MicrLinkMicrLink/privacy

effective April 21, 2026

Privacy policy.

The short version: we collect the minimum needed to run a URL shortener, we don’t sell what we collect, we don’t use it to build ad profiles, and we don’t share it with third-party trackers.

1. What we collect

When you shorten a URL

  • The original URL you paste and the short code assigned to it (auto-generated or custom).
  • The timestamp when it was created.

When someone visits a short link

  • The short code visited and the timestamp.
  • The visitor’s IP address, as forwarded by the network edge.
  • The User-Agent string their browser sends.
  • The Referer header, if their browser sends one.
  • The redirect duration (how long it took our server to resolve the redirect), used only to compute the site-wide average latency shown on the homepage.

When you join the waitlist

  • Your email address, which we store to notify you when accounts go live.
  • An optional intent marker (e.g. “analytics” or “qr”) indicating which feature drew you in. Helps us prioritize what to ship first.

We don’t use cookies, localStorage trackers, analytics pixels, session recording, or browser fingerprinting. There is no third-party JavaScript on this site.

2. What we do with it

  • Redirect you to the original URL — that’s the whole point.
  • Show aggregate counts on the homepage — total links, total clicks, and average redirect latency. These are site-wide totals only, never broken out per link publicly.
  • Detect and remove abuse (spam, phishing, malware). IP addresses are kept for this reason — never displayed publicly.
  • Email you once when accounts launch, if you joined the waitlist. No newsletter, no drip campaign, no marketing list.

3. What we never do

  • Expose per-link click data or IP addresses through the public site. Raw click records live in the database only, behind row-level security that denies public SELECT.
  • Sell, rent, or share data with advertisers or data brokers.
  • Use the data to build behavioral profiles of visitors or link creators.
  • Embed third-party analytics (Google Analytics, Meta Pixel, etc.).
  • Send waitlist emails for anything other than the accounts launch itself. One email, ever.

4. Public information

Short links are public: anyone who knows the URL can visit it. Individual click details (who clicked, when, from where) are not public. In the future, signed-in owners of a link will be able to see analytics for their own links.

5. Retention

Short URLs are retained indefinitely unless deleted for abuse. Click records are retained for as long as the corresponding short URL exists. Waitlist emails are kept until you unsubscribe or request deletion, or until you activate an account (whichever comes first).

6. Where it’s stored

All data is stored in Supabase (PostgreSQL) in a single region. The application runs on our hosting provider’s edge network. We don’t replicate data to any other platform.

7. Your rights

  • Deletion: you can request deletion of any short link you created, or your waitlist email. Email the contact listed in the footer.
  • EU / UK / CA residents: you have the usual rights under GDPR / UK-GDPR / PIPEDA (access, rectification, erasure, portability, objection). Exercise them via the contact link.

8. Changes to this policy

If this policy changes meaningfully, the “effective” date at the top of this page updates. Minor edits (typos, link fixes) are made silently.

9. Contact

Privacy questions, deletion requests, or “wait you actually don’t track me?”: reach us through the source repo link in the footer.

last updated April 21, 2026 · this is not legal advice