1. Commitment to Data Protection
PowerIn (“we”, “us”, “our”) provides software tools to help businesses connect and grow via social engagement automation and content amplification. We are fully committed to protecting your privacy and complying with the European General Data Protection Regulation (Regulation (EU) 2016/679 – “GDPR”) and all applicable data protection laws.
2. User Responsibility
As per LinkedIn’s Terms of Service, users are strictly responsible for the way they use third-party tools such as PowerIn.
By using PowerIn, you acknowledge and agree that:
- You are solely responsible for your actions on LinkedIn, X (Twitter), or any other platform integrated via PowerIn.
- You must ensure your use of the tool complies with the Terms of Service of any third-party platforms.
- You accept full liability for any consequences, including account bans or data violations, resulting from your use of the tool.
PowerIn provides the technical means but does not intervene in how the user operates or deploys it.
3. What Information We Collect
a. From Our Website
When you visit our website, we collect limited technical and usage data for analytical and security purposes:
- IP address, geolocation, browser type
- Pages visited, time spent, session behavior
If you create an account, we collect:
- Name, email address, and (optionally) company
- Payment information (if you subscribe to a paid plan)
- Phone number (only if verification is required; also used for marketing on Whatsapp on approval - if checkbox is approved)
b. From Support Channels
If you contact us via email or chat, we retain the conversation and any data you voluntarily share. This information is deleted within 6 months of account deletion.
3bis. Chrome Extension
PowerIn offers a browser extension, Accounts Copilot, available on the Chrome Web Store. This section
describes the data practices specific to the extension.
a. What the Extension Collects
When you install Accounts Copilot and explicitly initiate a synchronization, the extension accesses and
transmits the following data:
- Authentication information: session cookies and authentication tokens associated with your
LinkedIn and X (Twitter) accounts. This data is collected solely to establish and maintain the
connection between your social media accounts and your PowerIn account. - Basic account identifiers: your public profile identifiers on LinkedIn and X (Twitter), used to
associate the synced accounts with your PowerIn dashboard. - Technical data: the URL of the active tab, only on the domains listed in the extension's permissions
(linkedin.com, x.com, twitter.com, powerin.io), strictly to detect when a supported page is open and
enable the sync feature.
The extension does not collect: browsing history outside the listed domains, keystrokes, page content
unrelated to authentication, health or financial information, personal communications (private
messages, emails), or location data.
b. How Extension Data Is Used
Data collected by Accounts Copilot is used exclusively to:
- Connect your LinkedIn and X (Twitter) accounts to the PowerIn platform, at your explicit request
- Maintain the validity of that connection so the PowerIn service can operate on your behalf
- Detect connection errors and notify you when re-authentication is required
We do not use extension data for advertising, analytics unrelated to the service, or profiling.
c. Data Transmission, Storage and Retention
- All data collected by the extension is transmitted to PowerIn servers exclusively over encrypted
connections (HTTPS/TLS). - Session tokens are stored encrypted at rest and are accessible only to the automated systems
required to operate the service. - Session tokens are retained for as long as the account connection remains active. Upon
disconnection or account deletion, tokens are permanently deleted within 30 days. - Extension-related data is also deleted upon request at contact@powerin.io.
d. Data Sharing — Third Parties
Data collected by the Accounts Copilot extension is shared only with the following parties, strictly to provide the service:
- PowerIn (operated by Par Toutatis Limited) — our own servers, which receive and store the
session tokens to operate the sync feature. - Hosting and infrastructure providers — we host on our own servers and databases. These process data on our
behalf under data processing agreements and do not access it for their own purposes. - LinkedIn (Microsoft Corporation) and X Corp. — the extension transmits your existing session
credentials back to these platforms' own endpoints to perform actions you have authorized, exactly
as your browser would.
We do not share extension data with any other third party. We do not sell user data. We do not share it
with advertisers, data brokers, or analytics companies. Data may be disclosed to public authorities only where required by applicable law.
e. User Consent and Control
The extension only collects and transmits data after you explicitly click the sync action. Installing the
extension alone does not trigger any data collection. You may revoke access at any time by
disconnecting your accounts in the PowerIn dashboard, uninstalling the extension, or changing your
LinkedIn / X (Twitter) password (which invalidates the session tokens).
f. Limited Use Disclosure
PowerIn's use of information received from the chrome extension extension adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically: we only use the data to provide or improve the extension's single purpose (syncing your social accounts to PowerIn); we do not transfer it except to provide that feature, to comply with applicable laws, or as part of a merger or
acquisition with prior user notice; we do not use it for personalized advertising; and we never allow
humans to read this data except with your explicit consent for support purposes, for security
investigations, or to comply with the law.
4. How We Use Your Data
We process your data to:
- Provide you access to our platform and services
- Send onboarding messages, product updates, and invoices
- Offer technical support and manage customer relationships
- Perform security checks and prevent fraud
- Improve product features via internal analytics (e.g. A/B testing)
We do not use your data to enrich third-party databases, and we do not resell or exploit private usage data.
5. Use of Public Data
To help businesses discover each other, we may display publicly accessible business data (e.g. LinkedIn job titles or company details). This data is:
- Indexed only from publicly available sources
- Regularly reviewed and removed when outdated
- Never enriched with confidential or user-supplied information
If your business or personal data was found publicly, you can contact us at any time to update or request removal.
6. Your Rights Under GDPR
You have full control over your data and the following rights:
- Access: Know if we hold personal data and what that data is
- Rectification: Correct or update inaccurate data
- Erasure: Request deletion of your personal data
- Restriction: Limit how your data is processed in certain cases
- Portability: Receive your data in a machine-readable format
- Objection: Object to processing, including for marketing purposes
- Withdraw consent: If we process data based on your consent, you can revoke it anytime
If you're a PowerIn user, you can manage most of this directly in your dashboard.
7. Deleting Your Data
- You may delete your account at any time via the dashboard.
- All associated personal data will be removed within 3 months, or sooner upon request.
- Payment and invoice data may be retained longer to comply with financial regulations.
If we collected public data about you, we will remove it once it's no longer accessible online or upon your request.
8. Data Retention
- Account data is stored as long as your account remains active or up to 3 years of inactivity
- After that, your data is permanently deleted in accordance with GDPR standards
- For paid customers, some business records may be retained for legal or accounting purposes
9. International Compliance & GDPR Scope
Even if you're not located in the EU, if you interact with or store data from EU citizens using PowerIn, you are subject to the GDPR as a data controller.
We offer a Data Processing Addendum (DPA) for customers who require it. Contact us to sign your copy: contact@powerin.io
10. GDPR Measures & Security
PowerIn applies the GDPR principles globally, regardless of user location. We ensure:
- Pseudonymization of non-essential or sensitive data
- Right to erasure and transparent removal mechanisms
- Continuous audits to purge outdated or inaccurate public records
- Data security: All infrastructure is firewall-protected, monitored by Cloudflare WAF, and requires multi-factor authentication
We treat your data with the highest level of confidentiality and integrity.
11. Security Measures
We use the following technologies to protect user and public data:
- Encrypted storage and secured access control
- Cloudflare for DDoS protection and threat detection
- Role-based access and audit logs internally
- No third-party analytics on personal user behavior
12. Children's Privacy
PowerIn is not designed for or directed at children under 13. We do not knowingly collect personal information from children.
13. Contact & Complaints
If you have a concern about how your data is being handled, reach out to us at contact@powerin.io — we’ll do our best to help.
If unsatisfied, you have the right to file a complaint with your local data protection authority.