Plain English.
Honest disclosure first.

LinkedIn session cookies we read for relay and validation — including li_at, li_a, JSESSIONID, bcookie, lidc, as applicable.

LinkedIn URLs you start exports from, plus payloads fetched while assembling CSV rows during those exports (handled server-side in our orchestration pipeline).

Operational metadata needed to run the service — for example cookie sync history linked to your extension identity and timestamps when sync jobs complete (stored in our Postgres database).

If you use optional sign-in, we store the email address you verify and any settings you save (for example a webhook URL). Core CSV export in the extension does not require a Listful account.

In-browser exports: the extension coordinates LinkedIn API requests using your signed-in session so rows reflect what LinkedIn shows you.

Backend orchestration & enrichment relay: session material is transmitted to Listful's backend for pagination, deduplication, CSV generation, and relay to a subprocessors under contract who run enrichment workloads on their own infrastructure. Continued use requires accepting the consent shown in the extension before your first export.

Cookies generally remain valid until LinkedIn rotates them (often months). Listful attempts periodic background sync (~every six hours) to keep sessions fresh while you remain opted in.

Send connection requests, messages, posts, reactions, or comments on your behalf — read-only access for exports only.

Sell advertising profiles built from unrelated browsing outside the export flows described here.

Bypass LinkedIn authentication — we operate strictly within sessions you already established with LinkedIn.

Uninstall Listful or sign out of LinkedIn to invalidate the active session immediately from LinkedIn's perspective.

Email support@listful.soto request deletion of retained operational records on our side. We'll comply subject to lawful retention obligations (and confirm timelines when those apply).

Vercel hosts the Next.js application surface serving marketing pages and /api routes.

Neon Postgres stores structured operational state (for example users, cookie sync metadata, webhook configuration when you set it, and auth-related tables).

Resend delivers transactional email for magic-link sign-in: your email address and the sign-in link (and minimal message content needed to send that email) are processed by Resend as a subprocessor. Resend's own privacy notice governs how they handle data on their systems.

Enrichment subprocessors receive relayed session material under contract for the purposes described above. We do not name those vendors in product UI; identities used for relay are operational and described at a high level here and in the extension consent.

Segment (Twilio Segment) may load on marketing pages when analytics cookies are accepted and the feature is enabled in our production environment; it can receive page views and product analytics events as configured.

LinkedIn's Terms discourage automated access. Listful only accesses lists your signed-in session already exposes to you and applies pacing/jitter, but automated exports remain inherently risky — rate limits or enforcement actions can occur even when behaving cautiously.