Short.io

Privacy Policy and GDPR

Privacy Policy and GDPR

Last updated: June 1, 2026

1. Introduction

Short.io ("we", "us") respects your privacy. This policy explains how we collect, use, and protect personal data when you use our URL shortening platform and related services.

2. Data We Collect

We may collect:

  • Account data: name, email, organization, and authentication details
  • Billing data: processed by our payment provider; we do not store full card numbers
  • Link data: destination URLs, slugs, tags, and configuration you provide
  • Usage data: clicks, referrers, device types, countries, and timestamps
  • Technical data: IP address, browser type, cookies, and log files

3. How We Use Data

We use personal data to:

  • Provide and improve the Service, including analytics and link resolution
  • Process payments and manage subscriptions
  • Send service announcements, security alerts, and support responses
  • Detect abuse, fraud, and violations of our terms
  • Comply with legal obligations

4. Legal Bases (GDPR)

For users in the EEA and UK, we process data based on contract performance, legitimate interests (security, product improvement), consent where required, and legal obligations.

5. Data Sharing

We do not sell personal data. We share data with infrastructure providers, payment processors, and support tools under data processing agreements, and when required by law.

6. International Transfers

Data may be processed in countries outside your residence. We use appropriate safeguards such as Standard Contractual Clauses where required.

7. Retention

We retain account data while your account is active and for a reasonable period afterward. Click analytics may be retained according to your plan. You may request deletion subject to legal retention requirements.

8. Your Rights

Depending on your location, you may have the right to:

  • Access, correct, or delete your personal data
  • Object to or restrict certain processing
  • Data portability
  • Withdraw consent where processing is consent-based
  • Lodge a complaint with a supervisory authority

9. Cookies

We use cookies and similar technologies for authentication, preferences, and analytics. You can control cookies through your browser settings; some features may not work if cookies are disabled.

10. Security

We implement technical and organizational measures including encryption in transit, access controls, and regular security reviews. No method of transmission is 100% secure.

11. Children

The Service is not directed to children under 13. We do not knowingly collect data from children.

12. Changes and Contact

We may update this policy and will revise the date above. Contact privacy@short.io or info@short.io with privacy questions or to exercise your rights.