Privacy Policy

Last updated: April 18, 2026

1. Introduction

LinkedIn Sales Assistant ("we", "our", or "the Service") is a Chrome extension and web dashboard that helps users generate AI-powered comments on LinkedIn, manage connections, and streamline outreach. This Privacy Policy explains what data we collect, how we collect it, how we use and store it, who we share it with, and your rights regarding that data.

By installing the extension or using the dashboard, you agree to the data practices described in this policy.

2. Data We Collect

2.1 Account Information

When you sign in with Google, we receive your name, email address, and profile picture from Google OAuth. This is used to create your account and sync data across devices.

2.2 Personas & Brain Configuration

You create persona descriptions that define your commenting style, and optionally configure a "Brain" with target keywords and audience descriptions. These are stored on our servers and synced to the Chrome extension.

2.3 LinkedIn Post Content

When you request a comment, the extension sends the LinkedIn post text, author name, author headline, and engagement metrics to our AI backend for comment generation. This data is processed in real-time and is not permanently stored on our servers.

2.4 Comment History

If you use the "Sync Comment History" feature, the extension scrapes your past LinkedIn comments and sends them to our backend for analytics. This is opt-in and only triggered when you explicitly click the sync button.

2.5 Connection Data

If you use the "Sync Connections" feature, the extension collects your LinkedIn connections list including names, profile URLs, headlines, and connection degree. This data is used to power connection tagging, Smart Connect matching, and outreach features in the dashboard.

2.6 Email Addresses

If you use the email enrichment feature, the extension may extract publicly visible email addresses from LinkedIn profiles (contact info section). This data is stored in your dashboard for outreach purposes and is only collected when you explicitly trigger it.

2.7 Usage Data

We track daily comment counts per user for enforcing plan limits. We also track persona usage counts (how many times each persona is used) to help you identify your most effective personas.

2.8 LinkedIn Profile Data

The extension reads publicly visible information from LinkedIn pages you visit, including post author names, headlines, post content, and commenter information. This data is used for comment generation, Smart Connect keyword matching, and connection management features. This data is only collected while you are actively using the extension on LinkedIn.

3. How We Collect Data

  • Google OAuth: Account information is collected during sign-in via Google's OAuth 2.0 flow.
  • Chrome Extension Content Scripts: LinkedIn page data (posts, comments, connections, profiles) is collected by content scripts injected into LinkedIn pages when you use the extension.
  • User Input: Personas, brain configuration, connection tags, and preferences are collected directly from your input in the dashboard and extension popup.
  • Automatic Tracking: Usage counts (daily comments, persona usage) are tracked automatically when you use the Service.

4. How We Use Your Data

  • Comment generation: Post content and your persona description are sent to our AI backend to generate relevant comments. This data is processed in real-time and not retained after generation.
  • Account management: Your Google profile information is used to authenticate you and sync your personas and settings across devices.
  • Plan enforcement: Daily comment counts are tracked to enforce free-tier limits (10 comments/day).
  • Analytics: Comment history and usage data are used to power your dashboard analytics (impressions, engagement tracking).
  • Connection management: Connection data is used to display tags, track outreach status, and match connections against your brain keywords.
  • Smart Connect: Author and commenter headline data is matched against your brain keywords to suggest relevant connections.
  • Email outreach: Collected email addresses are displayed in your dashboard for your own outreach purposes.

5. Data Sharing & Third-Party Services

We do not sell your personal data. We share data with the following third-party services only as necessary to provide the Service:

  • Google (Authentication): We use Google OAuth for sign-in. Google receives standard OAuth authentication data. Subject to Google's Privacy Policy.
  • Convex (Database): Our real-time database provider. Stores user accounts, personas, brain configuration, connection data, tags, comment analytics, and subscription information. Subject to Convex's Privacy Policy.
  • Stripe (Payments): Processes subscription payments. We do not store credit card information. Stripe receives your email address and payment details. Subject to Stripe's Privacy Policy.
  • OpenRouter (AI Processing): Our AI backend routes requests through OpenRouter to generate comments. Post content and persona descriptions are sent for processing and are not stored after generation. Subject to OpenRouter's Privacy Policy.
  • Cloudflare Workers (API Backend): Our API backend is hosted on Cloudflare Workers for processing requests between the extension and AI services. Subject to Cloudflare's Privacy Policy.

We do not share your data with any other third parties, advertisers, or data brokers.

6. Data Storage & Security

Your account data, personas, connection data, and analytics are stored in Convex, a secure real-time database. The Chrome extension stores your authentication token, personas, preferences, and cached data locally using Chrome's storage API, which is isolated to your browser profile.

We use HTTPS/TLS encryption for all data transmission between the extension, our backend, and third-party services. No data is transmitted in plain text.

7. Data Retention

  • Account data: Retained as long as your account is active. You can request deletion at any time.
  • Post content for AI generation: Processed in real-time and not permanently stored. Discarded immediately after comment generation.
  • Comment history: Retained in your dashboard until you delete it or your account.
  • Connection data & tags: Retained until you delete individual connections or your account.
  • Email addresses: Retained until you delete them or your account.
  • Local extension data: Stored locally in your browser until you uninstall the extension or clear extension data.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all associated data
  • Export your data (personas, comment history, connections)
  • Withdraw consent for optional features (e.g., comment history sync, connection sync, email enrichment)
  • Opt out of any data collection by uninstalling the extension

To exercise any of these rights, contact us at contact@nextbizness.com. We will respond to requests within 30 days.

9. Chrome Extension Permissions

The extension requests the following permissions:

  • activeTab & tabs: To detect when you're on LinkedIn and inject the comment assistant UI.
  • storage: To save your personas, preferences, authentication token, and cached data locally in your browser.
  • scripting: To inject content scripts on LinkedIn pages for comment generation and connection management.
  • identity: To handle Google OAuth sign-in flow.
  • sidePanel: To display the extension panel in Chrome's side panel.
  • contextMenus: To provide right-click options for Auto-Pilot features.
  • alarms: To schedule periodic tasks such as post publishing.
  • cookies: To maintain authentication state with LinkedIn.
  • Host permissions (linkedin.com): To read and interact with LinkedIn pages for comment generation, connection sync, and profile data extraction.
  • Host permissions (reddit.com): To enable Reddit integration features (search, comment, post).

10. AI-Generated Content

Comments generated by this extension are AI-generated using third-party language models via OpenRouter. You always review and approve comments before they are posted to LinkedIn. We do not auto-post comments without your explicit action (unless you enable the Auto-Pilot feature, which still requires your initial configuration and can be paused or stopped at any time).

11. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes through the extension or dashboard. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise your data rights, contact us at contact@nextbizness.com.