Privacy Policy

Qurrl.ink URL Shortening Service

Effective Date: December 21, 2025

1. Introduction

Qurrl.ink (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our URL shortening and QR code generation service (the “Service”).

By using our Service, you consent to the data practices described in this policy. If you do not agree with these practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide, including:

  • Account Information: Email address, username, and password when you register
  • Payment Information: Billing details processed securely through Stripe (we do not store full credit card numbers)
  • URLs and Content: Destination URLs you submit for shortening and any custom aliases you create
  • Uploaded Images: Logos uploaded by Premium users for QR code customization
  • Communications: Messages you send to us for support or feedback

2.2 Information Collected Automatically

When you access our Service, we automatically collect:

  • Device Information: Browser type, operating system, device type, and screen resolution
  • Log Data: IP address, access times, pages viewed, and referring URLs
  • Click Data: When someone clicks a shortened link, we record timestamp, geographic location (country/city level), referrer, device type, and browser
  • Usage Patterns: Features used, links created, QR codes generated, and interaction frequency

2.3 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and authentication state
  • Remember your preferences and settings
  • Analyze Service usage and performance
  • Detect and prevent fraudulent or malicious activity
  • Implement rate limiting and bot protection

You can control cookies through your browser settings. Disabling cookies may limit certain functionality of the Service.

3. How We Use Your Information

We use collected information for the following purposes:

  • Service Delivery: To create and manage short links, generate QR codes, and provide analytics
  • Account Management: To create, maintain, and secure your account
  • Payment Processing: To process Premium subscriptions and manage billing
  • Security: To detect malicious URLs, prevent abuse, enforce rate limits, and protect against fraud
  • Analytics: To provide link performance statistics to users and improve our Service
  • Communications: To send service updates, security alerts, and support responses
  • Legal Compliance: To comply with applicable laws and respond to legal requests
  • Service Improvement: To analyze usage patterns and enhance features

4. Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who assist in operating our Service, including:

  • Stripe: For secure payment processing
  • Hosting Providers: For infrastructure and data storage
  • Security Services: For malicious URL detection and threat prevention

These providers are contractually obligated to protect your information and use it only for specified purposes.

4.2 Legal Requirements

We may disclose information when required by law, legal process, or government request, or when necessary to protect our rights, property, safety, or the rights of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

4.4 Aggregated Data

We may share aggregated, anonymized data that cannot reasonably be used to identify you for research, analysis, or marketing purposes.

5. Data Security

We implement comprehensive security measures to protect your information:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure password hashing and storage
  • Rate limiting to prevent abuse and brute-force attacks
  • Bot detection and automated threat prevention
  • Regular security audits and vulnerability assessments
  • Access controls limiting employee access to personal data

Despite these measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but will notify you of any breach affecting your personal information as required by law.

6. Data Retention

We retain your information according to the following policies:

  • Account Data: Retained while your account is active and for a reasonable period after deletion for legal compliance
  • Short Links (Free Tier): May expire after periods of inactivity as specified in our Terms
  • Short Links (Premium): Retained while subscription is active
  • Click Analytics: Retained for the duration your links are active
  • Uploaded Logos: Deleted upon account termination or subscription cancellation
  • Server Logs: Retained for security purposes and automatically purged after 90 days

Our automated cleanup processes remove expired content and associated data according to these retention schedules.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Portability: Request your data in a portable, machine-readable format
  • Opt-Out: Unsubscribe from marketing communications at any time
  • Restriction: Request limitation of processing in certain circumstances

To exercise these rights, contact us at privacy@qurrl.ink. We will respond within the timeframe required by applicable law.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we implement appropriate safeguards including standard contractual clauses and ensure adequate protection levels.

9. European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process your data based on consent, contractual necessity, legitimate interests, or legal obligations
  • Right to Object: You may object to processing based on legitimate interests
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority

10. California Users (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of categories and specific pieces of personal information collected
  • Right to Delete: Request deletion of your personal information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights
  • Do Not Sell: We do not sell personal information as defined by the CCPA

11. Children’s Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn we have collected information from a child under 16, we will delete that information promptly. If you believe we have collected information from a child, please contact us immediately.

12. Third-Party Links

Our Service creates links to third-party websites. We are not responsible for the privacy practices of destination URLs or websites reached through our shortened links. We encourage you to review the privacy policies of any website you visit.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users or through prominent notice on our Service. The “Effective Date” at the top indicates when this policy was last revised. Your continued use after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries: privacy@qurrl.ink

General Support: support@qurrl.ink

Website: https://qurrl.ink

Your privacy matters to us. Thank you for trusting Qurrl.ink with your information.