Privacy Policy

Last updated: May 16, 2026

The Short Version

• sfeed keeps the connection it needs to post for you. If you use hosted scheduling, that connection is also used for scheduled posts.
• The CLI asks before sending telemetry. If you opt in, sfeed sends anonymous command usage events. It never sends post content, media, tokens, account IDs, or file paths.
• The website uses Google Analytics. We use it only to understand web traffic on sfeed.dev.
• We don't sell your data.
• Scheduled posts use the hosted scheduling service. Immediate posts happen directly from your machine.

1. What sfeed is

sfeed is a CLI tool and MCP server that posts to Facebook Pages and Instagram on your behalf. It runs on your machine.

2. Authentication

When you run sfeed auth facebook, your browser opens so you can approve access in Facebook. sfeed then saves the connection it needs for posting and scheduling.

1. You sign in to Facebook and approve the requested permissions
2. sfeed finishes the connection
3. The saved connection can then be used for immediate posting and scheduled posting

3. What we store

On your machine (always):

• The local auth state and settings sfeed needs to run
• Optional advanced credentials if you choose to use your own app setup
• Your CLI telemetry preference and anonymous telemetry ID

In the hosted service:

• The connection and scheduled post data needed for hosted scheduling
• The billing state needed to manage a hosted scheduling subscription
• Anonymous CLI telemetry events, only if you opt in

We don't store your optional local credentials. Those stay on your machine.

4. Hosted scheduling

When you schedule a post with sfeed post "content" --at "2026-04-01T09:00:00Z", sfeed keeps the information needed to publish that post later.

If you only post immediately and never schedule anything, your post content does not need to be kept for later delivery.

5. Optional local credentials

If you choose to use your own credentials, those credentials stay on your machine.

6. Third-party services

• Facebook/Meta Graph API -- to post to your Facebook Page and Instagram.
• Stripe -- processes payments for hosted scheduling subscriptions. When you subscribe, Stripe receives your email and payment details directly. We never see or store your card number. Subject to Stripe's privacy policy.
• Google Analytics, used on the sfeed.dev website to understand web traffic. It is not part of the CLI.
• PostHog, used for optional anonymous CLI telemetry when you opt in.

7. CLI telemetry

After authentication, sfeed asks once whether you want to share anonymous CLI usage events. You can change this with sfeed telemetry on or sfeed telemetry off. You can also set SFEED_TELEMETRY=0 to disable telemetry from the environment.

When telemetry is enabled, sfeed sends command usage information such as command name, CLI version, operating system, Node major version, whether a post was scheduled, and whether media was included. It does not send post content, media, tokens, account IDs, page IDs, account names, file paths, or billing details.

8. How to remove sfeed completely

1. Remove the saved connection in sfeed: sfeed auth revoke facebook
2. Revoke Facebook access: go to Facebook Settings > Business Integrations, find sfeed, click Remove.
3. Uninstall the CLI: npm uninstall -g @sfeed/cli

After revoking on Facebook, sfeed can no longer post to your accounts. Any scheduled posts will fail.

Deletion instructions for Meta are also available at sfeed.dev/data-deletion.

9. The website

This website (sfeed.dev) is a static site. It uses Google Analytics to understand basic web traffic, like which pages are visited. The CLI does not include Google Analytics.

10. Changes

If this policy changes, the "Last updated" date at the top will change.

11. Contact

Questions about privacy: legal@nemantic.com