Privacy Policy

Last updated: May 2026

1. Introduction

LinkedIn AI Copilot ("we," "us," or "our") operates the chrome extension and website at linkedin-ai-copilot.com. This policy explains what data we collect, why, and how we handle it.

2. Data We Collect

• Account data: Email address and hashed password when you register. Display name if provided.
• Usage data: Generation type (comment, post, DM, connection note), tone selected, character count, and timestamp for each AI generation. We do not store the generated text content after delivery.
• Input context: The first 200 characters of text you provide as context for generation. This is stored temporarily for debugging and rate limiting, and deleted after 30 days.
• Billing data: Lemon Squeezy customer ID, subscription status, and period dates. We never see or store your credit card — Lemon Squeezy handles payment as our Merchant of Record.
• Style profile data: Writing style preferences (tone, vocabulary level, sentence length tendencies) you explicitly save.

3. Data We Do NOT Collect

• Browsing history outside LinkedIn pages where the extension is active
• LinkedIn login credentials or session cookies
• Personal data from your LinkedIn profile beyond what you manually provide
• Keystrokes or screen recordings

4. How We Use Your Data

• To authenticate you and enforce daily generation quotas
• To generate AI-powered text through OpenAI's API
• To process subscription payments via Lemon Squeezy
• To improve the service (aggregate, anonymized usage analytics)

5. Data Sharing

• OpenAI: Your context text is sent to OpenAI's API to generate responses. OpenAI processes it under their own privacy policy. We do not grant OpenAI access to your stored data.
• Lemon Squeezy: Billing and payment data is processed by Lemon Squeezy as our Merchant of Record.
• We do not sell, rent, or share your personal data with any other third parties.

6. Data Storage & Security

All data is stored on our self-hosted server with:

• Passwords hashed with bcrypt (never stored in plain text)
• JWT-based authentication with short-lived access tokens
• HTTPS encryption for all data in transit
• Database access restricted to the application backend

7. Data Retention

• Account data: Retained until you delete your account
• Generation metadata: Retained for 12 months, then anonymized
• Input previews: Deleted after 30 days
• Style profiles: Retained until you delete them or your account

8. Your Rights

You may:

• Request a copy of all data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and all associated data
• Export your style profiles and generation history

To exercise these rights, email us at support@sinkingfund.app.

9. Chrome Extension Permissions

The extension requests:

• Storage: To save your auth tokens and preferences locally
• Active tab / LinkedIn pages: To inject AI buttons and read the context you select for generation

The extension only activates on linkedin.com domains.

10. Children's Privacy

This service is not directed at anyone under 16. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this policy. Changes will be posted on this page with a revised "Last updated" date. Continued use after changes constitutes acceptance.

12. Contact

Questions? Email support@sinkingfund.app.

← Back to Home