PitchKraftBack to home

Privacy Policy

Last updated: May 29, 2026

Overview

PitchKraft is a Chrome extension that helps you write personalized LinkedIn outreach messages. We take your privacy seriously. This policy explains what data is collected, where it goes, and how it is used.

Data We Collect

PitchKraft collects the minimum data required to generate a message:

  • LinkedIn profile URL: the URL of the profile you are viewing, used to fetch public profile information via Apify.
  • Sender details: your name and role as entered in the extension. These are stored locally in your browser only.
  • Message preferences: purpose, tone, and message type. These are used solely to generate your message.

Account & Authentication

PitchKraft requires you to sign in with your Google account. When you sign in, we receive and store the following on our servers:

  • Your name, email address, profile picture, and Google account ID.
  • Your plan tier and message usage count, used to enforce your plan's monthly message limit.

This data is stored to create your account and manage your usage. We only request access to your basic Google profile (name, email, picture). We do not access your Google contacts, Gmail, Drive, or any other Google services.

Data We Do Not Collect

  • We do not collect your LinkedIn credentials or password.
  • We do not store your generated messages on any server.
  • We do not track your browsing history or LinkedIn activity.
  • We do not sell or share your data with third parties for advertising.

Local Storage

The extension stores the following data locally in your browser using Chrome's built-in storage APIs:

  • chrome.storage.sync: your name and role, synced across your Chrome devices. Never sent to our servers.
  • chrome.storage.local: a temporary cache of the last fetched LinkedIn profile and generated message, plus a session token identifying your signed-in session. The profile and message cache is cleared automatically when you visit a different profile. The session token is used to authenticate your API requests and is removed when you sign out.

Third-Party Services

PitchKraft uses the following third-party services to operate:

  • Apify: used to fetch publicly available LinkedIn profile data (name, headline, experience, posts). Only the LinkedIn profile URL is sent to Apify. See Apify's Privacy Policy.
  • OpenAI: used to generate the outreach message. The fetched profile summary and your message preferences are sent to OpenAI's API. No personally identifying information beyond what is publicly visible on LinkedIn is included. See OpenAI's Privacy Policy.
  • Google: used to sign you in. When you authenticate, Google provides us your name, email, profile picture, and account ID. See Google's Privacy Policy.

Data Retention

We do not retain LinkedIn profile data or generated messages on our servers — these are processed in memory and discarded after each request. We do not log profile URLs or generated messages. We do retain your account information (name, email, profile picture, and message usage count) for as long as your account exists. You can request deletion of your account data at any time by emailing us at the address below.

Children's Privacy

PitchKraft is not directed at children under 13. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy as the product evolves. The date at the top of this page will always reflect the latest revision. Continued use of PitchKraft after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this policy or your data, contact us at:

tusharkumarshah14394@gmail.com