ClicksLab Logo

Privacy Policy

Your privacy is important to us. This Privacy Policy explains how ClicksLab collects, uses, and protects your personal information.

Last Updated: February 16, 2026

Introduction

Welcome to ClicksLab. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our URL shortening service.

ClicksLab ("we," "us," or "our") operates the website clickslab.io and provides URL shortening, analytics, and QR code generation services (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

Data Controller: ClicksLab
Contact: [email protected]

Information We Collect

We collect several types of information to provide and improve our Service:

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Username
  • Password (encrypted)
  • Profile information (optional)

2.2 Usage Information

When you use our Service, we automatically collect:

  • Original URLs you submit for shortening
  • Custom short link aliases you create
  • Timestamps of link creation and clicks
  • Link expiration settings

2.3 Analytics Data

To provide analytics features, we collect data about visitors who click your shortened links:

  • IP address (anonymized)
  • Geographic location (country, region, city - derived from IP)
  • Device type (desktop, mobile, tablet)
  • Operating system and browser
  • Referrer URL (where the click came from)
  • Timestamp of click

2.4 Cookies and Tracking Technologies

We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage. See our Cookie Policy for details.

How We Use Your Information

We use the collected information for the following purposes:

  • Provide the Service: Create and manage shortened links, generate QR codes, and deliver analytics
  • Account Management: Authenticate users, maintain accounts, and enforce service limits (e.g., 50 links/month for free plan)
  • Analytics and Insights: Provide click tracking, geographic data, device statistics, and performance metrics
  • Service Improvement: Analyze usage patterns, identify bugs, and optimize performance
  • Communication: Send service-related notifications, security alerts, and policy updates
  • Security: Detect and prevent fraud, abuse, spam, and malicious activity
  • Legal Compliance: Comply with applicable laws, regulations, and legal requests

We do not sell your personal information to third parties or use it for advertising purposes.

Data Sharing and Disclosure

We may share your information only in the following limited circumstances:

4.1 Service Providers

We may share data with trusted third-party service providers who assist us in operating our Service, such as:

  • Cloud hosting providers (infrastructure)
  • Email service providers (transactional emails)
  • Analytics platforms (aggregated usage statistics)

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations, court orders, or subpoenas
  • Enforce our Terms of Service and investigate violations
  • Protect the rights, property, or safety of ClicksLab, our users, or the public
  • Detect, prevent, or address fraud, security, or technical issues

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and ensure continued protection of your data.

4.4 Aggregated Data

We may share aggregated, anonymized statistics about Service usage that do not identify individual users (e.g., "50,000 links created this month").

Data Security

We implement industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction:

  • Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS
  • Password Protection: Passwords are hashed using strong cryptographic algorithms
  • Access Controls: Strict internal access policies limit who can view or process your data
  • Regular Audits: We conduct security assessments and vulnerability testing
  • Monitoring: Automated systems detect and alert us to suspicious activity

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

Your Responsibility: Keep your account credentials confidential and notify us immediately at [email protected] if you suspect unauthorized access.

Your Rights (GDPR/CCPA)

Depending on your location, you may have the following rights regarding your personal information:

6.1 EU Users (GDPR)

  • Right to Access: Request a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Restrict Processing: Limit how we use your data
  • Right to Object: Object to data processing for specific purposes
  • Right to Withdraw Consent: Withdraw previously given consent at any time

6.2 California Users (CCPA)

  • Right to Know: Request disclosure of data collection and sharing practices
  • Right to Delete: Request deletion of personal information (with exceptions)
  • Right to Opt-Out: Opt out of the sale of personal information (we do not sell data)
  • Right to Non-Discrimination: Equal service regardless of privacy rights exercise

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days and may require identity verification to protect your privacy.

Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

  • Account Data: Retained while your account is active and for 90 days after account deletion (to prevent accidental deletion)
  • Short Links: Retained indefinitely unless you delete them or your account is closed
  • Analytics Data: For free plan users, click data is retained for 30 days, then aggregated and anonymized. Premium users may have longer retention periods.
  • Server Logs: Retained for 90 days for security and debugging purposes

After retention periods expire, data is securely deleted or anonymized. You can request early deletion by contacting us at [email protected].

International Data Transfers

ClicksLab operates globally, and your information may be transferred to, stored, and processed in countries outside your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the EU Commission
  • Adequacy decisions for certain countries
  • Encryption and security measures during transit and storage

For EU users, we comply with the General Data Protection Regulation (GDPR) requirements for international data transfers.

Children's Privacy

Our Service is not intended for children under the age of 16 (or the minimum age required by law in your jurisdiction). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected]. We will promptly delete such information from our systems.

If we discover that we have inadvertently collected data from a child under 16, we will take immediate steps to delete the information and terminate the account.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Notify you via email (if you have an account) or through a prominent notice on our website
  • For material changes, provide at least 30 days' notice before the new policy takes effect

Your continued use of the Service after changes take effect constitutes your acceptance of the revised Privacy Policy. If you do not agree to the changes, please discontinue use of the Service and contact us to delete your account.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ClicksLab

Email: [email protected]

Privacy Inquiries: [email protected]

Website: https://clickslab.io

We aim to respond to all privacy inquiries within 30 days. For urgent security matters, please mark your email as "URGENT - Security Issue."