fulcrum

Privacy Policy: Browser Extension

Fulcrum AM Tools · Last updated: May 2026

Privacy Policy — Fulcrum AM Tools (Browser Extension)

Last updated: 2026-05-09

This privacy policy describes the data handling practices of the Fulcrum AM Tools Chrome extension. The extension is published by FULCRUM TECHNOLOGIES PTE. LTD. and is intended for internal use by Fulcrum account managers.

For data handling practices of the broader Fulcrum platform (the web application at usefulcrum.io and its backend services), see the main Privacy Policy.

What the extension does

Fulcrum AM Tools lets a signed-in Fulcrum account manager (AM) import a LinkedIn profile into a Fulcrum project from any LinkedIn profile page (linkedin.com/in/<handle>). The AM clicks the extension's toolbar icon, picks a destination project, clicks Import, and the LinkedIn URL is sent to the Fulcrum backend, which enriches it via a third-party data provider (People Data Labs) and stores the resulting profile as a candidate against that project.

What the extension reads

  • The active tab's URL. When the AM clicks the toolbar icon on a LinkedIn profile page, the extension reads the URL of the active tab via Chrome's activeTab permission so it knows which profile to import. The extension does not read the page's contents, the AM's LinkedIn cookies, or any other browser data.
  • The AM's Fulcrum API token — entered manually by the AM during the one-time connect step. Tokens are generated by the AM in their own Fulcrum account at Account → API Tokens.
  • The Fulcrum server URL — entered or chosen by the AM during the one-time connect step (defaults to the Fulcrum production endpoint).
  • The signed-in AM's name and email — fetched from GET /api/users/me on the Fulcrum backend after connect, and displayed in the popup header so the AM can confirm which account they are signed in as.

What the extension transmits

When the AM clicks "Import advisor":

  1. The active tab's LinkedIn URL is sent to the Fulcrum backend over HTTPS, authenticated with the AM's API token.
  2. The Fulcrum backend then calls People Data Labs (PDL) to enrich the LinkedIn URL into structured profile data (name, role, current and past employers, education, skills, public contact details).
  3. The enriched record is stored in the AM's Fulcrum workspace as a candidate against the project the AM selected.

The extension itself only sends the LinkedIn URL plus the AM's API token to the Fulcrum backend. The server-side enrichment via PDL is governed by the main Fulcrum Privacy Policy and PDL's own privacy policy.

What the extension stores locally

The extension uses Chrome's chrome.storage.local API to persist three values on the AM's device only:

  1. The AM's Fulcrum API token.
  2. The Fulcrum server URL the AM chose.
  3. The ID of the most recently used Fulcrum project (so the project picker remembers the previous selection).

These values never leave the AM's device except as part of authenticated requests to the Fulcrum backend the AM explicitly configured.

Clicking Logout in the popup removes the stored API token. Uninstalling the extension or clearing browser storage clears all three values.

Third parties

The extension itself does not transmit any data to any third party. Server-side enrichment of LinkedIn URLs via People Data Labs is performed by the Fulcrum backend (not by the extension) and is described in the main Fulcrum Privacy Policy.

The extension's popup loads the Inter and Source Serif 4 web fonts from Google Fonts using a standard <link rel="stylesheet"> tag. Google Fonts may log the requesting IP address as part of standard CDN operation. No identifiers from the extension are sent in these requests.

Data we do not collect

The extension does not:

  • Read the contents of any web page (only the URL of the active tab when the AM clicks the icon).
  • Access the AM's LinkedIn account, cookies, or session.
  • Track browsing history, page visits, or user activity outside of the explicit Import action.
  • Send analytics, telemetry, or usage data to any party.
  • Use cookies (it has no UI to set them).
  • Use eval(), new Function(), or any other dynamic-code-execution mechanism.

Permissions the extension requests

PermissionWhy it's needed
activeTabRead the active tab's URL when the AM clicks the toolbar icon on a LinkedIn profile page.
storagePersist the AM's API token, server URL, and last-used project ID in chrome.storage.local.
tabsDetect navigation to LinkedIn profile URLs so the toolbar icon's badge can indicate a profile is ready to import.
Host permission https://api.usefulcrum.io/*Send authenticated requests to the Fulcrum backend (the only network endpoint the extension contacts).

Retention

Imported candidate data is retained inside the AM's Fulcrum workspace according to the retention practices described in the main Fulcrum Privacy Policy. The extension itself does not retain any data of its own beyond the local-storage values listed above.

Changes to this policy

We may update this policy from time to time as the extension evolves. Material changes will be reflected by an updated "Last updated" date at the top of this page.

Contact

Questions about this policy or data handling can be sent to hello@usefulcrum.io.