Tellora, Inc. ("Tellora", "we", "us", or "our") operates the Tellora platform available at app.tellora.ai and the Tellora Chrome Extension (together, the "Service"). This Privacy Policy explains what information we collect, how we use it, and the choices you have.
By using the Service you agree to the collection and use of information in accordance with this policy.
Account information. When you sign up we collect your name, email address, and any profile information you provide through our authentication provider (Clerk).
CRM data. Contacts, companies, deals, notes, and other records you create or import inside the Tellora platform.
Chrome Extension: LinkedIn profile data. When you click Save on a LinkedIn profile page, the extension reads publicly visible profile information directly from the page and LinkedIn's internal API, including:
This data is transmitted over HTTPS to your Tellora account and stored as a prospect record. No LinkedIn data is stored locally in the extension. It is sent directly to your account and nowhere else.
Chrome Extension: LinkedIn session cookie. The extension reads your LinkedIn JSESSIONID session cookie solely to derive the CSRF token required by LinkedIn's API. This cookie value is never transmitted to Tellora's servers. It is used in-memory, within your browser, only for the duration of the scrape request.
Usage data. We collect standard server logs (IP address, browser type, pages visited, timestamps) and product analytics to improve the Service.
We do not sell your data or your contacts' data to any third party.
We share data only with:
When you connect a Google account, Tellora requests only the scopes needed to operate as your email and scheduling workspace:
gmail.modify) — to read and sync your email conversations into the relevant contact's timeline, send outreach and replies you compose in Tellora, and move a message to Trash when you delete it in the app. We do not permanently delete mail or change your Gmail settings.calendar.readonly) — to display your meetings on the contact timeline and calculate your availability for booking links. We never create or modify events on your Google Calendar.Use with AI. To provide lead scoring, conversation summaries, and reply drafting, the content of relevant email messages may be sent to our AI provider (Google Gemini) for processing. This data is used only to generate results for you and is not used to train or improve any generalized or third-party AI/ML models.
Storage and security. OAuth tokens and synced Google data are encrypted at rest and transmitted over HTTPS. We never sell Google user data or use it for advertising.
Your control.You can disconnect a Google account at any time in Settings → Integrations, which revokes Tellora's access. Deleting your Tellora account revokes all Google OAuth grants and permanently removes synced Google data within 30 days.
Limited Use.Tellora's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We retain your account and CRM data for as long as your account is active. You may delete individual records at any time. Upon account deletion, all your data is permanently removed within 30 days.
All data is transmitted over HTTPS. Passwords are never stored. Authentication is handled by Clerk. We use industry-standard security practices including encryption at rest and regular security reviews.
Depending on your location, you may have the right to:
To exercise any of these rights, email us at privacy@tellora.ai.
The Tellora web application uses session cookies for authentication. The Chrome Extension reads a LinkedIn session cookie in-browser only (see Section 2). We do not use third-party advertising cookies.
The Service is not directed to individuals under 16. We do not knowingly collect personal data from children.
This section summarizes, in one place, how the Tellora – Save to CRM Chrome extension collects, uses, stores, and shares user data.
Data we collect. When you click Save on a LinkedIn profile, the extension collects publicly visible profile information from that page and LinkedIn's API: full name, job title/headline, company, location, industry, employee count, profile photo URL, profile URL, and up to three recent public post excerpts. To authenticate requests to LinkedIn's API, the extension reads your LinkedIn JSESSIONID session cookie. The extension also stores your Tellora API access token in your browser's local extension storage.
How we handle and use it. Collected profile data is used solely to create or update a prospect record in your Tellora account. The JSESSIONID cookie is used only, in-memory within your browser, to derive the CSRF token LinkedIn's API requires — it is never transmitted to Tellora. The stored API token is used only to authenticate you to your Tellora account.
How we store it. Profile data is transmitted over HTTPS and stored in your Tellora account on our servers, encrypted at rest. The Tellora API token is stored locally via Chrome's extension storage and is removed when you sign out or uninstall the extension. No LinkedIn profile data and no cookie value is stored inside the extension itself.
How we share it. Collected data is sent only to your own Tellora account. We do not sell it or share it with data brokers. It is processed by our infrastructure and AI providers solely to provide Tellora's features, as described in Sections 4 and 5, and is not transferred to any other party except as required by law.
Retention and deletion. You can delete any saved prospect at any time inside Tellora. Uninstalling the extension removes the locally stored API token. Deleting your Tellora account permanently removes associated data within 30 days (see Section 6).
We may update this policy from time to time. We will notify you of significant changes by email or by posting a notice in the app. Continued use after changes constitutes acceptance.
Questions or requests regarding this Privacy Policy should be sent to privacy@tellora.ai.