§ A — PRIVACYPRE-LAUNCH · WAITLIST SITEUPDATED · May 2026

What we collect, in plain English.

LinkedInGrade is a Chrome extension still in development. Until it launches, this site exists to share what we're building and to collect waitlist sign-ups. Here's exactly what that involves.

What this site collects today

This site has two surfaces that touch your data: the marketing page with its waitlist form (your email), and the /audit page (your uploaded LinkedIn PDF and, optionally, your email). The details for each are below.

We also use Vercel Analytics to measure basic, aggregated traffic — page views, country-level location, referrer. It does not set advertising cookies and does not build a profile of you across other sites.

The waitlist email

Email addresses submitted through the waitlist form are used for one thing: to email you about LinkedInGrade — when the extension launches, how to install it, and occasional updates about the product. No newsletters about unrelated topics. No selling your address.

Waitlist emails are stored and sent via Kit (kit.com, the email service formerly known as ConvertKit). For waitlist sign-ups, Kit is the only third party that receives your email — they don't flow through the audit-flow processors described below.

That's the full list for the waitlist flow. We do not sell email addresses. We do not share them with advertisers, data brokers, or any other party.

The /audit page on this site

This site also hosts linkedingrade.com/audit — a web-based audit you can run by uploading the PDF your LinkedIn profile produces from More → Save to PDF. The flow is different from a page view, so here's the full picture:

  • When you upload a PDF, we parse it on the server, run our scoring engine, and store the parsed text contents of the PDF (the structured profile fields), the resulting audit report, and a server-side audit ID for up to 90 days. The PDF file itself is not retained — we read it once and discard the bytes.
  • If you submit your email to see the full report, we store that email on the audit record so we can send you the report and a link back to it. We also store the browser user-agent string, and a one-way SHA-256 hash of your IP (peppered with a server secret). We never store your raw IP.
  • During each upload, the audit pipeline calls an internal AI judge service (the same Anthropic-backed proxy hosted on our infrastructure) to evaluate the qualitative parts of your Headline and About. To keep that service usable for everyone, we rate-limit calls per IP — so the audit pipeline forwards a one-way SHA-256 hash of your IP (peppered with the same server secret) to the judge service as a rate-limit key. This hash is kept for at most 25 hours in a short-lived counter (separate from the 90-day audit record). It is never linked to your audit record unless you also submit your email. If you upload without submitting an email, no part of your identity is retained beyond that 25-hour rate-limit window.
  • If you fill in the optional self-assessed checklist (photo, banner, activity, recommendations, featured), those answers are saved on the same audit record. They are recorded for the report only; they are not folded into your composite score and are not used for analytics or marketing.
  • Two third parties receive audit-flow data in production: Brevo (brevo.com), which sends the transactional email, and Vercel KV backed by Upstash (upstash.com), which stores the audit record — including the email association — under a 90-day expiry. No other third parties are involved.
  • The 90-day expiry on the stored record is enforced by Upstash via Redis TTL. After 90 days the record — and your email's association with it — are deleted automatically. If the site is ever run without KV provisioned, the in-memory fallback applies the same 90-day window before evicting a record on read.
  • You can ask us to delete your audit and email association at any time by emailing hello@linkedingrade.com with your audit ID (visible in the result-page URL) or the email you used.

The Chrome extension (when it launches)

The extension itself is not available yet. When it ships, it will come with its own detailed privacy policy describing how audit data is handled. The short version of what we're building:

  • The extension reads the public LinkedIn profile page you choose to audit, in your browser.
  • That profile data is processed in-memory to generate your report. It is not stored on our servers as a long-lived record of the audited profile, and it is not sold to anyone.
  • You stay in control of which profiles you audit. The extension does not run in the background or scrape LinkedIn on its own.

Cookies

This site uses cookies and local storage for two things only: remembering your theme preference (light or dark), and the anonymous analytics described above. No advertising trackers, no cross-site profiling.

Your rights

You can ask us to:

  • Tell you what waitlist data we hold about you.
  • Delete your email from the waitlist.
  • Correct an address if you typed it wrong.

Email hello@linkedingrade.com and we'll handle it. There's no form to fill out.

Children

LinkedInGrade is built for working adults using LinkedIn. The waitlist is not directed at children under 16, and we don't knowingly collect their information.

Changes

When this policy changes, we'll update the date at the top. If a change is material — for example, a new processor — waitlist subscribers will get an email about it.

Who runs LinkedInGrade

LinkedInGrade is built by an independent operator, not a company you can look up in a registry yet. It is not affiliated with, endorsed by, or connected to LinkedIn Corporation or Microsoft. Questions, requests, or concerns: hello@linkedingrade.com.

Honest framing: LinkedInGrade is pre-launch and operated by an individual. We aim to handle data the way we'd want ours handled. If something here is unclear or you think we got it wrong, tell us — we will fix it.