Privacy Policy — Chrome Extension

Last updated: April 23, 2026

This page precisely describes the data collected by the Marvin V2 Chrome extension, who it is transmitted to, and how long it is retained. It is kept up to date with every material change to the scope of processing.

Data Controller

Marvin SAS — marvin-recruiter (France). The extension is a professional tool intended for an authenticated recruiter user with an account on app.marvins.ai. No processing is performed for an unauthenticated user.

Data Collected

The extension collects the following categories of data, only when the user has explicitly initiated an action (opening the side panel, importing a profile, sending a message):

| Category | Content | Source | | ------------------- | --------------------------------------------------------------------- | --------------------------- | | Account identifiers | userId, tenantId, user email | SSO cookie app.marvins.ai | | LinkedIn profiles | Name, title, company, profile URL viewed, education, work experiences | LinkedIn DOM, via Unipile | | Technical data | Extension version, browser locale, session identifier | Browser | | Telemetry | Usage events (sidepanel_opened, profile_imported, errors) | Extension runtime |

The extension does not collect: browsing history outside LinkedIn, private LinkedIn messages (outside threads opened via a Marvin outreach), payment data, geolocation.

Recipients and Outbound Flows

Data leaves the extension only to the following recipients. All flows are encrypted with TLS 1.2+.

| Recipient | Data | Hosting | | ----------------------------- | -------------------------------------- | ------------------ | | Marvin API (api.marvins.ai) | Identifiers, imported profiles, events | Google Cloud (EU) | | Unipile | LinkedIn auth, profile operations | EU (sub-processor) | | Sentry | Runtime errors, stack traces | EU (sentry.io EU) | | Grafana Cloud | Technical traces and metrics | EU | | LaunchDarkly | Feature flag evaluation (userId) | US (DPF-certified) |

No data is sold. No advertising sharing. No data is transmitted to LinkedIn outside the user's normal browser traffic.

Legal Basis

  • Contract performance (GDPR art. 6.1.b) for the recruiter user: providing the Marvin service.
  • Legitimate interest (GDPR art. 6.1.f) for the LinkedIn profiles processed: allowing the recruiter to organize their professional prospecting in accordance with LinkedIn's public purpose. The candidate is informed at the first outbound interaction.

Retention Period

| Data | Period | | ---------------------------- | ------------------------------------------- | | Local JWT (chrome.storage) | Until logout or 7 days (automatic rotation) | | Imported profiles | Tenant lifetime (deletion on request) | | Sentry logs | 90 days | | Grafana traces | 30 days | | Telemetry events | 13 months maximum (analytics) |

Rights of Individuals

Any concerned individual may exercise their rights of access, rectification, erasure, restriction, portability and objection:

  • Recruiter user — via the app.marvins.ai interface or by writing to privacy@marvins.ai.
  • Candidate / imported profile — by writing to privacy@marvins.ai. An identity verification procedure is in place before processing.

Complaints may be addressed to the CNIL (www.cnil.fr).

Local Storage

The extension uses chrome.storage.local (browser API, isolated per extension) to persist:

  • The authentication JWT (encrypted at rest by Chrome).
  • User preferences (locale, last opened panel).

No third-party cookies are set. chrome.storage does not leave the user's machine.

LinkedIn Cookies (li_at / li_a)

When the user clicks Connect in the side panel to link their LinkedIn account, the extension reads the li_at (LinkedIn session) and, if present, li_a (Premium token) cookies via the chrome.cookies API — and only at that specific moment. They are never read in the background, never stored in chrome.storage, never persisted on the extension side.

These values transit encrypted via TLS to the Marvin API, which immediately forwards them to Unipile to provision the session server-side. The Marvin API never stores li_at / li_a in database: only the Unipile identifier (account_id) is persisted after the exchange. The user can revoke the connection at any time from Settings > Integrations.

Chrome Permissions Requested

| Permission | Usage | | ------------------- | ------------------------------------------------------------------------------ | | storage | JWT and preferences persistence | | sidePanel | Display of the Marvin interface in the browser side panel | | cookies | Reading the app.marvins.ai SSO cookie (JWT) and, at click-time, li_at/li_a | | activeTab | Contextual reading of the active LinkedIn page | | Host linkedin.com | Content script injection on LinkedIn pages | | Host *.marvins.ai | Authenticated API calls |

No broad <all_urls> permission is requested.

Changes

Any material change to this policy is the subject of a new version of the extension and an in-panel notification on first startup after the update.

Contact: privacy@marvins.ai.