Privacy Policy

Last updated: May 27, 2026  ·  Effective: May 27, 2026

1. Who We Are

EngageFlow AI ("we", "our", "the extension") is a Chrome browser extension built by Hassan Zafar. The extension is not affiliated with LinkedIn, X (Twitter), or Anthropic. Contact: hassanzafar619@gmail.com.

2. Data We Process

The extension processes the following data entirely on your device. We never receive, store, or transmit any of it to our own servers because we have none.

3. Data Stored on Your Device

All storage uses the Chrome Storage API on your local device only (except settings, noted below).

• Anthropic API Key — stored in chrome.storage.local (device-only, never syncs to other Chrome profiles). Used exclusively to call the Anthropic Claude API on your behalf.
• Voice Profile — your personal story, writing style description, and post/comment samples you provide or import from your own LinkedIn profile. Stored in chrome.storage.local. Sent to the Anthropic API to match your writing style in generated content.
• Draft History — the last 30 AI-generated drafts you have created (text, platform, tone, topic, timestamp). Stored in chrome.storage.local.
• Scheduled Posts — post text, platform, and scheduled time for posts you queue. Stored in chrome.storage.local.
• Settings — feature toggles (feed scanner on/off), score threshold, reply feature on/off, default tone. Stored in chrome.storage.sync, which Chrome may sync across your own Chrome profiles signed in with the same Google account.

4. Data Read from LinkedIn and X

When you are browsing LinkedIn or X, the extension reads visible page content from your browser's DOM (the HTML already loaded in your tab). Specifically:

• Post and comment text — read when you click "Draft Reply" on a post. Sent to the Anthropic Claude API to generate a reply suggestion.
• Feed post metadata — author name, post text, engagement counts — read to score feed relevance when the Feed Scanner feature is enabled. Scored locally; post text is sent to Anthropic to compute the relevance score.
• Your LinkedIn profile — when you use "Import from LinkedIn" in Settings, the extension opens your own profile URL in a background tab, scrolls it, and reads visible text (posts, about section). This data is stored as your voice profile and sent to Anthropic to generate a writing style summary.

The extension does not read: private messages, password fields, payment information, or any data that is not already visible on the page you are viewing.

5. Data Sent to Third Parties

Anthropic Claude API is the only third party that receives data from the extension.

• What is sent: LinkedIn/X post content, your voice profile samples, your story and writing style description.
• Why: To generate AI-powered reply suggestions and post drafts.
• How: Via HTTPS requests using your own Anthropic API key entered in Settings. We do not use a shared API key.
• Anthropic's data handling is governed by Anthropic's Privacy Policy and Usage Policy.

No other third party receives your data. There are no analytics SDKs, no telemetry, no advertising networks, no tracking pixels, and no crash reporting services in this extension.

6. Cookies

The extension does not use cookies. It uses the Chrome Storage API exclusively for local persistence.

7. Analytics and Telemetry

The extension collects no usage analytics, crash reports, or telemetry of any kind. No data is sent to EngageFlow AI.

8. Data Retention

Data persists in Chrome's local storage until you delete it. Draft history is automatically capped at 30 entries (oldest removed first). You can delete all data at any time from the Settings page using the "Export My Data" or "Delete All My Data" buttons.

9. Your Rights (GDPR / CCPA)

Because all data is stored locally on your device and processed by a third-party AI provider (Anthropic) under your own API key, you are the data controller. The following rights apply:

• Right of access — use the "Export My Data" button in Settings to download a JSON file of all stored data.
• Right to erasure — use "Delete All My Data" in Settings to permanently clear all stored data.
• Right to portability — the exported JSON file is machine-readable and portable.
• Right to withdraw consent — disable the extension or delete all data at any time. Uninstalling the extension removes all stored data.
• Anthropic data requests — for data held by Anthropic as part of API usage, contact Anthropic at anthropic.com/privacy.

10. Children's Privacy

The extension is not directed at children under 13 (or under 16 in the EU). We do not knowingly process data of minors.

11. Security

Your Anthropic API key is stored in chrome.storage.local, which is isolated to this extension and not accessible by other extensions or websites. All Anthropic API calls use HTTPS. We recommend not sharing your Chrome profile with untrusted users, as stored data is accessible to anyone with access to your Chrome profile.

12. Changes to This Policy

We may update this policy as the extension evolves. Material changes will be noted in the extension's update changelog. The "Last updated" date at the top of this page reflects the current version.

13. Contact