Privacy Policy

UnfollowMonkey is operated by Paul-Louis Hery, Zurich, Switzerland.

For privacy matters, contact privacy@unfollow-monkey.com.

We process account identifiers from X/Twitter OAuth, including username, profile metadata, and email when provided by the authentication flow.

We store follower snapshots and unfollower event history needed to provide dashboard history and DM notifications.

For paid subscriptions, we process Stripe customer/subscription identifiers and status. We do not store full payment card numbers.

We process data to deliver the service you request (contract performance), including checks, event generation, and account display.

We process limited operational data for security, fraud prevention, debugging, and legal compliance (legitimate interests and legal obligations).

Where consent is required by law, we rely on consent.

Account emails are used for service, billing, and security communications only.

We do not send marketing newsletters by default.

We share data only with processors necessary to run the service: Supabase (self-hosted authentication/database), Microsoft Azure (hosting), Stripe (billing), X/Twitter and twitterapi.io (social graph and API operations), and Umami (cookieless analytics).

Processors are contractually limited to service-related processing.

Primary hosting is in Germany/EU, but some processing may involve providers operating in other countries.

When transfers occur, we rely on appropriate safeguards required by applicable data-protection law.

Account and follower-event data is retained while your account is active.

After account deletion, active account-related data is deleted or anonymized within 30 days, except records that must be retained for legal, tax, accounting, or fraud-prevention obligations.

We use technical and organizational measures designed to reduce unauthorized access, alteration, or disclosure.

No online service can guarantee absolute security.

Depending on your jurisdiction, you may request access, correction, deletion, portability, restriction, or objection to processing.

Requests can be sent to privacy@unfollow-monkey.com.

We use essential authentication/session cookies required for login and security.

We use Umami analytics configured in cookieless mode for aggregate traffic measurement.

We do not currently use a standalone cookie-consent banner for this cookieless analytics setup.

If you are in the EU/EEA, GDPR rights include access, rectification, erasure, restriction, objection, and data portability.

You may lodge a complaint with your local supervisory authority.

At this stage, no specific Article 27 EU representative is designated.

Users in France may contact the CNIL if they believe their rights are not respected.

French users may exercise rights requests at privacy@unfollow-monkey.com.

US state privacy laws may grant rights to know, delete, correct, and obtain a copy of personal data.

We do not sell personal information for monetary value and do not share personal information for cross-context behavioral advertising.

California residents can submit requests via privacy@unfollow-monkey.com.

The service is not intended for children under 16.

If we learn that data from a child under the applicable minimum age was collected without authorization, we will delete it.

Privacy requests: privacy@unfollow-monkey.com.

General support: support@unfollow-monkey.com.

We may update this Policy at any time and publish updates on this page with a revised effective date (website notice only).