Privacy Policy
What we collect, why, where we keep it, and how to make us forget it. The TL;DR: we collect what the product needs to work and nothing else, and you can delete anything at any time.
§1Controller & contact
xlinked is the controller for lender account data, billing identity, and support correspondence. For LinkedIn profile data routed through your node, we act as a processor on behalf of buyer workspaces — see the DPA. DPO: dpo@xlinked.app. Privacy requests: privacy@xlinked.app.
§2What we collect
- Account & identity — email, name, country, Clerk session metadata, Wise payout handle after you connect payouts.
- Node operation — rotated LinkedIn session material (encrypted), scope preset, pace settings, audit log of reads (URL hash, timestamp, response code — never message bodies).
- Telemetry — request logs, error reports, aggregate uptime. No ad pixels. No cross-site tracking.
§3Legal bases (EU/UK)
| purpose | basis |
|---|---|
| run your node & pay you | contract · Art. 6(1)(b) |
| fraud prevention & security | legitimate interest · Art. 6(1)(f) |
| tax & payout records | legal obligation · Art. 6(1)(c) |
| product analytics (aggregated) | legitimate interest · Art. 6(1)(f) |
§4Where data lives
Workspace and lender operational data are stored in the United States — US East (Washington, D.C.) (us-east-1). Payout KYC is processed by Wise under UK/EU regulation and may reside outside that region. Full region map: GDPR & data residency doc and sub-processors.
§5Retention
- Account data — until deletion request + 30-day purge window.
- Lender audit log — 90 days default; CSV export any time.
- Payout & tax records — 7 years (applicable US records law).
§6Your rights
Access, rectification, erasure, portability, restriction, and objection — exercised from Dashboard · Settings or by email. We respond within 30 days; most within 72 hours. You may contact your local supervisory authority where applicable.