Privacy Policy

Who we are

Linked Panda provides a B2B sales tool that helps teams turn LinkedIn engagement into qualified pipeline. This notice names Linked Panda as the controller for our own website, account, billing, and marketing operations. You can contact us at hi@linkedpanda.com.

Personal data we collect

We collect and process the following categories of personal data:

• Account and workspace data: name, work email, workspace name, role, permissions, invitations, authentication events, and session information.
• Waitlist and communications data: email address, form submissions, support messages, demo requests, and related correspondence.
• Billing data: plan, credit balance, top-up history, checkout status, invoices, tax details, and payment processor references. We do not intend to store full card numbers.
• Website and analytics data: pages visited, events, referrer, campaign parameters, rough device/browser information, and attribution values stored in session storage. We use Plausible analytics through a Linked Panda endpoint and Microsoft Clarity for product analytics such as heatmaps and session insights. We may also process abuse-prevention signals through Cloudflare Turnstile; Cloudflare publishes a Turnstile Privacy Addendum.
• LinkedIn profile and engagement data: public profile information, post engagement such as likes and comments, profile URLs, role, company, company context, enrichment fields, verified work email when available, ICP matches, scores, and CRM/export status.

Where data comes from

We collect some data directly from users when they create an account, join the waitlist, configure a workspace, contact us, or use the product.

Lead and profile data may also come from public LinkedIn pages, customer-provided tracked profiles or posts, CRM/export destinations, and third-party B2B data or email verification providers. Customers are responsible for making sure they have a lawful basis for the profiles, posts, ICPs, and destinations they ask Linked Panda to use.

How we use personal data

We use personal data to:

• provide, secure, maintain, and improve Linked Panda;
• create accounts, workspaces, sessions, and user permissions;
• track configured LinkedIn engagement and deduplicate profiles;
• enrich, verify, score, qualify, filter, export, and route B2B leads;
• process credits, plans, top-ups, invoices, and payments;
• respond to support, waitlist, sales, and demo requests;
• measure website and product performance; and
• detect abuse, enforce terms, and comply with legal obligations.

GDPR legal bases

Where the GDPR or UK GDPR applies, we rely on different legal bases depending on the purpose:

• Contract: to create accounts, provide the product, manage workspaces, support users, and administer plans and credits.
• Legitimate interests: to operate a B2B sales tool, process business contact and engagement data, prevent fraud, secure the service, improve the product, and communicate with business contacts, unless overridden by individual rights.
• Legal obligation: for tax, accounting, compliance, dispute, and regulatory obligations.
• Consent: where legally required, such as certain marketing communications or optional tracking that cannot rely on another basis.

When we rely on legitimate interests for lead enrichment or outreach support, we need to keep that assessment documented and honor valid objections.

How we share personal data

We may share personal data with:

• service providers that host, secure, prevent abuse, email, analyze, support, or operate Linked Panda;
• payment, billing, accounting, and tax providers for paid plans and top-ups;
• B2B enrichment, email verification, and data providers needed to deliver the product;
• CRM, spreadsheet, outbound, or API destinations that a customer connects or exports to;
• professional advisers, authorities, courts, or counterparties where required for legal, safety, or business reasons.

We do not sell personal data in the ordinary consumer-data-broker sense. Linked Panda is a B2B lead workflow product, so customer use of exported lead data must comply with applicable law.

International transfers

We may process personal data in countries outside your own, including through hosting, support, analytics, billing, and enrichment providers. Where required, we will use safeguards such as adequacy decisions, standard contractual clauses, data processing agreements, and vendor diligence.

Retention

We keep personal data only as long as needed for the purposes in this policy, unless a longer period is required for legal, tax, accounting, security, backup, dispute, or abuse-prevention reasons.

Practical retention periods still need to be finalized before launch, including account deletion, lead deletion, billing records, sessions, analytics, backups, and suppression lists for people who object or opt out.

Security

We use technical and organizational measures designed to protect personal data, including access controls, hashed session tokens, least-privilege permissions, transport security, and operational monitoring. No internet service can guarantee perfect security.

Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, export, or object to processing of your personal data. You may also have the right to withdraw consent where processing is based on consent.

To make a request, email hi@linkedpanda.com. If your data was processed on behalf of one of our customers, we may need to refer the request to that customer or coordinate with them.

You may object to B2B lead processing or ask us to suppress your work contact data from future Linked Panda enrichment where legally required. You may also complain to your local data protection authority.

Children

Linked Panda is a B2B service and is not intended for children. We do not knowingly collect personal data from children.

Compliance work still needed

This privacy policy is a public notice, not a complete GDPR program. Before broad launch, Linked Panda should complete and maintain:

• an Article 14 notice strategy for people whose data is collected indirectly as LinkedIn engagers or enriched B2B contacts;
• a documented legitimate-interest assessment;
• a subprocessor list and customer data processing addendum;
• specific retention, deletion, objection, and suppression flows;
• records of processing activities and vendor transfer safeguards; and
• a DPIA review if scoring, profiling, scale, or enrichment risk makes one necessary.

Changes

We may update this policy as Linked Panda changes. The updated version will be posted on this page with a new last updated date. Material changes may also be communicated in-product or by email.