Privacy Policy

Murph ("we", "us", "our") operates LockedIn, an AI-powered LinkedIn growth platform for B2B sales teams, available at linkedin.bymurph.com. This Privacy Policy explains how we collect, use, share, and protect your information when you use our service.

By using LockedIn, you agree to the collection and use of information described in this policy. If you do not agree, please do not use our service.

2.1 Account Information

• Name and email address (provided during signup)
• Organization name
• Password (stored as a secure hash, never in plaintext)

2.2 LinkedIn Data

When you connect your LinkedIn account, we access the following data via the Unipile API:

• LinkedIn profile information (name, headline, profile URL)
• Post content you create or publish through LockedIn
• Engagement metrics (impressions, likes, comments, reposts)
• ICP (Ideal Customer Profile) account public activity for signal monitoring

2.3 Usage Data

• Feature usage patterns and preferences
• AI-generated content (drafts, suggestions)
• Error logs and performance data
• Browser type, IP address, and device information

2.4 Payment Information

Payment processing is handled entirely by Stripe. We never store credit card numbers. We retain only your Stripe customer ID and subscription status for billing purposes.

We use your information to:

• Provide and operate the LockedIn platform
• Generate AI-powered LinkedIn post drafts using your input and voice settings
• Monitor ICP accounts for engagement opportunities
• Coordinate team amplification campaigns
• Deliver analytics on post performance and follower growth
• Process payments and manage your subscription
• Send transactional emails (account verification, password resets, billing receipts)
• Diagnose technical issues and improve service reliability
• Communicate product updates and respond to support requests

We do not sell your personal data. We share information only with the following service providers (subprocessors) that help us operate LockedIn:

We may also disclose information when required by law, subpoena, or to protect our legal rights.

LockedIn uses essential cookies only for authentication and session management. We do not use advertising, analytics, or tracking cookies. Because we only use strictly necessary cookies, no cookie consent banner is required.

• Account data: Retained while your account is active. Deleted within 30 days of an account deletion request.
• LinkedIn data: Engagement metrics refreshed periodically. ICP signal data retained for up to 30 days.
• AI-generated content: Retained while your account is active so you can access your drafts and history.
• Payment records: Retained as required for tax and legal compliance.
• Error logs: Automatically purged after 90 days.

We take the security of your data seriously and implement appropriate technical and organizational measures, including:

• Encryption in transit (TLS/HTTPS) and at rest
• Row-Level Security (RLS) ensuring multi-tenant data isolation in our database
• API keys stored as SHA-256 hashes
• Integration credentials stored encrypted
• Rate limiting on all API endpoints
• Webhook signature verification
• Security headers (HSTS, X-Frame-Options) on all responses

No system is 100% secure. If you discover a vulnerability, please report it to support@bymurph.com.

If you are in the European Economic Area or a jurisdiction with similar privacy laws, you have the right to:

• Access: Request a copy of all personal data we hold about you
• Rectification: Correct inaccurate or incomplete personal data
• Deletion: Request deletion of your personal data
• Export / Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing of your personal data for certain purposes
• Withdraw consent: Revoke previously given consent at any time

To exercise any of these rights, email us at support@bymurph.com. We will respond within 30 days.

Your data may be processed in the United States and the European Union, where our service providers operate. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

LockedIn is a B2B product and is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date above. Your continued use of LockedIn after changes are posted constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or how we handle your data, contact us at:

• Email: support@bymurph.com
• Web: bymurph.com