Privacy Policy

Lynx Signal ("we", "us", "our") operates the Lynx Signal Chrome extension and the web platform available at lynxsignal.com. This Privacy Policy explains how we collect, use and protect information when you use our products.

2.1 Chrome Extension

When you use the Lynx Signal Chrome extension, it may process the following data:

• LinkedIn post content — text of posts visible in your feed, used solely to detect buying signals. Post content is sent to our secure server for AI analysis and is not stored after processing.
• Author information — publicly visible name, job title, company and LinkedIn profile URL of post authors, used to populate your lead records.
• Saved leads and pipeline data — leads you choose to save, their pipeline stage (Saved, Contacted, Negotiation, Closed) and any notes. This data is stored locally in your browser and optionally synced to your Lynx Signal account.
• Extension settings — your preferences (language, minimum score threshold, signal filters) stored locally in your browser.
• Authentication token and API key — a JWT token and API key issued by Lynx Signal after sign-in, stored locally in your browser via chrome.storage.local to authenticate API requests. These are never transmitted to any third party.

2.2 Google Sign-in

Lynx Signal offers the option to sign in using your Google account via OAuth 2.0. When you choose to sign in with Google, the following data is received from Google and used to create or identify your Lynx Signal account:

• Email address — used as your account identifier. Stored in our database.
• Google account ID — used internally to link your Google identity to your Lynx Signal account. Not exposed to any third party.

We do not receive or store your Google password, Google contacts, Google Drive files, or any other Google account data. We do not store Google OAuth tokens — only the Lynx Signal JWT token issued after successful authentication is stored locally in your browser. Google Sign-in is optional: you may also register with an email and password.

2.3 Web Platform (lynxsignal.com)

• Account information — your email address and password (hashed) when you create an account, or your email obtained via Google Sign-in.
• Billing information — handled entirely by Stripe. We do not store your payment card details.
• Usage data — number of leads saved, credits consumed, campaigns sent. Used to manage your subscription plan limits.

• To provide, maintain and improve the signal detection features of the extension.
• To sync your leads and pipeline across devices when you are signed in.
• To manage your subscription, credits and billing via Stripe.
• To send transactional emails (account confirmation, billing receipts). We do not send marketing emails without your explicit consent.

We do not sell your data to third parties. We do not use your data for advertising purposes.

Lynx Signal uses AI to analyse LinkedIn post content and detect buying signals. When the extension detects a post, the text of that post is transmitted over HTTPS to our backend (Cloudflare Workers), which forwards it to Groq, Inc. (an AI inference provider) for signal classification. The AI returns a signal type, a confidence score and a short explanation. Raw post text is not stored on our servers or by Groq after analysis is complete.

The extension never sends your LinkedIn credentials, cookies or session tokens to our servers or to any third party.

We share data only with the following third parties, for the purposes described:

• Google LLC — identity provider for Google Sign-in (OAuth 2.0). When you choose to sign in with Google, your browser is redirected to Google's authentication servers. Google shares your email address and account ID with us upon successful authentication. We do not share any of your data with Google. Subject to Google's Privacy Policy.
• Groq, Inc. — AI inference provider. LinkedIn post text is sent to Groq's API to perform signal classification. Groq does not store post content after inference. Subject to Groq's Privacy Policy.
• Cloudflare, Inc. — infrastructure provider for serverless compute (Workers) and database (D1). All backend API calls and lead data at rest transit through or are stored on Cloudflare infrastructure. Subject to Cloudflare's Privacy Policy.
• Stripe, Inc. — payment processor. Billing and payment card data is handled exclusively by Stripe. We never receive or store your card details. Subject to Stripe's Privacy Policy.
• Legal requirements — we may disclose data if required by applicable law, court order or to protect the rights and safety of Lynx Signal or its users.

We do not sell, rent or trade your personal data to any other third party for any purpose.

The Lynx Signal Chrome extension requests the following browser permissions and uses them solely as described:

• tabs — used to (1) detect the Google OAuth callback URL in order to store your authentication token after sign-in, (2) redirect the authenticated tab to the dashboard after login, and (3) broadcast settings changes to open LinkedIn tabs so the content script applies new preferences without a page reload. Tab URLs are never stored or transmitted.
• storage — used to store your leads, pipeline data, settings and authentication tokens locally in your browser via chrome.storage.local.
• notifications — used to display follow-up reminders and confirmation alerts (e.g. "Signed in successfully").
• alarms — used to schedule follow-up reminders and a daily cleanup of stale signals older than 30 days.
• Host permission: linkedin.com — required to read post content from your LinkedIn feed in order to detect buying signals.
• Host permission: deal-radar-api / lynxsignal.com — required to sync leads and authenticate with the Lynx Signal backend.

• Lead and pipeline data is retained for as long as your account is active.
• You can delete individual leads at any time from the extension or dashboard.
• You can delete your entire account and all associated data by contacting us at [email protected]. We will process the request within 30 days.
• Local browser data (chrome.storage) is cleared when you uninstall the extension.

All data in transit is encrypted via HTTPS/TLS. Your account password is stored as a salted hash and never in plain text. We follow industry-standard security practices and perform regular security reviews.

If you are located in the European Economic Area, you have the right to:

• Access the personal data we hold about you.
• Rectify inaccurate data.
• Request deletion of your data ("right to be forgotten").
• Object to or restrict processing of your data.
• Receive your data in a portable format.

To exercise any of these rights, contact us at [email protected].

The Lynx Signal website uses a single session cookie to keep you signed in to your account. We do not use tracking cookies or third-party advertising cookies.

Lynx Signal is not directed at children under the age of 16. We do not knowingly collect personal data from children.

We may update this Privacy Policy from time to time. We will notify registered users by email of any material changes. The "Last updated" date at the top of this page always reflects the most recent revision.

If you have any questions about this Privacy Policy or how we handle your data, please contact us: