1. Overview
Wingmano ("we", "the extension") is a Chrome browser extension that helps users manage LinkedIn outreach workflows. This Privacy Policy explains what data the extension accesses, how it is stored, and what is shared with third parties.
2. Data We Access
The extension reads the following data exclusively to provide its core functionality:
- LinkedIn profile data — publicly visible information on LinkedIn pages you navigate to while the extension is active: full name, headline, company, location, and profile URL. This data is collected only when you explicitly start an extraction.
- AI API keys — the API keys you voluntarily enter in the Settings tab for your chosen LLM provider (e.g., OpenAI, Anthropic, etc.).
3. How Data Is Stored
All data is stored locally inside your browser only:
- Lead data (names, profiles, campaign state) is stored in your browser's IndexedDB via Dexie.js. It never leaves your device.
-
API keys are stored in
chrome.storage.sync, which is encrypted and managed by Chrome. They are used solely to make requests from your browser directly to the AI provider you selected. -
Session state (e.g., extraction progress) is stored in
chrome.storage.sessionand is cleared when you close the browser.
4. Data We Do NOT Collect
- We do not collect analytics, telemetry, or usage data.
- We do not collect your name, email address, or any account information.
- We do not use cookies or tracking pixels.
- We do not sell, share, or transmit your data to any external servers operated by us.
5. Third-Party Services
When you use the AI message generation feature, the extension sends text content (profile context and your message templates) directly from your browser to the AI provider you configured. The following providers are supported:
Each provider's own privacy policy governs how they handle the data you send them. We recommend reviewing the privacy policy of your chosen provider. When you use Ollama or LM Studio, all inference happens locally on your machine — no data leaves your device.
Your API key is sent directly from your browser to the provider's API endpoint. It is never visible to or stored by Wingmano's developers.
6. LinkedIn Interaction
Wingmano executes user-defined workflows on LinkedIn (visiting profiles, sending connection requests, sending messages) on your behalf, using your existing LinkedIn session. The extension operates within your browser under your account — it does not create separate accounts or use proxies. You are responsible for ensuring your use of the extension complies with LinkedIn's Terms of Service.
7. Permissions Explained
- storage — to save your leads, campaigns, and settings locally.
- tabs — to open LinkedIn pages required for workflow steps.
- scripting — to interact with LinkedIn page elements on your behalf.
- alarms — to schedule workflows within your configured working hours.
- sidePanel — to display the extension's dashboard in Chrome's side panel.
- webNavigation — to detect when LinkedIn pages finish loading during a workflow.
- Host permissions (linkedin.com + AI provider APIs) — to interact with LinkedIn pages and to send your API requests to the AI provider you selected.
8. Data Retention and Deletion
Your data exists only in your browser. You can delete it at any time by:
- Using the delete functions within the extension's UI.
- Removing the extension from Chrome (this wipes all associated storage).
- Clearing your browser's site data for the extension.
We have no ability to access or delete data on your device on your behalf.
9. Children's Privacy
Wingmano is not directed at children under 13. We do not knowingly collect any personal information from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted at this URL with an updated effective date. Continued use of the extension after changes constitutes acceptance of the updated policy.
11. Data Controller
The data controller responsible for the processing described in this policy is:
Black Lion S.r.l.s.
Via San Francesco 28, Inarzo 21020 (VA), Italia
P.IVA: IT03671200123
blacklionsrl.italia@gmail.com
12. Your Rights Under GDPR
If you are located in the European Economic Area, you have the following rights regarding your personal data under the General Data Protection Regulation (GDPR):
- Right of access — you can request a copy of the data we hold about you.
- Right to rectification — you can ask us to correct inaccurate data.
- Right to erasure — you can ask us to delete your data.
- Right to restriction — you can ask us to limit how we use your data.
- Right to data portability — you can request your data in a machine-readable format.
- Right to object — you can object to processing based on legitimate interests.
Since all data is stored locally in your browser, you can exercise most of these rights directly by deleting data within the extension or uninstalling it. For any other requests, contact us at blacklionsrl.italia@gmail.com.
You also have the right to lodge a complaint with the Italian data protection authority:
Garante per la Protezione dei Dati Personali
www.garanteprivacy.it
13. Legal Basis for Processing
The processing of personal data described in this policy is based on the performance of a contract (Art. 6(1)(b) GDPR) — specifically, providing the extension's functionality as requested by you. API keys and settings are processed on the basis of your consent (Art. 6(1)(a) GDPR), which you can withdraw at any time by removing the extension or clearing its data.
14. Contact
For any questions about this Privacy Policy or to exercise your rights, contact us at:
blacklionsrl.italia@gmail.com