Privacy Policy

Tellora, Inc. ("Tellora", "we", "us", or "our") operates the Tellora platform available at app.tellora.ai and the Tellora Chrome Extension (together, the "Service"). This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using the Service you agree to the collection and use of information in accordance with this policy.

Account information. When you sign up we collect your name, email address, and any profile information you provide through our authentication provider (Clerk).

CRM data. Contacts, companies, deals, notes, and other records you create or import inside the Tellora platform.

Chrome Extension: LinkedIn profile data. When you click Save on a LinkedIn profile page, the extension reads publicly visible profile information directly from the page and LinkedIn's internal API, including:

• Full name, job title, headline, and company
• Location, industry, and employee count
• Profile photo URL
• Recent public post text (up to 3 posts)
• LinkedIn profile URL

This data is transmitted over HTTPS to your Tellora account and stored as a prospect record. No LinkedIn data is stored locally in the extension. It is sent directly to your account and nowhere else.

Chrome Extension: LinkedIn session cookie. The extension reads your LinkedIn JSESSIONID session cookie solely to derive the CSRF token required by LinkedIn's API. This cookie value is never transmitted to Tellora's servers. It is used in-memory, within your browser, only for the duration of the scrape request.

Usage data. We collect standard server logs (IP address, browser type, pages visited, timestamps) and product analytics to improve the Service.

• Provide, operate, and improve the Tellora platform
• Store and display CRM records you create
• Run AI enrichment and scoring on prospect records
• Send transactional emails (account, billing, security)
• Comply with legal obligations

We do not sell your data or your contacts' data to any third party.

We share data only with:

• Infrastructure providers: cloud hosting, database, and storage providers operating under data processing agreements
• AI providers: Google Gemini and similar services, used to generate enrichment insights. Data sent is limited to company names, job titles, and publicly available context
• Legal requirements: if required by law or to protect our rights

We retain your account and CRM data for as long as your account is active. You may delete individual records at any time. Upon account deletion, all your data is permanently removed within 30 days.

All data is transmitted over HTTPS. Passwords are never stored. Authentication is handled by Clerk. We use industry-standard security practices including encryption at rest and regular security reviews.

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data
• Object to or restrict certain processing
• Data portability

To exercise any of these rights, email us at privacy@tellora.ai.

The Tellora web application uses session cookies for authentication. The Chrome Extension reads a LinkedIn session cookie in-browser only (see Section 2). We do not use third-party advertising cookies.

The Service is not directed to individuals under 16. We do not knowingly collect personal data from children.

We may update this policy from time to time. We will notify you of significant changes by email or by posting a notice in the app. Continued use after changes constitutes acceptance.

Questions or requests regarding this Privacy Policy should be sent to privacy@tellora.ai.