Legal Disclaimer: This Privacy Policy should be reviewed by a legal professional before production use to ensure compliance with GDPR, CCPA, and other applicable privacy regulations in your jurisdiction.
Last updated: 7/5/2026
X Trust Radar ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our trust verification service for X (formerly Twitter) accounts.
By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.
The Service does not require an account. There is no sign-up, no login, and no payment. The only information you actively provide is:
When you use our Service, we automatically collect:
When you request a verification, we fetch publicly available data about X accounts from a third-party data provider accessed via RapidAPI. This includes:
This data is publicly available on X and is not considered personal information under privacy laws. However, we process it to generate trust reports, which are cached in server memory for up to 24 hours to improve service performance.
We process your personal data based on the following legal bases:
We use the information we collect to:
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
The Service is stateless: we do not operate a user database. Verification results (public X data and trust reports) are held in server memory for up to 24 hours and then discarded. We implement appropriate technical and organizational measures in accordance with GDPR Article 32 (Security of Processing), including:
Data Location: Data is stored within the European Economic Area (EEA) where possible. When data is processed outside the EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, to protect your data in accordance with GDPR requirements.
Despite our security measures, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.
We share information with a single third-party service provider:
We use a third-party X (Twitter) data API accessed through RapidAPI to fetch publicly available account data. We send the username you ask us to check; the provider returns public account metadata. RapidAPI's privacy policy: https://rapidapi.com/privacy
We may disclose your information in the following circumstances:
Under applicable data protection laws (GDPR, CCPA, and others), you have the following rights:
You have the right to request a copy of your personal data that we hold. This includes information about what data we have, why we have it, and who we share it with.
You have the right to request correction of inaccurate or incomplete personal data. You can update your email address and account information through the Service interface or by contacting us.
You have the right to request deletion of your personal data. We will delete your account and associated data within 30 days, subject to legal retention requirements (e.g., tax records must be retained for 10 years under German law).
You have the right to request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another service provider.
You have the right to object to processing of your personal data based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.
Where processing is based on consent, you have the right to withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
To exercise any of these rights, please contact us at privacy@xtrustradar.com. We will respond to your request within 30 days (or as required by applicable law).
We may need to verify your identity before processing your request to protect your privacy and security.
We retain your personal data only for as long as necessary to provide our services and comply with legal obligations:
After the retention period expires, we will securely delete or anonymize your personal data, except where we are required to retain it for legal compliance.
We do not use cookies, and we set no advertising, analytics, or cross-site tracking technologies of any kind.
The Service stores one thing in your browser's session storage — your most recent search result — so it survives a page refresh during your visit. It is cleared when you close your browser, stays on your device, and is never sent to us. You can clear it at any time through your browser settings.
Our Service is not intended for children under the age of 16 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete that information.
In the event of a data breach that may affect your personal information, we will:
We maintain incident response procedures and regularly review our security measures to prevent breaches.
Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:
Our service providers may process data in various locations:
We ensure all transfers comply with GDPR and applicable German data protection laws. If you have questions about specific data transfers, please contact us.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:
Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you should stop using the Service and request deletion of your account.
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with a supervisory authority. In Germany, this is:
Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
Graurheindorfer Str. 153
53117 Bonn, Germany
Website: www.bfdi.bund.de
If you are located in another EU member state, you may also lodge a complaint with your local data protection authority.
For questions about this Privacy Policy, to exercise your privacy rights, or to report a privacy concern, please contact us at:
Privacy Inquiries: privacy@xtrustradar.com
General Support: support@xtrustradar.com
(Note: Update these email addresses with your actual contact information before production deployment)