LinkedCamp

Security & compliance

Your outreach. Your data. Properly protected.

LinkedCamp is built on a security-first architecture: dedicated IPs per account, TLS-everywhere, encrypted credential storage, GDPR-aligned processing, and a clear data handling policy. Our core differentiator — safety — extends from LinkedIn account protection to the data layer.

Security architecture at a glance

Encryption in transit
TLS 1.2+ required on every request to our dashboard, API, and webhooks. No plaintext HTTP anywhere.
Encryption at rest
AES-256 on primary data stores. Secrets (API keys, LinkedIn session cookies) encrypted with keys rotated quarterly.
Dedicated IP per account
Country-based dedicated IP on every LinkedCamp plan. No IP sharing across customers — your account safety is tied only to your own behavior.
Least-privilege employee access
No LinkedCamp engineer can read your LinkedIn credentials or message content without your explicit support-ticket authorization. All production access is logged and audited.
GDPR + CCPA aligned
Every processing activity has a documented legal basis (contract, legitimate interest, or consent). DSR request path via support@linkedcamp.com — 30-day response.
Backups + disaster recovery
Daily encrypted backups, point-in-time recovery for the primary database, geographic redundancy. RPO ≤ 24h, RTO ≤ 4h.

Compliance posture

GDPR
Aligned. DPA on request. 30-day DSR response.
CCPA
Aligned. California residents have full access/deletion rights via support@linkedcamp.com.
SOC 2 Type II
2026 roadmap. Security questionnaire responses available on request.
HIPAA
Not covered. LinkedCamp is not positioned for Protected Health Information.
PCI DSS
Out of scope — LinkedCamp never stores cardholder data. Stripe handles all payment processing.
ISO 27001
Under evaluation for 2027.

Frequently asked

Is LinkedCamp GDPR-compliant?+

Yes. LinkedCamp processes personal data under GDPR Article 6 legal bases (contract performance, legitimate interest, or user consent depending on the activity). Users exercising GDPR rights (access, correction, deletion, portability, objection) can email support@linkedcamp.com — we respond within 30 days.

Do you have a Data Processing Agreement (DPA)?+

Yes. A standard DPA is available on request. Email support@linkedcamp.com and we'll send the current version. Enterprise customers can negotiate red-lined custom terms.

How is my data encrypted?+

In transit: TLS 1.2+ on every API call and every request to our dashboard. At rest: database encryption via AES-256 at the infrastructure layer. Secrets (API keys, LinkedIn credentials) are encrypted with keys rotated quarterly.

Where is my data stored?+

Primary data stores run on geographically distributed cloud infrastructure, typically in US and EU regions. We can provision EU-only data residency for enterprise customers. Details are in the DPA.

How long do you retain my data?+

Active account data persists for the duration of your subscription. Inactive accounts are deleted or anonymized 12 months after the last session. Full details in our Privacy Policy.

Are you SOC 2 compliant?+

SOC 2 Type II certification is on our 2026 roadmap. For customers requiring SOC 2 today, we can provide security questionnaire responses, our internal security controls documentation, and references to our infrastructure vendors' SOC 2 attestations.

How do you handle my LinkedIn credentials?+

We never store your LinkedIn password in plaintext. Account sessions use LinkedIn's own authentication cookies, encrypted at rest and accessible only by your account. No LinkedCamp employee has read access to raw credentials.

How does the dedicated IP architecture keep my account safe?+

Every LinkedCamp account runs on its own country-based dedicated IP. Your account's behavioral signals are tied only to your own usage — no cross-contamination from shared infrastructure. Compare this to Chrome-extension-based tools (Waalaxy, Dux-Soup) which run on your home/office IP shared with other LinkedIn users.

What's your account restriction rate?+

Under 1% per year across our customer base. Most restrictions we do see come from user error (running parallel automation tools on the same account, bypassing warm-up, or connecting already-flagged accounts) — not from LinkedCamp itself.

How do you handle a data breach?+

Breach protocol: (1) isolate affected systems within 1 hour of detection, (2) notify affected customers within 72 hours, (3) complete post-mortem with root cause + remediation within 14 days. We have not had a material data breach to date.

Enterprise security review?

If your team needs a security questionnaire filled out, a custom DPA, EU-only data residency, or a vendor risk-assessment call — email support@linkedcamp.com. We typically turn around security reviews within 5 business days.

Request a security review