Privacy Policy

Last Updated: January 19, 2025

1. Introduction

This Privacy Policy explains how Shor.ty ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you use our URL shortening service, whether you're located in the Philippines, Europe, United States, or anywhere else in the world.

2. Information We Collect

2.1 Personal Information You Provide

• Account Information: Email address, password (encrypted), username
• Payment Information: Processed securely through PayMongo (we do not store full credit card details)
• Profile Information: Any additional information you choose to provide
• Communication Data: Messages you send to our support team

2.2 Automatically Collected Information

• Usage Data: URLs you shorten, click statistics, QR codes generated
• Device Information: IP address, browser type, operating system, device type
• Analytics Data: Page views, session duration, referral sources
• Cookies and Tracking: Session cookies, authentication tokens, preference storage
• Click Data: When someone clicks your shortened link: IP address, user agent, timestamp, geographic location

2.3 Third-Party Services

We use the following third-party services that may collect information:

• Google AdSense: Displays advertisements and may use cookies for personalized ads
• PayMongo: Processes payments (governed by PayMongo's privacy policy)
• Hostinger: Hosts our servers and databases

3. How We Use Your Information

3.1 Service Delivery

• Create and manage your account
• Generate shortened URLs and QR codes
• Process your subscription payments
• Provide customer support
• Send service-related notifications

3.2 Analytics and Improvement

• Track link performance and click analytics
• Analyze usage patterns to improve our service
• Monitor and prevent fraudulent activity
• Optimize website performance

3.3 Marketing Communications (with your consent)

• Send promotional emails about new features (opt-out available)
• Provide updates about service improvements
• Share relevant content and tips

3.4 Legal Compliance

• Comply with applicable laws and regulations worldwide
• Respond to legal requests and prevent harm
• Enforce our Terms of Service

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on:

• Contract Performance: To provide our URL shortening services
• Legitimate Interests: To improve our service, prevent fraud, and ensure security
• Legal Obligations: To comply with legal requirements
• Consent: For marketing communications and non-essential cookies (you may withdraw consent at any time)

5. Your Privacy Rights by Region

6. How We Share Your Information

We do not sell your personal information. We may share your information only in these circumstances:

6.1 Service Providers

• Payment Processing: PayMongo for subscription billing
• Hosting: Hostinger for server infrastructure
• Advertising: Google AdSense for displaying ads

6.2 Legal Requirements

• Comply with court orders or legal processes
• Respond to government requests in accordance with applicable law
• Protect our rights, property, or safety
• Prevent fraud or illegal activity

6.3 Business Transfers

If Shor.ty is involved in a merger, acquisition, or sale of assets, your personal data may be transferred. We will notify you of any such change.

7. International Data Transfers

Shor.ty operates primarily in the Philippines, but some of our service providers (like Google AdSense) may be located internationally. When we transfer data outside your country:

• We ensure adequate data protection measures are in place
• We comply with cross-border transfer requirements under GDPR, CCPA, and Philippine DPA
• We use standard contractual clauses approved by relevant authorities
• For EU users: We comply with GDPR requirements for international transfers

8. Data Security

We implement appropriate technical and organizational security measures:

• Encryption: All passwords are hashed using bcrypt encryption
• HTTPS/SSL: All data transmission is encrypted via SSL/TLS
• Secure Servers: Data stored on secure Hostinger servers
• Access Controls: Limited employee access to personal information
• Regular Backups: Daily database backups for disaster recovery
• Payment Security: PCI-DSS compliant payment processing through PayMongo
• Security Audits: Regular security assessments and updates

9. Data Retention

We retain your information for as long as necessary:

• Active Accounts: Data retained while your account is active
• Closed Accounts: Personal data deleted within 30 days of account closure
• Analytics Data: Anonymized click data may be retained for up to 2 years
• Payment Records: Retained for 7 years as required by tax authorities (BIR in Philippines, IRS in US)
• Legal Holds: Data may be retained longer if required by law or for legal proceedings

10. Cookies and Tracking Technologies

10.1 Types of Cookies We Use

• Essential Cookies: Required for authentication and security (cannot be disabled)
• Analytics Cookies: Help us understand how users interact with our service
• Advertising Cookies: Used by Google AdSense for relevant ads (can be opted out)

10.2 Managing Cookies

You can control cookies through your browser settings:

• View and delete cookies
• Block third-party cookies
• Clear cookies when closing browser
• For Google AdSense: Visit Google Ads Settings

11. Children's Privacy

Shor.ty is not intended for users under 18 years of age (or under 16 in the EU). We do not knowingly collect information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@shor-ty.com, and we will delete such information.

12. Google AdSense and Advertising

We use Google AdSense to display advertisements. Google may use cookies to serve ads based on your visits to our site and other websites. You can:

• Opt out of personalized advertising by visiting Google Ads Settings
• Opt out of third-party vendor use of cookies by visiting aboutads.info
• For EU users: Manage consent settings through our cookie consent banner

13. Your Choices and Controls

13.1 Account Information

• Access: View your account information in your dashboard
• Update: Edit your profile and preferences anytime
• Delete: Request account deletion by emailing privacy@shor-ty.com

13.2 Marketing Communications

• Unsubscribe from promotional emails using the link in each email
• Opt-out of marketing in your account settings
• Email privacy@shor-ty.com to opt-out

13.3 Data Export

Request a copy of your data in CSV or JSON format by emailing privacy@shor-ty.com. We will provide your data within 30 days (or 15 days for Philippine users per NPC requirements).

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Changes will be posted on this page with an updated "Last Updated" date. For material changes:

• We will notify you via email
• We will display a prominent notice on our website
• We may require renewed consent where legally required

15. Data Protection Officer

For privacy concerns or to exercise your rights, contact our Data Protection Officer:

16. Supervisory Authorities

16.1 For Philippine Users

16.2 For EU Users

You have the right to lodge a complaint with your local data protection authority. Find your authority at: European Data Protection Board

16.3 For California Users

California Attorney General's Office
Website: oag.ca.gov/privacy

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

18. Consent

By using Shor.ty, you consent to this Privacy Policy and agree to its terms. If you do not agree, please do not use our service.