Ln2CRM logoLn2CRM
Login Get started for Free

Privacy Policy

Last updated:

This Privacy Policy explains how Ln2CRM (“Ln2CRM”, “we”, “us”) collects, uses, shares, and protects information when you use our websites, browser extension, and related services (collectively, the “Service”).

Ln2CRM helps you save time by transferring selected profile and company information from professional networking pages to your CRM, and by enabling CRM-side actions from the sidebar (e.g., create/update records, add notes/tasks, check duplicates).

1) Scope and roles

Depending on what you do with the Service, Ln2CRM may act as:

  • Data controller for account, billing, security, and website analytics data that we determine.
  • Data processor for CRM-related content you choose to sync (e.g., contact/company fields, notes, tasks), where you control the purpose and content.

2) Information we collect

2.1 Account and identity

  • Email address, password hash (if you sign up with email/password), and account settings.
  • OAuth identity (Google/Microsoft): provider identifier and basic profile fields returned by the provider (typically email and a stable “sub” identifier).
  • Email verification status (when applicable).

2.2 CRM connection data

  • CRM provider selection and connection status.
  • Encrypted OAuth tokens / API keys needed to connect to your CRM (stored encrypted at rest).
  • Field mapping configuration and preferences (e.g., which CRM fields map to LinkedIn URL / company domain).

2.3 Usage and operational data

  • Basic usage counters (e.g., number of creates/updates, feature usage events) to run the Service, enforce plan limits, and improve reliability.
  • Security and audit logs (e.g., sign-in events, suspicious activity signals, connection failures) to prevent abuse and troubleshoot issues.

2.4 Device and technical data

  • Browser and device info (e.g., browser type/version, OS, language, time zone).
  • Approximate location derived from IP (city/region level) and network diagnostics (for security and reliability).

2.5 Profile data you choose to sync

When you use the extension on a supported page, you may choose to send profile/company information to your CRM. Ln2CRM processes only what is needed to perform your requested action (e.g., create/update a CRM record). We do not “bulk scrape” your account in the background without your actions.

3) Browser extension permissions

The extension requests only the minimum permissions necessary for its core features:

  • activeTab / scripting: to read the LinkedIn profile page you are currently viewing, only when you explicitly trigger an action (e.g., click "Save to CRM"). The extension does not read pages in the background or on other tabs.
  • storage: to persist your settings, authentication token, and UI preferences locally in your browser.
  • sidePanel: to display the Ln2CRM sidebar panel within your browser window.
  • tabs: to detect when you navigate to a supported LinkedIn page, so the extension can become active.

We do not use extension permissions to read your browsing history, access pages unrelated to the Service, or collect data without your explicit in-session action.

4) How we use information

  • Provide the Service: authentication, account management, CRM sync actions you request, and feature delivery.
  • Security: prevent abuse, detect suspicious sign-ins, protect accounts, and secure CRM connections.
  • Support: respond to requests and troubleshoot issues (including integration debugging).
  • Product improvement: understand performance and feature usage to improve UX, stability, and reliability.
  • Billing and compliance: manage subscriptions, invoices, and comply with applicable laws.

4b) AI Copilot data processing

When you use the AI Copilot feature, Ln2CRM assembles a context packet from your CRM records (e.g., contact name, job title, notes, recent emails, company info) and sends it to our AI provider (currently OpenAI) to generate a draft message or comment. By using this feature:

  • You consent to relevant CRM context being processed by OpenAI under their privacy policy and API terms.
  • Do not submit sensitive personal data (e.g., health information, financial details, government IDs) as AI Copilot input.
  • We do not use AI Copilot inputs to train our own models.
  • AI-generated outputs are not stored by us beyond what is necessary for the immediate session.

5) Legal bases (GDPR/EEA/UK where applicable)

  • Contract: to provide the Service you requested (account, CRM sync, support).
  • Legitimate interests: security, fraud prevention, service analytics, and improvement.
  • Consent: where required (e.g., certain marketing communications, optional cookies where applicable).
  • Legal obligation: if we must comply with law enforcement requests or regulatory requirements.

6) Data sharing

We do not sell your personal data. We share data only as described below:

  • CRMs you connect: when you run a sync action, data is sent to your selected CRM provider (Pipedrive, HubSpot, Zoho, Salesforce) based on your explicit configuration and action.
  • AI provider (OpenAI): CRM context data you submit via the AI Copilot feature is processed by OpenAI. See Section 4b.
  • Hosting and infrastructure: our backend runs on cloud infrastructure. Data is stored on servers operated by our hosting provider.
  • Email delivery: we use a third-party email provider to send account verification and security notification emails.
  • Payment processor (Paddle): billing and subscription data is handled by Paddle. We do not store full payment card details. Paddle's privacy policy applies to payment processing.
  • OAuth providers (Google, Microsoft): if you sign in via OAuth, we receive only the profile fields returned by the provider (typically email and a stable identifier). We do not access your Google Drive, Outlook, or other connected services.
  • Legal/safety: if required to comply with a legal obligation, court order, or to protect the rights, property, or safety of Ln2CRM, our users, or the public.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before data is subject to a different privacy policy.

7) Retention

  • Account data: kept while your account is active; deleted or anonymized within a reasonable period after account deletion, unless required for legal reasons.
  • Logs: retained for security and troubleshooting for a limited period, then deleted or aggregated.
  • CRM tokens: stored only while the connection is enabled; you can disconnect at any time to revoke/erase stored credentials on our side.

8) Security

We use industry-standard measures to protect data (including encryption at rest for sensitive secrets, access controls, and audit logging). No method of transmission or storage is 100% secure, but we continuously work to reduce risk.

9) Your choices and rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: request a copy of personal data we hold about you.
  • Correction: request correction of inaccurate or incomplete data.
  • Deletion: request deletion of your account and associated personal data, subject to legal retention requirements.
  • Portability: request your data in a structured, machine-readable format where technically feasible.
  • Restriction / Objection: object to or request restriction of certain processing activities (where applicable under GDPR).
  • Withdraw consent: where processing is based on consent, you may withdraw at any time without affecting the lawfulness of prior processing.
  • Disconnect CRM: remove your CRM connection at any time via Settings — this removes stored credentials from our system immediately.
  • Opt out of marketing emails: use the unsubscribe link in any marketing email. Service emails (account, security) may still be sent.

To exercise any of these rights, email us at team@ln2crm.com. We will respond within 30 days. We may request verification of your identity to protect your account before fulfilling requests.

If you are located in the EEA or UK and believe we have not addressed your concerns, you have the right to lodge a complaint with your local data protection authority.

9b) Note on contacts in your CRM

When you use Ln2CRM to add a person's information to your CRM, you are the data controller for that individual's data. Ln2CRM acts as a data processor on your behalf for that sync operation. You are responsible for ensuring you have a lawful basis under applicable law (e.g., legitimate interest, consent) for storing that person's data in your CRM.

10) Cookies and analytics

Our website may use cookies or similar technologies to keep sessions, remember preferences, and measure performance. You can control cookies through your browser settings. The extension primarily stores settings locally in your browser.

11) International transfers

If data is processed outside your country, we take steps to ensure appropriate safeguards are in place (for example, contractual protections with providers).

12) Children

Ln2CRM is not intended for children. If you believe a child has provided us personal data, contact us and we will take appropriate steps.

13) Changes

We may update this Policy from time to time. The “Last updated” date will reflect the most recent version. Material changes may be communicated in-product or by email.

14) Contact

For privacy questions or requests, email: team@ln2crm.com