CHIRP // AUTH · LEGALsignin.chirpauth.com/legal
OUR SIX COMMITMENTS

What we promise,
in plain words.

These aren't aspirations. Each one is enforced by how the system is built — and the source is open so you can check.

1
We store the minimum.
Your email, your passkeys' public halves, your active sessions, and which apps you've approved. Nothing else — no names, no phone numbers, no profile we invented.
2
Apps can't correlate you by default.
Each app sees a different identifier for you, derived by HMAC from your id and the app's id, so two apps comparing notes can't tell they're looking at the same person. Apps never receive your email address at all — there is no email scope; Chirp keeps the address server-side.
3
We don't track you.
No analytics pixels, no click-wrapping in emails, no ad networks. We bill per tenant precisely so we never need a notion of "active users" to watch.
4
We only email you when it matters.
Sign-in links, action confirmations, security events, and billing. No newsletters, no nudges, no re-engagement drips. Ever.
5
You can leave, completely.
Delete your account yourself from /account/delete. We remove your passkeys, sessions, and consents on the spot — no email-us-to-erase ritual.
6
Same code, in the open.
The hosted service runs the same AGPL-3.0 source you can read and self-host. The privacy properties above are verifiable, not promised.
/privacy → /terms →