Komodo Browser Extensions — Privacy Policy

Last updated 2026-05-19. Operator: Komodo Agents Inc. Contact: ryan@komodoagents.ai.

This policy covers Komodo's browser extensions on Chrome and Firefox: Komodo Scout and Komodo Browser Agent. They share the same code base; this policy applies to both. For Komodo's broader website and product privacy policy see /privacy.

What the extension does

Komodo Scout sits in your browser as a side panel. While you read your LinkedIn feed, it captures the text and a small screenshot of posts that are visible to you, sends them to a Komodo backend bound to your account for enrichment and storage, and lets you chat with an AI assistant about what's been captured.

Scout also keeps itself current in the background. On a recurring schedule — about every 30 minutes by default, adjustable from Settings and pausable at any time — it briefly walks your LinkedIn feed and reads new posts. If you're actively scrolling LinkedIn at that moment, Scout defers until you're done. When you ask Scout in chat to look up a person or page, it may briefly open a profile tab in the background to read the public page and then close it.

The extension never posts, comments, reacts, messages, follows, or connects on your behalf. It only runs while your browser is open and you're signed into LinkedIn.

What we collect

Your Komodo identity. When you activate the extension, you paste in (or click through) an authentication token issued by Komodo's backend. That token is stored in the browser's extension storage and sent on every request to your Komodo backend. The token encodes your Komodo user id, organization id, and display name.
LinkedIn post content. Text and a small screenshot of posts that appear in your visible feed — both while you scroll and during the recurring background walk — plus the post URL, author display name, and author profile URL. Sent to your Komodo backend over HTTPS.
LinkedIn profile content that you direct Scout to read (for example, by asking Scout to research someone in chat): the public profile page text, name, headline, current role, and recent activity. Sent to your Komodo backend over HTTPS.
Lightweight usage events. Anonymized events such as "chat message sent" or "interesting post clicked." No autocapture, no session recording, no keystroke logging.
Local preferences. Your theme, surface mode, last-activity timestamp, and capture-pause flag, in the browser's extension storage. Not transmitted.

What we don't collect

Your LinkedIn password, cookies, or anything from LinkedIn login forms. The extension uses the LinkedIn session you're already logged into; it never reads credentials.
Browsing data from sites other than the ones it captures.
Keystrokes, mouse activity, or form submissions on any site.
LinkedIn direct messages, InMail, or other private communications.
Financial information, health information, geolocation, or device identifiers.

Where the data goes

Captures are sent to your Komodo backend at agent-v1.komodoagents.to over HTTPS, authenticated by your activation token. Stored data is scoped to your Komodo organization and is not visible to other Komodo customers.

To enrich captured posts (tagging, summarization, "is this interesting" scoring) Komodo forwards the post text to a large-language-model provider. The forwarded content is the post body only, with no identity attached, and is not used by the LLM provider to train their models.

What we don't do with your data

We do not sell your data to anyone.
We do not use it to train third-party machine-learning models.
We do not use it for advertising.
We do not transfer it across organizational boundaries. Your captures are visible only inside your Komodo organization.

Your control

Pause captures from inside the extension's settings panel — a single toggle stops the scheduled feed walker.
Change the cadence of the feed walk and connections sync from settings (longer intervals, or off).
Sign out of the extension from the side panel. This clears your local identity and stops further captures of any kind immediately.
Uninstall via chrome://extensions or about:addons. Local extension storage is wiped automatically and all background activity stops.
Request deletion of data already uploaded by emailing ryan@komodoagents.ai. We will delete the artifacts within 30 days.

Security

The extension authenticates to Komodo's backend with a per-install signed token. Captures travel over TLS. The extension does not load or execute remote JavaScript at runtime; all code in the extension is the code we shipped to the store.