yours vs ours
- No behavioral tracking: We don't track clicks, scrolls, or dwell time
- No cross-referencing: Payment data and social data never meet
- Local processing: Style analysis happens on isolated containers
- Audit logs: You can see everything we've posted, when, and why
What We DON'T Collect
- Passwords (magic links only)
- Private messages or DMs
- Friend lists or contacts
- Location data or IP history
- Device fingerprints
- Third-party cookies
- Behavioral patterns
- Your real name (unless it's your email)
How We Store Data (The Technical Part)
- Database: PostgreSQL with row-level encryption
- OAuth tokens: Redis with 30-day expiry, encrypted at rest
- Backups: Encrypted with GPG, stored in privacy-respecting jurisdiction
- Logs: Rotated daily, auto-deleted after 7 days
- Infrastructure: Servers in Iceland/Switzerland (they still respect privacy)
Google processes 8.5 billion searches daily. Each search adds 1-5 data points to your profile. After 10 years, they have ~15,000 data points on you. We add 4 posts monthly - just enough noise to break correlations.
Third Parties (The Necessary Evils)
We minimize third-party exposure but can't eliminate it entirely:
- Stripe: Handles payments. Yes, they track. Pick your battles
- Social platforms: We post via their APIs. They see the posts, not the strategy
- Cloudflare: DDoS protection. They see traffic, not content
- No data brokers: We don't sell, share, or "partner" your data. Ever.
Your Rights (They're Real)
- Access: Download all your data in JSON format anytime
- Deletion: Delete account = delete data within 48 hours
- Correction: Fix any incorrect data immediately
- Portability: Export to standard formats (JSON, CSV)
- Objection: Opt out of any processing you don't like
- Transparency: See exactly what we've posted and when
Data Retention (We're Not Hoarders)
- Posts: 90 days then auto-deleted
- OAuth tokens: 30 days then refreshed
- Payment records: 3 years (tax law requires this)
- Account data: 30 days after cancellation
- Logs: 7 days rolling window
- Backups: 90 days then purged
Cookie Policy (Just the One)
We use exactly one cookie: session_token for authentication.
- No tracking cookies
- No advertising cookies
- No analytics cookies
- No third-party cookies
- No fingerprinting scripts
The modern web relies on many tracking cookies. We use minimal cookies - just one session cookie.
The average website has 75 tracking scripts. Facebook's pixel is on 30% of all websites. Google Analytics is on 85% of the top 10k sites. We have zero tracking scripts. Check our source code.
Government Requests
When the feds come knocking (they haven't yet):
- We require valid warrants, not requests
- We notify you unless legally gagged
- We publish transparency reports
- We can only provide what we have (which isn't much)
- Canary: As of September 2025, zero requests received
Breaches (When, Not If)
Every service gets breached eventually. When it happens:
- Notification within 72 hours
- Full disclosure of what was accessed
- OAuth tokens auto-revoked
- Detailed timeline and remediation steps
- No corporate speak or minimization
The Good News
Unlike big tech, we:
- Don't have investors demanding growth metrics
- Don't sell data to advertisers
- Don't build shadow profiles
- Don't track you across the web
- Don't use dark patterns
- Actually want you to have privacy
Contact for Privacy Concerns
Privacy questions? Data requests? Paranoid and need reassurance?
Email: privacy@scatter.bot
PGP: 3048 0241 00C9... (full key on /pgp.txt)
Response time: 24-48 hours (we're small, not Amazon)
Policy Changes
When our service evolves, we'll update this policy. Changes announced via:
- Email notification 30 days before changes
- Dashboard banner for logged-in users
- Changelog at
/privacy-changelog - No retroactive changes to existing users
Our Philosophy
We believe in minimal data collection. We collect only what's necessary to provide our scheduling service. Every byte we collect serves a specific purpose.
We're committed to transparency about what we collect and why.
Version 2.0 - Post-Privacy Era Edition
Canary: No government requests as of this update