1. What we store
Account data (email, display name, password hash — never the plaintext); your optional author profile (headline, bio, expertise, audience); the public LinkedIn posts you scrape into your workspace (text, engagement counts, images re-hosted to our storage); voice and image profiles derived from those posts; your conversations, generated drafts and images; scheduled posts; API keys (hashed); and an audit log of privileged actions with IP address and user agent.
2. What we don't store
Your LinkedIn password or session cookies never leave your browser — the extension talks to LinkedIn from your own logged-in session and only sends scraped post content and posting results to your workspace. Card details never touch our servers: paid checkout happens inside Razorpay's widget, and we keep only order/payment identifiers for reconciliation. We don't sell personal data, run ads, or use third-party advertising trackers.
3. How AI providers see your data
To generate analyses, posts, and images we send relevant text (scraped posts, your prompt, your author profile) and, for image analysis, image URLs to large-language-model providers (currently Anthropic and OpenAI) under their API terms, which exclude training on API data. Logged prompt text is redacted/hashed in our own telemetry.
4. Scraped creator content
Scraped posts are public content fetched from your own browser session and stored only in your workspace. Voice profiles describe writing mechanics (hooks, rhythm, formatting); they are isolated per workspace unless an operator explicitly publishes a shared style. If you believe content should be removed, contact us and we'll delete it.
5. Analyses are operator-owned
Voice and image analyses are requested by you but produced and owned by the platform operator (admin). They are shared workspace assets: deleting your account removes your personal content (conversations, drafts, scheduled posts) but does not delete analyses or trained styles, which only an admin can remove.
6. Where data lives
Data is stored in managed Postgres and object storage; images are served via short-lived signed URLs. Access within a workspace is isolated by row-level security; privileged operator actions are audit-logged.
7. Retention and deletion
Data stays until you delete it or your account. Deleting a conversation, scheduled post, or profile removes it from active storage; backups roll off on a fixed schedule. Account deletion removes workspace data attributable to you.
8. Cookies
We use a single session cookie to keep you signed in. No cross-site tracking cookies.
9. Contact
Privacy questions or deletion requests: contact the workspace operator who invited you, or the address listed on the service's status page.