Security
Last updated: April 11, 2026
LinkedIn Integration
We use only LinkedIn's official APIs to connect to your account. There are no browser extensions, no scraping, and no workarounds of any kind. Your connection goes through LinkedIn's standard OAuth 2.0 flow, the same protocol used by major platforms like Buffer, Hootsuite, and Taplio.
What We Can and Cannot Access
When you connect your LinkedIn account, we request only the permissions needed to publish posts on your behalf and read analytics for posts you create through Writio. We cannot access your LinkedIn messages, your connections list, your browsing activity, or any content you did not create through Writio.
Authentication
Your LinkedIn password is never shared with us. When you click "Connect LinkedIn," you are redirected to LinkedIn's own login page. LinkedIn authenticates you directly and sends us a time-limited access token. We never see or store your password.
Data Storage
Your data is stored in Supabase with row-level security policies, meaning only you can access your own data. LinkedIn access tokens are stored securely with row-level access controls. All data transmission uses HTTPS.
Third-Party Services
Writio integrates with LinkedIn (publishing and analytics), OpenAI (AI content generation), Supabase (authentication and storage), Stripe (payments), and PostHog (anonymized product analytics). We do not sell your data to any third party.
Disconnecting
You can disconnect your LinkedIn account at any time from your settings page. This immediately removes your stored access tokens. You can also request full account deletion by contacting us.
Contact
If you have questions about our security practices, email us at hello@writio.ai.