Privacy Policy
Last updated: April 2026
1. Information we collect
When you use JustShorten without an account, we collect: the URL you shorten (stored to serve the redirect), and anonymous click data (country, device type, browser, referrer) for analytics.
When you create an account, we additionally collect: your email address and a hashed password, managed securely by Supabase Auth.
When you subscribe to Premium, your payment is processed by PayPal. We receive a subscription ID and status — we never see or store your card details.
2. How we use your data
We use collected data to: serve URL redirects, display click analytics to link owners, manage your account and subscription, and improve the service. We do not sell, rent, or share your personal data with third parties for marketing purposes.
3. Cookies
We use cookies solely for authentication (Supabase session cookies). We do not use tracking cookies. Google AdSense (shown to free-tier users) may set its own cookies per Google's privacy policy.
4. Data retention
Shortened links and their click data are retained indefinitely to ensure redirects keep working. You can delete any of your links from your dashboard at any time, which permanently removes the link and all associated click data.
5. GDPR
If you are in the European Economic Area, you have the right to access, correct, or delete your personal data. To exercise these rights, email us at support@justshorten.xyz.
6. Security
HTTPS is enforced on all pages. Passwords are hashed by Supabase Auth (bcrypt). We apply HSTS headers to prevent downgrade attacks.
7. Contact
Questions about this policy? Email us at support@justshorten.xyz.