Privacy Policy
Summary
Narrative Sniper("we", "us") operates the Narrative Sniper API, SDK, CLI, MCP server, Skill and web dashboard. We are committed to handling data with discipline. The shortest possible version: we never see your private keys, we never sell your data, and we never read the contents of the messages between your agent runtime and our API beyond what is needed to fulfil your request.
Data we collect
- Account data — email, plan, billing identifier from our payment processor.
- API key metadata — hashes, last-used timestamps, IP for security review.
- Usage telemetry — endpoint, latency, response size, error code. No request body content beyond what is necessary to debug.
- Launch history — tweet ID, generated mint, signature, public wallet address.
- Public wallet address — to display balances in your dashboard.
Data we never collect
- Private keys. Ever. The transaction-signing boundary is hard.
- Seed phrases. Same.
- Direct message contents, browsing history outside of our domains, your local environment.
- Biometric data.
How we use data
We use the data we collect to operate the service: authenticate requests, enforce rate limits, render your dashboard, generate invoices and detect abuse. We use aggregated, de-identified usage statistics to size capacity and prioritize features. We do not sell or rent your data.
Third-party processors
We process data through a small set of vetted sub-processors:
| Vendor | Purpose | Region |
|---|---|---|
| Vercel | Web hosting & edge | Global |
| Stripe | Payments & subscriptions | US / EU |
| X / Twitter | Tweet ingestion | US |
| Anthropic / OpenAI | Narrative analysis | US |
| Replicate | Image generation | US |
| Pinata | IPFS pinning | US |
| Resend | Transactional email | US / EU |
Retention
Launch history is retained for the lifetime of your account. Authentication logs are retained for 90 days. Aggregated usage statistics are retained indefinitely in de-identified form.
Security
All traffic is TLS 1.3. API key material is stored hashed (Argon2id). We require MFA for all employee access. Our infrastructure is hosted in SOC-2-audited providers. We rotate vendor secrets quarterly.
Your rights
Depending on your jurisdiction (notably GDPR, CCPA, LGPD), you have rights to access, correct, export, restrict or delete your personal data. Contact us at hello@narrativesniper.online and we will respond within 30 days.
Cookies
We use first-party cookies for authentication and a single analytics cookie (Plausible — no third-party tracking, no cross-site fingerprinting). No advertising cookies, ever.
Minors
The service is not directed at children under 16 and we do not knowingly collect their data.
Changes to this policy
We will publish a notice in the dashboard at least 30 days before any material change. We do not silently roll out new data practices.
Contact
Privacy questions, deletion requests and breach reports go to hello@narrativesniper.online.