Back
/privacy
Privacy Policy
What we collect, what we do with it, and what's yours to control.
Last updated · June 2026

UpProfiler is a free tool that scores how convincingly a LinkedIn profile and its recent posts tell the same story. This policy explains what data the tool processes when you use it, how that data is handled, and the rights you have over it.

We aim for plain language. If anything below is unclear, email us at info@e.upprofiler.com and we'll explain — or fix the wording.

1. Who runs UpProfiler

UpProfiler is operated by Vertial Holdings Pty Ltd (ABN 72 629 494 926), a company incorporated in Australia with its registered office in Sydney, New South Wales ("we", "us", "our"), in partnership with Jasmin Alić (Bosnia & Herzegovina). We are an "APP entity" under the Privacy Act 1988 (Cth) and handle personal information in accordance with the Australian Privacy Principles (APPs) — our home framework. We also honour the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) for users in those jurisdictions.

For any privacy question, request, or complaint you can contact our Privacy Officer by email at info@e.upprofiler.com or by post to Vertial Holdings Pty Ltd, Sydney NSW, Australia.

2. What we collect

2.1 Information you give us directly

  • LinkedIn profile URL. You paste a public LinkedIn profile URL into the scoring tool. We use that URL to fetch public profile data and to compute the conviction score.
  • Email address. If you submit your email to unlock the deeper report or to sign in via magic link, we store that email.
  • Feedback you send us. If you use the feedback page or the in-app feedback widget, we store your message, your optional star rating, the page you sent it from, and — if you provide them or are signed in — your name and email.

2.2 Information we fetch on your behalf

When you submit a LinkedIn URL, we request publicly available data about that profile through a third-party data-retrieval provider. This typically includes: name, profile photo, banner image, headline, location, follower count, work history, top skills, and recent public posts. We do not access private or restricted LinkedIn data. We also store copies of the public profile images (such as the profile photo and banner) with an image-storage provider, so your report — and its history — keeps displaying them after LinkedIn's temporary image links expire.

2.3 Information generated by the service

  • Your conviction score and the AI-generated analysis (themes, gaps, summary).
  • Score history. Each score is recorded so signed-in users can see their score timeline.
  • Session and authentication data. Session cookies, magic-link verification tokens, sign-in timestamps.

2.4 Technical information

Our hosting provider (Vercel) logs basic request metadata for security and abuse prevention: IP address, user agent, request path, and timestamps. We do not run any analytics or advertising trackers.

3. How we use this data

  • To compute and deliver your score. Fetching the LinkedIn data, running the AI analysis, returning the result.
  • To send the welcome and monthly re-score emails you've opted in to.
  • To let you log in and see your score history.
  • To protect the service from abuse, fraud, and excessive usage.
  • To improve the product — in aggregate, never by reading individual records.
  • To publish testimonials. We may quote feedback you've sent us on our website or in our marketing, together with your name and the photo and headline from your public LinkedIn profile. Quotes are always genuine and verbatim (or lightly trimmed without changing meaning), and we'll remove or anonymise a published testimonial within 14 days of you asking — see our Terms.

We do not sell your data, share it with advertisers, or use it to train AI models on your behalf.

4. Lawful basis (for EU/UK users under GDPR)

  • Consent — when you submit your email or paste a LinkedIn URL, you are actively choosing to use the tool. You can withdraw consent at any time.
  • Legitimate interest — running the service securely, preventing abuse, and improving the product.
  • Contractual necessity — sending you the score and the monthly re-score emails you signed up for.

5. Third parties that process data on our behalf

We rely on a small number of third-party service providers to run UpProfiler. Each is bound by its own privacy commitments, and we share only the minimum data required for that function:

  • Data retrieval — fetches the public LinkedIn profile data for the URL you submit.
  • AI analysis — receives the profile and post text to be analysed, and is run with zero data retention.
  • Email delivery — receives your email address and the email content to send the report and re-score emails.
  • Database hosting — stores subscriber records and score history.
  • Image storage — stores the copies of public profile images shown in your report.
  • Web hosting — runs the website and its serverless functions.

We describe these by function rather than naming each provider, so we can change providers without re-issuing this policy — but we always hold any provider to equivalent privacy and security standards, and several operate overseas (see section 10). If you need our current, named list of sub-processors for a due-diligence or compliance check, email us and we'll provide it.

6. Data on third-party profiles

You can paste anyone's public LinkedIn URL into the tool. When you do, we process that person's public profile data on your behalf — the same data LinkedIn shows publicly. If you are the subject of a score you didn't initiate and want it deleted, email us at info@e.upprofiler.com and we'll erase the records associated with that URL within 30 days.

7. How long we keep your data

  • Subscriber email + LinkedIn URL: kept until you unsubscribe or request deletion.
  • Score history: kept for signed-in users as long as your account is active. Anonymous scores are kept for 12 months then purged.
  • Magic-link verification tokens: 5 minutes (then auto-expire).
  • Session cookies: up to 30 days, or until you sign out.
  • Stored profile images: kept for as long as the associated score history is retained, and deleted when you request erasure of that profile.
  • Feedback: kept until you ask us to delete it. If feedback is published as a testimonial, we remove or anonymise it within 14 days of your request.
  • Server request logs: our hosting provider's standard retention (typically 24 hours to 30 days).

8. Your rights

Whatever jurisdiction you're in, you can request to:

  • Access the personal data we hold about you.
  • Correct anything that's wrong.
  • Delete your account, your subscriber record, or your score history.
  • Export your data in a machine-readable format.
  • Unsubscribe from monthly re-score emails with one click.
  • Object to specific uses of your data.

Email info@e.upprofiler.com with any of these requests. We aim to respond within 14 days; we're legally required to respond within 30 days (GDPR) or 45 days (CCPA).

Making a privacy complaint. If you believe we've mishandled your personal information, email our Privacy Officer at info@e.upprofiler.com. We'll acknowledge your complaint within 5 business days and aim to resolve it within 30 days. If you're not satisfied with our response, you can refer the matter to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or 1300 363 992. EU/UK users may complain to their national data protection authority; California users to the Attorney General's office.

9. Cookies and local storage

We use only what's necessary to make the tool work. Details are in our Cookie Policy.

10. Overseas disclosure (APP 8)

Our service providers (web hosting, database, email delivery, AI processing, and image storage) operate globally, so your personal information is likely to be disclosed to and processed by recipients located overseas — principally in the United States, and potentially other countries in which those providers run infrastructure. Before disclosing personal information overseas we take reasonable steps to ensure the recipient handles it consistently with the Australian Privacy Principles, and where required we rely on Standard Contractual Clauses or equivalent safeguards.

11. Security

We use industry-standard practices: TLS in transit, encryption at rest with our infrastructure providers, principle-of-least-access for internal database queries, and short-lived authentication tokens. No system is 100% secure. If we become aware of a data breach that is likely to result in serious harm, we will notify affected individuals and the OAIC in accordance with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988.

12. Children's privacy

UpProfiler is intended for adults using LinkedIn for professional purposes. We do not knowingly collect data from anyone under 16. If you believe a minor has submitted data, email us and we'll delete it.

13. Changes to this policy

We may update this policy as the product evolves. We'll change the "Last updated" date at the top, and for material changes (e.g. new categories of data, new sub-processors) we'll email signed-in users in advance.

14. Contact

Email info@e.upprofiler.com for anything privacy-related. A human reads every message.

Operated by Vertial Holdings Pty Ltd · ABN 72 629 494 926 · Sydney NSW, Australia