Privacy Policy

Last updated: March 2, 2026

This Privacy Policy describes how ImmunoFeed ("we", "us", or "our") collects, uses, and shares your information when you use our Chrome Extension and Web Application.

1. Introduction

ImmunoFeed is a trustworthiness analysis tool for X/Twitter accounts. Our Chrome Extension helps you identify potentially untrustworthy accounts (spam, AI farms, manipulation campaigns) while browsing X/Twitter. Our Web Application provides detailed analysis reports and account management features.

This Privacy Policy applies to both the ImmunoFeed Chrome Extension and Web Application. By using our services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Chrome Extension

Our Chrome Extension collects the following information:

  • X/Twitter Account Handles: Handles of accounts that appear on your timeline or that you interact with
  • Public Tweet Content: Text content and metadata from public tweets for analysis purposes
  • Authentication Cookies: Your X.com session cookies to authenticate requests to our servers
  • Extension Settings: Your preferences such as collection mode and theme settings (stored locally in your browser)

2.2 Web Application

Our Web Application collects the following information:

  • Email Address: Used for authentication via email one-time password (OTP)
  • Account Decisions: Your trust decisions for analyzed accounts (trusted, watching, distrusted)
  • Block Status Markers: Records of accounts you've marked for blocking
  • Analysis Requests: Records of which accounts you've requested analysis for

2.3 Information We Do NOT Collect

We want to be clear about what we do not collect:

  • Your complete browsing history
  • Private or direct messages on X/Twitter
  • Passwords (we use passwordless email OTP authentication)
  • Your personal X/Twitter account credentials
  • Information from websites other than X.com and twitter.com

3. How We Use Your Information

We use the collected information for the following purposes:

  • Account Analysis: Analyze X/Twitter accounts to determine trustworthiness using AI
  • Provide Reports: Generate and display trust scores, risk tags, and detailed analysis reports
  • Service Improvement: Maintain, improve, and optimize our analysis algorithms and user experience
  • Account Management: Enable you to manage your trusted/distrusted account lists and blocking preferences
  • Authentication: Verify your identity when accessing the Web Application

4. Third-Party Services

We use the following third-party service providers to operate ImmunoFeed:

Supabase (Authentication & Database)

Purpose: Provides secure authentication (email OTP) and PostgreSQL database hosting

Data Shared: Email address, user ID, account analysis data

Privacy Policy: https://supabase.com/privacy

Anthropic Claude API (AI Analysis)

Purpose: Performs AI-powered trustworthiness analysis of tweet content

Data Shared: Public tweet text content only (no personal user information or email addresses)

Privacy Policy: https://www.anthropic.com/legal/privacy

PostHog (Product Analytics)

Purpose: Collects anonymized usage analytics on the Web Application to help us understand how features are used and improve the product

Data Shared: Page views, feature usage events (e.g. analysis requests, login events), and basic device/browser information. No tweet content or personal account data is sent to PostHog.

Scope: PostHog is only used on the Web Application. It is not included in the Chrome Extension.

Privacy Policy: https://posthog.com/privacy

X/Twitter API

Purpose: The Chrome Extension fetches public tweet data using your X.com session

Data Shared: Your X.com cookies (used for authentication with X's internal API)

Note: We only access publicly available data. We do not access private messages or non-public information.

Note: Analytics tools (PostHog) are only used on the Web Application and will never be added to the Chrome Extension.

5. Data Storage and Security

We take the security of your data seriously:

  • Encrypted Storage: All data is stored in PostgreSQL databases hosted by Supabase with encrypted connections
  • Passwordless Authentication: We use email one-time passwords (OTP) instead of storing passwords
  • Access Controls: Database access is restricted to authorized services only
  • Purpose Limitation: We only use your data for providing the ImmunoFeed service
  • Local Storage: Extension settings (theme, collection mode) are stored locally in your browser and never transmitted to our servers

6. Data Sharing and Disclosure

We are committed to protecting your privacy:

  • We Do Not Sell Your Data: We will never sell your personal information to third parties
  • No Advertising: We do not share your data with advertisers or data brokers
  • Service Providers Only: We only share data with service providers necessary to operate ImmunoFeed (Supabase for infrastructure, Anthropic for AI analysis, PostHog for product analytics)
  • Minimum Necessary: Service providers only receive the minimum data necessary to perform their specific functions

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights or the safety of users.

7. Chrome Extension Permissions

Our Chrome Extension requests the following permissions. Here's why each is needed:

storage

Purpose: Store your preferences (collection mode, theme setting) locally in your browser. This data never leaves your device.

cookies

Purpose: Access your ImmunoFeed Web Application authentication session to verify you're logged in. Also used to access X.com cookies for fetching public tweets.

alarms

Purpose: Schedule periodic cache cleanup to prevent memory buildup and manage blocking queue operations.

sidePanel

Purpose: Display the Side Panel UI where you can view analysis progress and manage analyzed accounts.

host_permissions (x.com, twitter.com)

Purpose: The extension only operates on X/Twitter websites. These permissions allow us to inject trustworthiness indicators into your timeline and display hover cards with analysis results.

Important: The extension does not monitor or access any other websites. It only operates on x.com and twitter.com.

8. Your Rights and Choices

You have the following rights regarding your data:

  • Access Your Data: You can view all your analyzed accounts, decisions, and reports in the Web Application dashboard
  • Delete Your Account: You can delete your account and all associated data at any time through the Web Application settings
  • Data Export: Contact us to request a copy of your data in a portable format
  • Opt Out: You can uninstall the Chrome Extension at any time to stop data collection
  • Modify Settings: Adjust extension collection mode and other preferences through the Side Panel settings

Note: Deleting the extension does not automatically delete your Web Application account data. You must delete your account through the Web Application if you want all data removed.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

  • Notification: For significant changes, we will notify you via email or through a prominent notice in the Web Application
  • Effective Date: The "Last updated" date at the top of this policy indicates when it was last revised
  • Review: We recommend reviewing this policy periodically to stay informed about how we protect your information

Continued use of ImmunoFeed after policy changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Support Page: immunofeed.sadcoder.com/support

We will respond to your inquiry within 7 business days.