Last updated: May 1, 2025 · Effective immediately
At NanoLink, your privacy matters. This policy explains what data we collect, how we use it, and your rights. We believe in transparency — no hidden data sales, no advertising trackers.
No data selling
We never sell your personal data to anyone
Encrypted
All data encrypted in transit and at rest
Delete anytime
Request full account deletion at any time
When you use NanoLink (noink.ink), we collect: • URLs you submit for shortening • Account information (email address, name) when you sign up • Click data: timestamps, device type, browser, and referrer for links you create • IP addresses for rate limiting (not stored permanently) • Cookies for authentication sessions via Supabase
We use your data to: • Provide and operate the URL shortening service • Track click analytics for your links • Enforce rate limits and prevent abuse • Send transactional emails (account confirmation, password reset) • Improve the service We do not sell your personal data to third parties. Ever.
Your data is stored in Supabase (PostgreSQL) hosted in secure data centers. We use: • HTTPS encryption for all data in transit • Row Level Security (RLS) so users can only access their own data • Supabase authentication for secure session management • OTP-based verification for account creation and password reset We take reasonable measures to protect your data but cannot guarantee absolute security.
When someone clicks your short link, we record: • Timestamp of the click • Device type (mobile/desktop/tablet) • Browser type • HTTP referrer (where they came from) We do not collect or store the visitor's IP address or personal identity.
We use cookies solely for authentication purposes (keeping you logged in). We do not use advertising or tracking cookies. You can disable cookies in your browser, but this will prevent login functionality.
We use: • Supabase — database and authentication (supabase.com/privacy) • Vercel — hosting and deployment (vercel.com/legal/privacy-policy) • Google OAuth — optional sign-in method (policies.google.com/privacy) • Resend — transactional email delivery (resend.com/privacy) • QR Server API — QR code generation (goqr.me) Each has their own privacy policy.
• Your links and analytics are retained as long as your account is active • If you delete your account, your links and data are deleted within 30 days • Anonymous links (no account) are retained indefinitely as they have no owner to request deletion
You have the right to: • Access the data we hold about you • Correct inaccurate data • Request deletion of your account and data • Export your link data To exercise these rights, email us at support@noink.ink
NanoLink is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us data, contact us immediately at support@noink.ink.
We may update this policy. We'll notify registered users by email for significant changes. Continued use of the service after changes constitutes acceptance.
For privacy questions or data requests: Email: support@noink.ink Website: noink.ink