Effective Date: August 2026
At Short Link, we believe that web utility shouldn't come at the cost of tracking citizens across the web. This Privacy Policy outlines our strict data minimization practices and details exactly how we safeguard your information.
1. User Account Information
When you sign in using Google OAuth, we request access only to essential profile data (like your email address). This data is strictly used to maintain your secure login state and dynamically query the URLs linked to your account. We never share, rent, or sell your account information to third-party data brokers.
2. Industry-Standard Visitor Anonymization
To deliver clean, insightful analytics to link creators while protecting the privacy of end-world visitors, we engineered a secure data pipeline:
- Cryptographic IP Hashing: We explicitly do not log or store raw IP addresses in our database. Every incoming visitor IP is instantly combined with a secure cryptographic salt and compiled using a SHA-256 hashing algorithm. This allows us to record unique click interactions without retaining recognizable network addresses.
- Local User-Agent Parsing: Raw user-agent metadata is parsed on-the-fly to isolate basic operating system types (e.g., Windows, macOS, Linux, iOS, Android). The raw user-agent string is discarded immediately after parsing to prevent device fingerprinting.
- Referrer and Origin Analysis: We isolate HTTP referrers to classify traffic streams (e.g., Google, LinkedIn, Direct Traffic) so creators understand where their audience is coming from.
- Geographical Mapping: Country data is mapped utilizing secure, localized edge network headers provided by our routing proxies.
3. Complete Data Purging
Your data remains yours. When you delete a link from your authenticated Dashboard or via a Monitor Key, the link record and all associated click metrics are permanently and instantly purged from our live database.