Privacy Policy
Last updated: [EFFECTIVE DATE]
1. Who we are
mikrouli.link (the "Service") is operated by [COMPANY / LEGAL ENTITY NAME]. This policy explains what data we collect, why, and your rights regarding it. For privacy questions, contact [CONTACT EMAIL].
2. Data we collect
- Account data: your name, email address, and a securely hashed password (or GitHub OAuth identifier if you sign in with GitHub). If you register with email and later sign in with GitHub using the same email address, those accounts are linked automatically and GitHub sign-in marks your email as verified.
- Link data: the URLs you shorten, custom aliases, UTM parameters, and expiry settings.
- Click analytics: when someone visits a short link, we record a timestamp, a truncated/anonymized IP address (host bits removed), the user agent (browser, OS, device), and the referring page.
- Billing data: handled by Stripe. We store your Stripe customer and subscription identifiers and plan status, but never your full card details.
3. How we use data
- To provide and operate the Service and your dashboard;
- To produce the analytics you see for your links;
- To process payments and manage subscriptions;
- To prevent abuse, fraud, and security incidents (rate limiting);
- To communicate with you about your account or password resets.
4. Legal bases (GDPR)
Where GDPR applies, we process data to perform our contract with you (providing the Service), to comply with legal obligations, and based on our legitimate interests in securing and improving the Service.
5. Cookies
We use strictly necessary cookies to keep you signed in (authentication session). We do not use third-party advertising cookies.
6. Sharing & processors
We share data only with service providers that help us run the Service, including our database host, our email provider for password resets, and Stripe for payments. We do not sell your personal data.
7. Data retention
Link and click data are retained while your account is active and your links exist. Expired links and their analytics may be removed. You can delete links at any time from your dashboard.
8. Your rights
Depending on your location, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact [CONTACT EMAIL].
9. Security
We use industry-standard measures including password hashing, HTTPS, rate limiting, and access controls. No method of transmission or storage is 100% secure.
10. Changes
We may update this policy. Material changes will be reflected by updating the "Last updated" date above.
See also our Terms of Service.