Privacy Policy

Last updated: January 2025

Introduction

QCK ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our URL shortening service.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted)
  • Name (optional)

Usage Data

When links are clicked, we collect:

  • Timestamp of the click
  • Referrer URL (where the click came from)
  • Geographic location (country/city, derived from IP)
  • Device type and browser
  • Operating system

Note: We do not store IP addresses. Geographic data is derived at the time of the click and the IP is immediately discarded.

Link Data

For each shortened link, we store:

  • Original destination URL
  • Custom alias (if provided)
  • Creation date
  • Expiration date (if set)
  • Associated tags and metadata

How We Use Your Information

We use collected information to:

  • Provide and maintain the QCK service
  • Display analytics about your links
  • Send important service notifications
  • Improve our service and develop new features
  • Prevent abuse and ensure security

Data Sharing

We do not sell your personal data. We may share data with:

  • Service providers: Infrastructure and hosting providers necessary to run QCK
  • Legal requirements: When required by law or to protect our rights

Data Retention

  • Account data: Retained until you delete your account
  • Link data: Retained until you delete the link or your account
  • Analytics data: Retained for 2 years, then aggregated or deleted

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Opt out of marketing communications

Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, and regular security audits. However, no method of transmission over the Internet is 100% secure.

Cookies

We use essential cookies for:

  • Authentication and session management
  • Security and fraud prevention

We do not use tracking cookies or third-party advertising cookies.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or a prominent notice on our website.

GDPR Compliance

Legal Basis for Processing

Under GDPR, we rely on the following legal bases to process your personal data:

  • Contract Performance: Processing necessary to provide our URL shortening service and fulfill our contractual obligations
  • Legitimate Interest: Processing for security, fraud prevention, service improvement, and legitimate business operations
  • Legal Obligation: Processing when required by law, court order, or government regulation
  • Consent: Processing when you have given explicit consent for specific purposes (e.g., marketing communications)

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access (Article 15): Request a copy of all personal data we hold about you, including processing purposes and recipients
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten") when no longer necessary for processing purposes
  • Right to Restrict Processing (Article 18): Request limitation of how we use your data in certain circumstances
  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format and transfer it to another service
  • Right to Object (Article 21): Object to processing based on legitimate interests, including profiling for marketing purposes
  • Rights Related to Automated Decision-Making (Article 22): Protection from decisions based solely on automated processing

Exercising Your Rights

To exercise your GDPR rights:

  • Log into your QCK dashboard and use the data export or account deletion features
  • Contact us at [email protected] with your request
  • We will respond to your request within 30 days of receipt
  • For complex requests, we may extend this period by up to two additional months

Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy:

  • Account data: Retained until you delete your account or request erasure
  • Link data: Retained until you delete the link or your account
  • Analytics data: Retained for 2 years, then aggregated or deleted
  • Security logs: Retained for up to 1 year for security purposes

Upon account deletion, we will promptly delete or anonymize your personal data unless we are required by law to retain certain information.

International Data Transfers

QCK may transfer your personal data to countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place:

  • Our service providers are GDPR-compliant and certified under EU-US Data Privacy Framework (or successor frameworks)
  • We use standard contractual clauses approved by the European Commission for international data transfers
  • All data transfers comply with GDPR Chapter V requirements

Data Protection Officer

For GDPR-related inquiries, data subject rights requests, or concerns about our data processing practices, please contact us at [email protected].

You also have the right to lodge a complaint with a supervisory authority in the EU member state where you reside, work, or where an alleged infringement of GDPR occurred.

Contact Us

For questions about this privacy policy or your data, contact us at:

[email protected]