1. Who We Are
TinyLinks is a link shortening and analytics service operated by Slike. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights.
If you access TinyLinks through the Wix Marketplace or the Shopify App Store, TinyLinks acts as an independent data controller for data we collect and process. Wix and Shopify are separate data controllers for their own platform data.
2. Data We Collect
2.1 Account Data
When you register or authenticate via an identity provider (Wix, Shopify, or Clerk), we receive and store:
• Email address (from identity provider) — Account management, support communication
• User / account ID (from identity provider) — Linking your account to your links
• Shop / site identifier (from Wix or Shopify) — Associating links with your store
2.2 Link and QR Code Data
We store the short links and (optionally) QR codes you create, including the destination URLs you provide.
2.3 Click Analytics Data
When someone clicks one of your short links, we collect:
• Geolocation — Country and city derived from the visitor's IP address. We do not store the raw IP address.
• Referrer URL — The page the visitor came from, as reported by the browser.
• Device / OS / Browser — Parsed from the HTTP User-Agent header.
• Timestamp — Date and time of the click.
This data is attributed to your link (not to the individual visitor) and is displayed in your analytics dashboard.
2.4 Usage and Technical Data
We may collect standard server logs and usage metrics (e.g., API request volume, error rates) for service stability and performance monitoring. These are not linked to individual users beyond what is necessary for debugging.
2.5 Payment Data
We do not store credit card numbers or full payment details.
• For Paddle-billed subscriptions: Paddle stores your payment and billing data under their privacy policy.
• For Wix or Shopify-billed subscriptions: Wix or Shopify store payment data under their respective privacy policies.
We may receive and store non-sensitive billing metadata (e.g., subscription status, plan type, billing email) from these processors.
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, we rely on the following legal bases:
• Providing the Service, managing your account — Contract performance (Art. 6(1)(b) GDPR)
• Click analytics for your links — Legitimate interest (providing analytics is the core purpose you signed up for)
• Marketing communications — Consent (you may opt out at any time)
• Legal compliance — Legal obligation (Art. 6(1)(c) GDPR)
4. How We Use Your Data
We use your data to:
• Create and manage your account
• Provide link shortening, QR code, and analytics features
• Authenticate you via your identity provider
• Process and manage your subscription
• Send transactional emails (account confirmation, billing notifications, service alerts)
• Send optional product updates and announcements (only with your consent)
• Monitor and improve service performance and security
• Investigate abuse and enforce our Acceptable Use Policy
5. Data Sharing and Third-Party Processors
We do not sell your personal data. We share data only with the following categories of third parties, strictly for service delivery:
• Paddle — Payment processing for standalone subscriptions (billing email, subscription status)
• Wix — Authentication, marketplace billing (account/site ID via OAuth)
• Shopify — Authentication, marketplace billing (shop ID via OAuth)
• Clerk — Authentication for standalone users (email, user ID)
• IP geolocation provider — Deriving country/city from visitor IP (visitor IP address, not stored by us)
• Cloud infrastructure provider — Hosting and data storage (all data processed on our servers)
We enter into Data Processing Agreements (DPAs) with sub-processors where required by applicable law.
6. Cookies and Tracking Technologies
We use cookies and similar technologies to:
• Maintain your authenticated session
• Remember your preferences
• Collect aggregate usage analytics
You can control cookies through your browser settings. Disabling session cookies will prevent you from logging in. We do not use third-party advertising cookies.
7. Data Retention
• Account data — Until account deletion, then 30 days
• Link and QR code data — Until you delete the link, or 90 days after account deletion
• Click analytics — 24 months from the date of the click
• Billing metadata — 7 years (required for tax/accounting compliance)
• Server logs — 90 days
After the retention period expires, data is securely deleted or anonymized.
8. Data Security
We implement appropriate technical and organizational measures to protect your data, including encrypted storage, TLS in transit, access controls, and regular security reviews. However, no system is completely secure, and we cannot guarantee absolute security.
9. International Data Transfers
Our servers are located in the EU West (Ireland) region. If your data is transferred outside your country of residence, we ensure adequate safeguards are in place (such as Standard Contractual Clauses for EU data transfers) in accordance with applicable data protection law.
10. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
• Access — Request a copy of the data we hold about you.
• Rectification — Ask us to correct inaccurate data.
• Erasure — Request deletion of your data ("right to be forgotten").
• Restriction — Ask us to limit processing in certain circumstances.
• Portability — Receive your data in a machine-readable format.
• Objection — Object to processing based on legitimate interests.
• Withdraw consent — Where processing is based on consent, withdraw it at any time.
• Complaint — Lodge a complaint with a supervisory authority (e.g., your national data protection authority).
To exercise any of these rights, contact us at support@tiny-links.com. We will respond within 30 days.
11. Children
TinyLinks is not directed to children under 16. We do not knowingly collect personal data from children under 16. If we become aware of such collection, we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notice at least 14 days before they take effect. The "Effective date" at the top of this page will always reflect the current version.
13. Contact
For privacy inquiries or to exercise your rights:
Email: support@tiny-links.com
Website: tiny-links.com
