Privacy Policy

1. Introduction

Voyager ("we", "our", "us") operates the Voyager LinkedIn automation platform, including the REST API, Chrome extension, and management dashboard. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

By using Voyager, you agree to the collection and use of information as described in this policy.

2. Information We Collect

We collect the following categories of information:

• Account information — tenant name, email address (if provided), and API keys you generate
• LinkedIn session data — browser cookies exported from your LinkedIn session via the Chrome extension or API
• API request logs — timestamps, endpoints accessed, request parameters, and response status codes for debugging and rate limiting
• Webhook configurations — destination URLs, event subscriptions, and signing secrets you configure for notifications
• Usage metrics — aggregate counts of messages sent, connections made, profiles scraped, and other automation actions for rate limit enforcement

3. How We Use Your Information

We use collected information to:

• Authenticate your API requests and maintain session state
• Execute LinkedIn automation workflows on your behalf
• Enforce rate limits and safety controls to protect your LinkedIn account
• Deliver webhook notifications to your configured endpoints
• Monitor system health and debug issues
• Improve the reliability and performance of our services

4. LinkedIn Data

Voyager interacts with LinkedIn on your behalf using your authenticated session. Important details:

• We never store your LinkedIn password. Authentication uses session cookies only.
• Session cookies are stored encrypted at rest in your tenant's isolated data directory
• Scraped LinkedIn data (profiles, conversations, search results) is stored temporarily in your tenant's result files and is not shared with other tenants
• Each tenant operates in an isolated browser context with separate cookies, storage, and proxy routing

5. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share information only in these limited circumstances:

• Your configured webhooks — event data is sent to URLs you explicitly configure
• Proxy providers — web traffic is routed through residential proxy services for geographic routing; proxy providers see network traffic but not decrypted content
• Legal requirements — if required by law, court order, or governmental authority

6. Security

We implement multiple layers of security to protect your data:

• Tenant isolation — each account has isolated browser contexts, data directories, and API key scoping
• HTTPS only — all API communication is encrypted in transit
• HMAC webhook signing — webhook payloads are signed with your secret so you can verify authenticity
• API key hashing — keys are stored as SHA-256 hashes; plaintext keys are shown once at creation
• Per-country proxy routing — traffic exits through residential IPs matching your LinkedIn account's country

7. Data Retention

We retain your data for as long as your tenant account is active. Specifically:

• Session cookies are retained until they expire or you upload new ones
• Result files from phantom executions are retained until manually deleted or the tenant is removed
• API request logs are retained for 30 days
• When a tenant is deleted, all associated data (cookies, results, configurations, API keys) is permanently removed

8. Your Rights

You have the right to:

• Access the data we store about your tenant via the Admin API
• Export your data at any time through the API
• Delete your tenant and all associated data through the Admin API
• Revoke API keys at any time
• Disable or remove webhook configurations

9. Chrome Extension

The Voyager Chrome Extension operates with the following privacy considerations:

• Cookie data is read from your browser and transmitted directly to your Voyager server instance
• The extension stores your API key and server URL in Chrome's local storage only
• No telemetry, analytics, or usage data is collected by the extension
• The extension only activates on LinkedIn domains (linkedin.com)
• Auto-sync (if enabled) monitors for cookie changes and sends updates to your server only

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date at the top of this page. Continued use of Voyager after changes constitutes acceptance of the updated policy.

11. Contact

If you have questions about this Privacy Policy, please contact us through the channels listed on our website.