Privacy Policy

This Privacy Policy (the “Policy”) explains how we collect, use, share, and protect information when you use LinkGate (the “Service”) to create short links, access short links, view analytics, or contact us.

Note: If you do not agree to this Policy, please stop using the Service.

1. Scope of this Policy

This Policy applies to:

• Accessing or using linkgate.cc and related pages (for example /terms, /privacy, /refund, /aup).
• Registering/logging in and using the LinkGate console.
• Creating and managing short links/QR codes and viewing analytics.
• Accessing or clicking LinkGate short links (including redirects via custom domains).

This Policy does not apply to:

• Third-party websites, apps, or services you reach via short links (the “Third-Party Services”).
• How Third-Party Services collect and process your information. We recommend you read their privacy policies.

2. Who we are

• Operator: LinkGate is operated by an individual developer (the “Operator”, “we”, “us”).
• Contact email: support@linkgate.cc

3. Information we collect

We follow a data-minimization principle and collect only information necessary to provide the Service.

3.1 When you register/log in

We may collect:

• Account information: your email address used for login and account identification.
• Security information: minimal technical data needed for login state and risk control (for example session identifiers and minimal device/browser signals).

3.2 When you create and manage short links

We may collect and store the content and configuration you submit, for example:

• Original URL (destination), short code/short link, enable/disable status.
• UTM parameters and QR-code content.
• Notes, groups/tags (if any).

Important (public nature of short links): Short links are meant to be shared. Anyone with a short link may access it and be redirected to the destination URL. Avoid including sensitive personal information in destination URLs or parameters.

3.3 When someone accesses/clicks a short link (redirects & analytics)

To provide redirects, analytics, quota enforcement, and security protection, we may process minimal request metadata such as:

• Timestamp and short code/path.
• Referrer (if provided by the browser/client).
• User-Agent (device/browser type, if provided).
• Response status/redirect result (for example successful redirect or blocked by risk controls).

About IP addresses

• In network communications, we may temporarily process visitor IP addresses (for transmission, basic security, rate limiting, and anti-abuse).
• By default, the current version of the Service does not persistently store visitor IP addresses as directly identifying information (for example, we do not provide an “IP detail list” in the console).
• In case of security incidents, severe abuse, or legal requirements, we may temporarily add log fields or extend retention of evidentiary records within a necessary scope, and update this Policy when feasible.

3.4 When you contact us

When you contact support by email or other means, we receive the information and content you provide (for example your email address, issue description, screenshots/attachments) to process the request and improve the Service.

3.5 Cookies and local storage

We may use necessary cookies/local storage to enable:

• Login state and security checks (for example CSRF protection).
• Basic preference settings.

With your consent, we may also use optional analytics cookies to measure usage and improve the Service.

3.6 Third-party analytics (Google Analytics)

If you opt in, we may use Google Analytics (GA4) to understand usage patterns and improve the Service.

• We load GA4 only after you opt in via the cookie banner or Settings. If you decline, we do not load Google Analytics scripts.
• We do not intentionally send PII (for example your email address) to Google Analytics.
• You can withdraw your consent anytime in Settings.

4. How we use information

We may use information for the following purposes:

1. Provide and maintain the Service: create/manage short links, complete redirects, and show analytics dashboards.
2. Authentication and access control: login, session management, and authorization.
3. Billing and entitlements: verify subscription status and enable/limit paid features (payments are processed by Paddle; see Section 6).
4. Security and anti-abuse: detect, prevent, and investigate malicious traffic, fraud, phishing, and attacks; enforce the Terms and the AUP.
5. Customer support: answer questions, troubleshoot issues, and handle complaints/appeals.
6. Compliance obligations: respond to applicable laws, regulations, and law-enforcement requests (to the extent permitted by law).

5. Legal basis (EEA/UK users)

If you are located in the European Economic Area (EEA) or the UK, we typically process information under the following legal bases:

• Contract performance: necessary to provide the Service to you.
• Legitimate interests: security, anti-abuse, service improvement, and fraud prevention (with efforts to minimize privacy impact).
• Consent: for optional analytics cookies (for example Google Analytics) or marketing communications (where applicable).
• Legal obligations: for example financial/tax obligations or law-enforcement assistance (where applicable).

6. How we share information

We do not sell your personal information. We may share or disclose information in the following cases:

6.1 Payments and settlement (Paddle)

The Service uses Paddle to process payments, subscriptions, and settlement. Payment-related data (for example payment method, transaction/order details, and tax information) is typically processed and stored by Paddle as the Merchant of Record.

6.2 Infrastructure and service providers

To host and deliver the Service, we may use third-party providers such as cloud infrastructure, CDNs, and email services. If you opt in, we may also use an analytics provider (Google Analytics). We provide information only as necessary and require providers to process information according to our instructions.

6.3 Legal and security

We may disclose information:

• To comply with laws, regulatory requirements, or valid law-enforcement/judicial requests.
• To protect the rights, property, and safety of us, our users, or the public.
• To investigate and prevent fraud, abuse, or security incidents.

7. Retention

We retain information only for as long as necessary to achieve the purposes described in this Policy, and we try to aggregate or anonymize where possible.

• Account information: typically kept while your account is active. After account deletion, we may retain necessary records for a reasonable period for billing, disputes, and compliance.
• Short links and configuration: stored while you keep your links. After deletion, we may keep short-term backups/caches for synchronization and recovery.
• Analytics and logs: we provide aggregated analytics and do not retain detailed click logs.

Notes on analytics and logs:

• Aggregated analytics may be retained longer for historical reporting.
• Detailed click logs are not retained.

8. Security measures

We use reasonable technical and organizational measures to protect information security, such as encryption in transit, access controls, least privilege, backups, and monitoring.

Please note: internet transmission is not absolutely secure and we cannot guarantee 100% security. If a significant security incident occurs, we will take measures as required by applicable laws and notify you when feasible.

9. Your rights and choices

Depending on where you live, you may have rights such as (especially under the GDPR/UK GDPR for EEA/UK):

• Access, correct, or delete your personal information.
• Restrict or object to certain processing.
• Data portability (where applicable).
• Withdraw consent (where processing is based on consent).

To exercise your rights, contact support@linkgate.cc. To protect account security, we may require identity verification.

9.1 Complaints

If you are located in the EEA/UK, you may also have the right to lodge a complaint with your local data protection authority.

10. International transfers

We may use infrastructure or service providers in different countries/regions, which can result in cross-border data transfers. We will make reasonable efforts to adopt appropriate safeguards (for example data processing terms with providers and industry-standard contractual arrangements).

11. Children’s privacy

The Service is not intended for children. If you believe a minor has provided personal information to us without guardian consent, please contact support@linkgate.cc and we will take reasonable steps after verification.

12. Changes to this Policy

We may update this Policy from time to time. Continuing to use the Service after updates means you accept the updated Policy. We will make reasonable efforts to notify you of material changes via the Service or email.

13. Related policies

• Terms of Service: https://linkgate.cc/terms
• Refund Policy: https://linkgate.cc/refund
• Acceptable Use Policy (AUP): https://linkgate.cc/aup

14. Contact us

If you have any questions, requests, or complaints about this Policy, contact: support@linkgate.cc