This Privacy Policy describes how Offerloop.ai ("Offerloop," "we," "us," or "our") collects, uses, and protects your information when you use the Offerloop for LinkedIn Chrome extension (the "Extension"). This policy applies specifically to the Extension. For our full platform privacy policy, please visit offerloop.ai/privacy.

By installing and using the Extension, you agree to the practices described in this policy. If you do not agree, please uninstall the Extension.

1. What the Extension Does

Offerloop for LinkedIn helps students and job seekers connect with professionals directly from LinkedIn. The Extension allows you to:

• Find professional email addresses from LinkedIn profiles.
• Generate personalized outreach emails using AI.
• Save email drafts to your connected Gmail account.
• Generate Coffee Chat Prep documents.
• Generate Interview Prep documents and cover letters from job postings.

2. Information We Collect

a. LinkedIn Page Data

When you click the Extension icon while viewing a LinkedIn profile or job posting, the Extension reads publicly visible information from that page, including:

• Profile pages: Name, headline, current position, company, and profile URL.
• Job pages: Job title, company name, and job description.

This data is transmitted to Offerloop's servers to provide our services (email lookup, outreach drafting, document generation). We do not collect data from any page other than LinkedIn.

b. Authentication Information

When you sign in through the Extension, we collect your Google account email address and basic profile information via Google OAuth (Chrome Identity API). This is used solely for authenticating your Offerloop account.

c. Locally Stored Data

The Extension stores your authentication state and user preferences locally in your browser using Chrome's storage API. This data does not leave your device.

d. Usage and Credit Data

We track your credit balance and feature usage (e.g., emails looked up, drafts created) to manage your subscription and enforce plan limits.

3. Information We Do NOT Collect

• Browsing history: We do not track, collect, or store your general web browsing activity.
• Non-LinkedIn data: The Extension does not read content from any website other than LinkedIn.
• Background activity: The Extension only activates when you click the Extension icon or use the right-click context menu. It does not run in the background.
• Keystrokes or form data: We do not capture any input outside of the Extension's own interface.

4. How We Use Your Information

We use the information collected through the Extension to:

• Look up professional email addresses via our backend service (People Data Labs).
• Generate personalized outreach emails using AI (OpenAI).
• Save email drafts to your connected Gmail account at your request.
• Generate Coffee Chat Prep, Interview Prep, and cover letter documents.
• Authenticate your account and manage your subscription.
• Track credit usage across your account.

5. Third-Party Services

The Extension communicates with the following third-party services to deliver its functionality:

• Firebase (Google): Authentication — receives email, profile info, and auth tokens.
• People Data Labs: Email lookup — receives name, company, and position from the LinkedIn page.
• OpenAI: AI-generated emails and prep docs — receives name, company, position, and context needed for personalization.
• Stripe: Payment processing — receives subscription status only (we never receive full card details).
• Render: Backend hosting — all data processed through our API.

All third-party providers are bound by contractual obligations to protect your data. We do not sell, rent, or trade your data to any third party.

6. Browser Permissions

The Extension requests the following Chrome permissions, limited to what is necessary:

• tabs — Detects when you are on a LinkedIn profile or job page to activate relevant features.
• activeTab — Reads publicly visible LinkedIn page content when you click the Extension icon.
• storage — Saves authentication state and preferences locally in your browser.
• identity — Authenticates you via Google OAuth through Chrome's Identity API.
• contextMenus — Provides right-click menu options for quick access to Extension features.
• notifications — Shows browser notifications when actions complete (e.g., "Draft saved to Gmail").
• downloads — Enables downloading generated PDF documents (Coffee Chat Prep, Interview Prep).

Host permissions are limited to https://*.linkedin.com/* and our backend API server.

7. Remote Code

The Extension loads the Firebase Authentication SDK from Google's official CDN (gstatic.com) to securely handle user authentication. No other remote code is executed.

8. Chrome Web Store User Data Policy Compliance

The use of information received from Chrome APIs adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically:

• Limited use: Data collected through the Extension is used only to provide or improve the Extension's single purpose — professional networking and outreach on LinkedIn.
• Limited transfer: Data is not transferred to third parties except as necessary to provide the service (our backend, OpenAI for content generation, People Data Labs for email lookup).
• No advertising: Data is not used for personalized advertising, retargeting, or interest-based ads.
• No human access: Humans do not read user data except: (a) with your explicit consent for support purposes, (b) for security or abuse investigation, (c) to comply with applicable law, or (d) when data is aggregated and anonymized for internal operations.

9. Data Security

We protect your data through:

• Encryption in transit: All data transmitted between the Extension, our servers, and third-party services uses TLS (HTTPS).
• Encryption at rest: Sensitive data such as OAuth tokens is encrypted using AES-256.
• Access controls: Server access is restricted to authorized systems and personnel.
• Minimal data retention: We retain only what is necessary to provide the service.

10. Data Retention

• Locally stored data (authentication state, preferences) persists until you uninstall the Extension or clear Chrome storage.
• Server-side data (contacts saved, outreach history, credit usage) is retained as long as your Offerloop account is active.
• Deletion requests are honored within 30 days, except where retention is legally required.

11. Your Rights

Depending on your jurisdiction, you may:

• Request access to the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Object to or restrict processing of your data.
• Request your data in a portable, machine-readable format.

To exercise any of these rights, contact us at privacy@offerloop.ai.

12. Revoking Access

You may uninstall the Extension at any time by visiting chrome://extensions in your browser. Upon uninstallation, all data stored locally by the Extension is automatically removed. To request deletion of data stored on our servers, contact privacy@offerloop.ai.

13. Children's Privacy

The Extension is not intended for use by anyone under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect data from children. If we discover such data has been collected, it will be deleted promptly.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Updates are effective immediately once posted with a new "Last Updated" date. We encourage you to review this policy periodically.

15. Contact Us

If you have questions or concerns about this Privacy Policy or the Extension's data practices:

• support@offerloop.ai (general inquiries)
• privacy@offerloop.ai (privacy and data protection)

Offerloop.ai is operated by PipelinePath LLC.