Direct privacy policy for OutreachGenie and the Outreach Genie Chrome extension

We collect only the information needed to authenticate users, connect the extension to a workspace, run user-requested LinkedIn workflows, store CRM records, and operate the service.

• - Account and profile data from sign-in, including name, email address, avatar, and related account identifiers.
• - Workspace and connection data, including workspace IDs, names, roles, extension connection state, locally stored extension credentials, and runtime status stored in chrome.storage.local.
• - LinkedIn session and request data used locally in your browser to perform user-requested LinkedIn actions, including LinkedIn cookies, CSRF tokens, profile URNs, and page-derived identifiers.
• - LinkedIn website content and browsing data needed for user-facing features, such as profile URLs, search pages, post URLs, connection pages, and data extracted from those pages.
• - Prospect and CRM records you create or import, including LinkedIn URLs, names, company, title, optional email and phone fields, notes, list memberships, and custom fields.
• - Messaging and content data when you use messaging-related features, including message text you send, conversation metadata, reply checks, comment data, reaction data, and post-related prospect extraction results.
• - Operational records such as task outcomes, runtime history, recent connection sync data, LinkedIn profile metrics, error logs, webhook delivery status, and analytics used to monitor workspace activity.

Data is collected directly from you, through LinkedIn sign-in, from your use of the web app, and from the extension while you are on LinkedIn and have asked the product to perform a user-facing action.

• - To authenticate you, create or load your workspace, and keep you signed in to the web app.
• - To connect the Chrome extension to the correct workspace and allow the extension to verify that connection.
• - To execute user-requested LinkedIn actions such as profile visits, messaging, prospect extraction, connection sync, comment/reaction workflows, and related automation tasks.
• - To store and organize prospect records, lists, campaign data, activity history, and profile analytics inside your workspace.
• - To maintain product reliability, investigate abuse, recover from runtime errors, and provide support when you ask for help.
• - To honor your explicit instructions to send action results to destinations you configure, such as user-provided webhook URLs.

We do not sell user data. We share user data only in the limited situations below.

• - With LinkedIn, when the extension performs the LinkedIn action or request you asked it to perform.
• - With service providers that host, store, secure, or deliver the product on our behalf, such as infrastructure, database, and deployment providers acting under our instructions.
• - With destinations you explicitly configure, including user-provided webhook URLs that receive task results or extracted prospect data at your direction.
• - When required to comply with law, enforce terms, investigate abuse, or protect users, the product, or the public.
• - As part of a merger, acquisition, financing, or asset sale, subject to appropriate confidentiality and legal requirements.

We do not share user data with advertising platforms, data brokers, or other information resellers, and we do not use user data for personalized advertising.

The web app uses cookies for authentication. The extension uses Chrome local storage for workspace connection state, runtime status, cached identifiers, and related operational data. The extension may also read LinkedIn session cookies and tokens locally in your browser so it can authenticate LinkedIn requests you have asked it to perform.

Web app access cookie

Up to 30 minutes

Web app refresh and CSRF cookies

Up to 14 days

Extension handoff codes

Up to 2 minutes

Extension connect tokens

Up to 10 minutes

Extension local storage

Until you disconnect the extension, clear browser data, uninstall the extension, or overwrite the stored state by reconnecting.

Workspace, prospect, and runtime history

Retained while the account or workspace remains active, then deleted on request or account/workspace deletion unless longer retention is required for security or legal reasons.

We limit data handling to the product features we describe, request only the permissions needed for those features, and use technical and organizational controls intended to protect data in transit and at rest.

• - Workspace API keys are not stored in plaintext on the server after issuance.
• - Authentication cookies are scoped to the web app and used for sign-in sessions.
• - You can disconnect the extension, clear extension/browser storage, or uninstall the extension at any time.
• - You can request access, correction, or deletion of your account or workspace data by emailing the privacy contact listed below.
• - We may need to retain limited records for security, abuse prevention, or legal compliance even after a deletion request.

• - We use user data only to provide or improve the user-facing prospecting, outreach, syncing, CRM, and analytics features described in the product UI and store listing.
• - We do not sell user data, use it for personalized advertising, or transfer it to data brokers or resellers.
• - We do not allow people to read private user data except when you explicitly ask for support, when it is necessary for security or abuse investigation, or when required by law.
• - If a feature sends data to a third party you choose, such as a webhook destination, that transfer happens only because you configured that destination for the requested workflow.

For privacy questions, data access requests, correction requests, or deletion requests, contact: