Privacy Policy

Last updated:

Privacy-First Link Analytics

UseClick.io is built with privacy at its core. We collect only the minimum data necessary to provide link analytics, we never store IP addresses, and we automatically delete data older than 365 days. Your privacy matters to us.

1. Introduction

Welcome to UseClick.io ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our link shortening and analytics platform (the "Service"). We are committed to protecting your privacy and ensuring transparency about our data practices.

2. Information We Collect

Personal Information:

  • Email address (for account creation and authentication)
  • Password (encrypted and securely stored)
  • Profile information you voluntarily provide
  • Payment information (processed securely through Stripe)

Link and Usage Data:

  • Original URLs you shorten through our service
  • Custom slugs and link metadata
  • Click analytics data including timestamps and referrer URLs
  • Cryptographically hashed visitor fingerprints (SHA-256) for unique visitor counting
  • We do NOT collect or store: IP addresses or full user agent strings

Analytics Information (Privacy-First Approach):

  • Geographic location: Country, region/state, and city (e.g., "United States, California, San Francisco") - derived from IP address but IP address itself is NOT stored
  • Parsed device data: Browser type (e.g., "Chrome"), operating system (e.g., "Windows"), and device type (e.g., "Mobile") - we do NOT store full user agent strings
  • Language preference: Browser language setting (e.g., "en-US")
  • Visitor fingerprint: SHA-256 cryptographic hash for unique visitor counting - cannot be reversed to identify individuals
  • Essential cookies only: Authentication cookies for logged-in users - no third-party tracking cookies or analytics cookies

Our Privacy-First Commitment:

  • No IP address storage: We NEVER collect or store IP addresses in our database
  • City-level geolocation: We collect country, region, and city for analytics, but IP addresses are never stored
  • Minimal data collection: We only collect what's essential for link analytics functionality
  • No full user agent storage: We parse and store only browser, device, and OS - not the full user agent string
  • No cross-site tracking: No third-party cookies, pixels, or tracking scripts

3. How We Use Your Information

  • Provide and maintain our link shortening and analytics services
  • Process payments and manage your subscription
  • Generate analytics reports and insights for your shortened links
  • Authenticate users and protect against unauthorized access
  • Communicate with you about your account and service updates
  • Improve our service quality and develop new features
  • Comply with legal obligations and prevent abuse
  • Provide customer support and respond to inquiries

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party providers who assist in operating our service, including Supabase (database hosting in Frankfurt, Germany), Vercel (application hosting with EU-US Privacy Framework compliance), Stripe (payment processing with GDPR compliance), and Cloudflare (CDN services with EU data protection compliance)
  • Legal Requirements: When required by law or to protect our rights and prevent illegal activities
  • Business Transfers: In connection with any merger, acquisition, or sale of assets
  • Consent: With your explicit consent for specific purposes

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit and at rest using SSL/TLS protocols
  • Secure authentication and password hashing
  • Regular security audits and monitoring
  • Access controls and principle of least privilege
  • Secure cloud infrastructure through Supabase and Vercel

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Account information: Until you delete your account (available in Account Settings)
  • Link data: Deleted immediately when you delete your account
  • Click analytics data: Automatically deleted after 365 days - our system runs weekly cleanup to remove old data
  • Payment records: As required by financial regulations (typically 7 years) - maintained separately for legal compliance only

Automatic Data Deletion:

Our system automatically runs a weekly cleanup process that permanently deletes click analytics data older than 365 days. This ensures compliance with GDPR data minimization principles and reduces unnecessary data storage. This happens automatically every Sunday at 3:00 AM UTC.

Account Deletion:

You can delete your account at any time from your Account Settings. Account deletion is immediate and permanent. All your links, click data, and account information will be permanently deleted. Payment records are retained separately for 7 years as required by financial regulations. If you need assistance with account deletion, contact us at [email protected].

7. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate personal information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Portability: Export your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications
  • Account Deletion: Delete your entire account and associated data

8. Cookies and Tracking

We take a privacy-first approach to cookies and tracking:

  • Essential cookies only: We use only authentication cookies required for logged-in users to maintain their session. These cookies are necessary for the service to function and cannot be disabled.
  • No analytics cookies: We do NOT use cookies for analytics or tracking purposes. All analytics are collected server-side without browser cookies.
  • No third-party cookies: We do NOT allow third-party cookies, tracking pixels, or analytics scripts (no Google Analytics, Facebook Pixel, etc.).
  • No cookie consent required: Since we only use essential authentication cookies, we do not need to display cookie consent banners under GDPR.

Technical details: Authentication cookies are HTTP-only, secure, and scoped to our domain only. They expire when you log out or after a period of inactivity for security purposes.

9. International Data Transfers

EU Data Hosting: Your primary data is stored in the European Union via Supabase, which is hosted in Frankfurt, Germany, ensuring GDPR compliance.

Vercel Processing: Our website and application infrastructure is hosted by Vercel Inc., a US-based company. While Vercel's primary processing facilities are in the United States, they are GDPR compliant and certified under the EU-US Data Privacy Framework. Data transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission.

Cloudflare CDN: We use Cloudflare for content delivery and DDoS protection. Cloudflare is GDPR compliant and processes data in accordance with EU data protection requirements.

We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws, including GDPR Article 46 adequacy decisions and Standard Contractual Clauses where necessary.

10. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may provide additional notice.

12. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]
Website: https://useclick.io
Response Time: We aim to respond to all privacy inquiries within 48 hours.