untitled

Privacy

Last updated 14 May 2026.

This is the privacy policy for untitled, a Chrome extension and web app that coordinates LinkedIn engagement across opted-in members of an organization.

What we collect

When you install the extension and connect it to your LinkedIn account:

  • Your LinkedIn public slug, name, headline, and profile picture URL, read from LinkedIn's own /me endpoint via your authenticated session.
  • Your IANA timezone, derived from your browser.

When your organization's admin signs in to the web dashboard:

  • Email address, via Google Sign-In.

When the system detects a LinkedIn post by you or a teammate:

  • The post's public URL and URN.
  • The post's published time.
  • The author's organization member identifier.

When the system schedules engagement on your behalf:

  • The action type (like or save), scheduled time, target post, and outcome.
  • A randomly-generated bearer token used to authenticate your extension to our backend.

What we don't collect

  • Your LinkedIn password or session cookies. The extension never sees them. Engagement actions are fired via standard browser interactions in your own session.
  • The text content of posts.
  • Your browsing history.
  • Activity on any site other than linkedin.com.
  • Sensitive personal data (financial, health, biometric).

How we use it

To coordinate engagement (likes and saves) across opted-in members of your organization, respecting the per-user daily caps, working hours, and safety rules described in the product. Your data is visible to:

  • You.
  • Your organization's admin, for managing membership and reviewing org-level activity.
  • The product operator (the developer), for support and abuse prevention.

We do not sell your data. We do not share it with third parties beyond Google, which authenticates your organization's admin.

Where we store it

In a Postgres database hosted with cloud infrastructure providers within the European Union. Data is encrypted at rest by the hosting provider and transported over HTTPS.

How long we keep it

For the lifetime of your organization's account. When an organization is terminated or deleted, all associated data is purged within 30 days.

Your rights

Under the EU General Data Protection Regulation, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Object to processing.
  • Receive your data in a portable format.

Exercise any of these by emailing lush@vitalityx.de. We respond within 30 days.

Children

The service is not intended for users under 18. We do not knowingly collect data from minors.

Changes

We may update this policy as the product evolves. Material changes are communicated via the extension popup or email to your organization's admin.

Contact

lush@vitalityx.de