Privacy Policy

Last updated: 31 March 2026

OpenBird is a Chrome extension and web application that enhances your Twitter/X experience. We believe in transparency about what data we handle and how we handle it. This policy covers both the Chrome extension and the web app at openbird.app.

Data we collect

  • X (Twitter) profile information — when you sign in with X, we receive your public profile: display name, username, bio, and profile picture. We store an access token to keep you signed in and to sync bookmarks.
  • Email address — if provided by X during authentication. Used only for account recovery and transactional emails (payment receipts, subscription changes). We do not send marketing emails.
  • Bookmarks — tweet IDs, folder names, tags, and metadata you save through the extension or import from X. Synced to your account only if you are signed in.
  • Extension activity logs — actions taken (likes, bookmarks, mutes, AI filter events) are stored locally in your browser via Chrome storage. These logs are never sent to our servers.
  • Payment information — if you subscribe to OpenBird Pro, payment is processed by Stripe. We store your Stripe customer ID and subscription status but never your card details.

Data we do NOT collect

  • We do not use analytics, tracking pixels, or third-party analytics services.
  • We do not store your X/Twitter password.
  • We do not read your direct messages or private content.
  • We do not sell, share, or monetise your data in any way.
  • We do not collect browsing history outside of Twitter/X.
  • We do not use your data for advertising or profiling.

How the extension works

The OpenBird extension runs entirely in your browser. It interacts with Twitter/X using your existing logged-in session (via the standard ct0 cookie that Twitter sets). We do not intercept, store, or proxy your Twitter credentials. All Twitter API calls are made directly from your browser to Twitter's servers.

The AI slop filter, CAPS normaliser, region detection, and ratio indicator all process tweet content locally in your browser. No tweet content is sent to our servers for analysis.

Authentication

OpenBird uses X (Twitter) OAuth 2.0 with PKCE for authentication. When you sign in, you are redirected to x.com to authorise OpenBird. We request read access to your public profile. Your X password is never shared with us. We store an OAuth access token to maintain your session and sync bookmarks.

Where your data is stored

All server-side data (accounts, bookmarks) is stored on our own self-hosted infrastructure on Hetzner servers located in Germany and Finland. We use PostgreSQL as our database. We do not use third-party cloud database services or data processors.

Extension data (activity logs, settings, cached config) is stored locally in your browser using chrome.storage.local. This data never leaves your device.

Cookies

We use a single cookie (ob_session) for authentication. It is an httpOnly, secure cookie containing a JWT token. It expires after 365 days. We do not use any advertising, analytics, or third-party cookies.

Third-party services

  • X (Twitter) — the extension interacts with Twitter's internal endpoints to perform actions you request (like, bookmark, follow, mute, block). These requests are made directly from your browser. OAuth authentication is handled through X's official OAuth 2.0 flow.
  • Stripe — if you subscribe to OpenBird Pro, payment processing is handled by Stripe. We do not store credit card numbers. Stripe's privacy policy applies to payment data.

Data deletion

You can request deletion of your account and all associated data by emailing hello@openbird.app. We will delete your account, bookmarks, folders, and any other stored data within 7 days of your request.

To delete extension data, uninstall the extension or clear its data from chrome://extensions.

Children

OpenBird is not intended for use by anyone under the age of 13. We do not knowingly collect data from children.

Changes to this policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated date. Continued use of OpenBird after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy or your data, email us at hello@openbird.app.