Sorsa is a fast, affordable, and reliable X (Twitter) scraper API that gives developers real-time access to public X data. Launched in 2022 (formerly TweetScout API), it offers up to 50x lower prices and 20x higher rate limits than the official X API, with instant setup and no approval needed.

If I compare Sorsa API with TwitterAPI.io, which one should I choose?

Most teams choose Sorsa. It has a much clearer flat pricing model, AI-optimized documentation designed specifically for Claude, ChatGPT and AI agents, and a cleaner, more intuitive developer interface and overall UX. Sorsa is also strictly read-only, which provides better stability for serious data and AI projects.

How does Sorsa compare to the official X (Twitter) API?

Sorsa is a high-performance alternative that provides 20x higher rate limits and full data access at up to 50x lower cost. It offers instant access and simple setup, while the official X API requires expensive tiers starting from $5,000 per month and long approval processes.

Can I post tweets or manage account content through Sorsa?

No. Sorsa is a read-only API focused on data retrieval and verification. We intentionally disabled write actions to maintain high stability and protect the service from spam and abuse.

Are rate limits the same across all Sorsa pricing plans?

Yes. All plans, from Starter to Enterprise, have the same flat rate limit of 20 requests per second. We do not throttle speed on lower-tier plans.

Is Sorsa compatible with AI agents and LLM training?

Yes. Sorsa was built with an AI-first approach. Our clean JSON format and specially optimized documentation work excellently with Claude, ChatGPT, OpenClaw and other AI agents for one-shot integration and RAG pipelines.

What is Sorsa's flat pricing model?

With Sorsa, 1 request always equals exactly 1 action. There are no credit multipliers or hidden fees. Fetching a tweet, running an advanced search, or pulling a large follower list all cost the same - one request from your monthly quota.

Is using Sorsa legal and safe?

Yes. Sorsa only accesses publicly available data on X, similar to how any browser or search engine works. The service is built for ethical use cases such as market research, AI training, and business analytics while following all relevant privacy laws.

How fresh is the data from Sorsa and how do I migrate from the official X API?

All data is real-time with sub-second latency. Migration from the official X (Twitter) API is straightforward and usually takes under 2 hours, because our endpoints and JSON structure are very similar. Check our Migration Guide for detailed instructions and example code.

Privacy Policy

Last updated: March 23, 2026

This Privacy Policy explains how Sorsa ("we", "us", "our") collects, uses, discloses, and protects information when you use the Sorsa API platform available at api.sorsa.io, including the website, dashboard, API endpoints, and related documentation (collectively, the "Service").

Not affiliated with X. Sorsa is an independent service and is not affiliated with, endorsed by, or sponsored by X Corp (formerly Twitter). References to "X" or "Twitter" throughout this document are for descriptive purposes only.

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Policy, do not use the Service.

1. Controller and Contact Information

Sorsa acts as a data controller for personal data processed through the Service as described in this Policy. For any privacy-related questions, data subject requests, or concerns, contact us at: contacts@sorsa.io.

2. Scope

This Policy applies to all users of the Service, including visitors to the api.sorsa.io website, registered users of the dashboard, and developers or businesses accessing data through the API.

This Policy does not apply to third-party websites, platforms, or services you may access through links or integrations, including X (formerly Twitter). Those services are governed by their own privacy policies.

3. Information We Collect

3.1 Account Information

When you create an account, we collect the minimum data necessary for registration, authentication, and account management. Depending on the method you choose, this may include:

Email address and password (if you register with email and password)
Google OAuth data (typically your email address, profile name, and Google account ID, as authorized by you through Google's login flow)
Crypto wallet address and authentication signatures (if you sign in with a wallet)
Telegram account identifiers (such as Telegram user ID, username, and other data shared via Telegram's login widget)

3.2 Payment Information

Payments are processed by third-party payment processors:

Stripe for card payments
Cryptomus for cryptocurrency payments

We do not store your full card numbers, CVV codes, or full payment credentials. We may receive and store limited payment metadata such as payment status, timestamps, plan or subscription identifiers, invoice or transaction references, and the amount and currency of the transaction.

3.3 API Usage Data

When you use the API or the dashboard, we automatically collect technical and usage data, including:

API request timestamps, endpoints accessed, and response status codes
API key identifiers and credit consumption
IP addresses from which requests originate
User agent (browser and device information)
Approximate location derived from IP address (country or region level)
Log data (access times, pages or screens viewed, referring URLs)
Performance metrics and error data

3.4 Support Communications

If you contact us for support, we collect the messages you send, any attachments you provide, and related metadata needed to process and respond to your request.

3.5 Cookies and Similar Technologies

On the api.sorsa.io website and dashboard, we use cookies and similar technologies for:

Strictly necessary functionality (authentication, session management, security)
Preferences and features (theme, language, dashboard layout)
Analytics (understanding how the Service is used and improving it)

You can manage cookie preferences through our cookie banner (where displayed) and through your browser settings. Blocking certain cookies may affect functionality. We do not currently use marketing or advertising cookies.

4. Public Data from X and Similar Sources

A core function of the Service is providing API access to analytics and data derived from publicly available information on X (formerly Twitter) and other public web sources.

Through the API, we may collect, process, store, and make available public information such as:

Handles, user IDs, and publicly visible profile data (display name, bio, avatar, public follower and following counts)
Publicly visible posts, replies, and engagement metrics (likes, reposts, replies, views)
Publicly visible follower and following relationships and related metadata, where accessible from public sources
Derived analytics, scores, and computed metrics generated from the above public inputs

Important: We do not claim ownership of third-party public content. Our analytics outputs may be probabilistic and are not guaranteed to be perfectly accurate. We do not intentionally infer or process special category data (such as political opinions, religious beliefs, health data, sexual orientation, or ethnic origin) as defined under GDPR or similar laws.

If you believe the Service displays inaccurate information about a public account, or if you wish to raise a privacy concern regarding publicly sourced data, contact us at contacts@sorsa.io.

5. How We Use Information

We use the information described above for the following purposes:

Providing, operating, and maintaining the Service, including authentication, account management, and delivering API responses
Processing subscriptions and confirming payment status
Monitoring API usage, enforcing rate limits, and managing credit consumption
Providing customer support and responding to requests
Detecting, preventing, and investigating abuse, fraud, security incidents, and violations of our Terms of Service
Improving performance, reliability, and user experience (including debugging and error resolution)
Sending service-related communications (important updates, security notices, billing confirmations)
Complying with legal obligations and enforcing our rights We do not use your personal data for targeted advertising.

6. Legal Bases for Processing (EEA/UK)

Where required by applicable law (including GDPR and UK GDPR), we process personal data on the following legal bases:

Contract necessity: to provide the Service you have requested, including account creation, subscription management, and API access.
Legitimate interests: for security, fraud prevention, service improvement, analytics, abuse detection, and maintaining and protecting the Service, balanced against your rights and freedoms.
Consent: for optional (non-essential) cookies and similar technologies, where consent is required by applicable law.
Legal obligations: to comply with applicable laws, regulations, and lawful governmental requests. You may withdraw consent at any time for processing activities that are based on consent. Withdrawal does not affect the lawfulness of processing that occurred prior to withdrawal.

7. Data Sharing and Disclosure

We treat personal data as confidential and share it only as necessary for the purposes described in this Policy.

7.1 Service Providers

We may share data with third-party vendors who assist us in operating the Service (for example, cloud hosting, infrastructure, analytics, security monitoring, and customer support tooling). These providers are contractually obligated to process data only on our instructions and solely for the agreed purposes.

7.2 Payment Processors

Stripe and Cryptomus process payments on our behalf. They handle payment data under their own privacy policies where applicable.

7.3 Legal and Safety

We may disclose information if we reasonably believe it is necessary to comply with applicable law, regulation, legal process, or governmental request; to enforce our Terms of Service and protect our rights; or to protect users and the public from harm, fraud, or security risks.

7.4 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to appropriate safeguards and notice where required.

7.5 Aggregated or De-Identified Data

We may share aggregated or de-identified data that cannot reasonably be used to identify you. We do not sell personal data in exchange for monetary consideration. If you reside in a jurisdiction where "sale" or "sharing" of personal data has a broader legal definition, please contact us and we will address your request consistent with applicable law.

8. International Data Transfers

Your information may be processed in countries other than where you reside, including countries that may have different data protection standards. Where required by applicable law, we implement appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms.

9. Data Security

We implement reasonable administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, misuse, alteration, and destruction. These measures include encryption of data in transit (TLS), access controls, and regular monitoring. No method of electronic transmission or storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security, and you use the Service at your own risk.

10. Data Retention

We retain personal data for as long as reasonably necessary to provide the Service and fulfill the purposes described in this Policy, including for security, dispute resolution, abuse prevention, and legal compliance.

Account data: retained while your account is active and for a reasonable period after account deletion to handle disputes, prevent abuse, and comply with legal obligations.
API usage logs: retained for a limited period appropriate for operational monitoring, debugging, and security investigation.
Payment records: retained as required by applicable tax and financial reporting laws.
Support communications: retained as needed to provide support and maintain service history. You may request deletion of your personal data as described in Section 11 below.

11. Your Rights and Choices

Depending on your location, applicable data protection laws may grant you rights such as:

Access to your personal data
Correction of inaccurate or incomplete data
Deletion (erasure) of your personal data
Data portability (receiving your data in a structured, machine-readable format)
Restriction of or objection to certain processing activities
Withdrawal of consent (where processing is based on consent)
Filing a complaint with a data protection authority To exercise any of these rights, email contacts@sorsa.io. We may request reasonable information to verify your identity before processing your request. If you opt out of marketing communications, you may still receive service-related messages (such as billing confirmations or security alerts).

12. Google User Data

When you sign in using Google OAuth, we access and process your Google user data in compliance with Google's User Data Policy and applicable privacy laws. We access your email address (for account identification), profile name (for personalization), and Google account ID (for authentication). We use this data solely for account creation, authentication, service communications, and account recovery. All Google user data is encrypted and stored securely. We do not share your Google data with third parties. You may revoke our access at any time through your Google Account settings. Data associated with your Google sign-in is deleted within 30 days of account closure, or upon request.

13. Scraped Data and Your Responsibilities as an API Customer

When you use the Sorsa API to retrieve data, you act as a data controller for any personal data contained in the API responses. Sorsa acts as a data processor to the extent it facilitates the retrieval and transmission of such data on your behalf.

You are solely responsible for ensuring that your collection, storage, and use of data obtained through the API complies with all applicable laws, including data protection regulations such as GDPR, CCPA, and any other relevant privacy laws. You must have a lawful basis for collecting and processing personal data. You must respect the terms of service of any platforms from which data originates.

If you need a Data Processing Agreement (DPA) for enterprise or regulatory purposes, contact contacts@sorsa.io.

14. Children

The Service is not directed to children and is not intended for individuals under the age of 18 (or the age required to consent to data processing in your jurisdiction, if higher). We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, contact contacts@sorsa.io and we will take steps to delete it.

15. Third-Party Links and Services

The Service may contain links to third-party websites or services, including X (formerly Twitter). Their privacy practices are governed by their own policies. We are not responsible for the content, practices, or data handling of third-party services.

16. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted with a new "Last updated" date at the top. For material changes, we may also provide notice via email or through the dashboard. Your continued use of the Service after changes become effective constitutes acceptance of the updated Policy.

17. Contact

For privacy inquiries, data subject requests, or questions about this Policy:

Email: contacts@sorsa.io