Privacy Policy

Last updated: February 25, 2026

Plinq ("we," "our," or "us") is a browser extension and web service that helps professionals manage and share branded hyperlinks with optional click tracking. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights regarding that data.

1. Who This Policy Applies To

This policy covers two groups of people:

• Plinq Users — people who install the Plinq browser extension and create an account to manage their links.
• Link Recipients — people who click on a tracked link created by a Plinq user. These people do not have Plinq accounts and may not know the link is tracked.

2. Data We Collect from Plinq Users

When you create an account and use Plinq, we collect:

• Email address — used for account authentication, password resets, and essential account communications. We do not send marketing emails.
• Password — stored securely by our authentication provider (Supabase). We never have access to your plaintext password.
• Links you save — the URLs, display names (anchor text), and organizational data (categories, colors, pin status) you create in Plinq.
• Usage metadata — copy counts and timestamps for links you copy, stored locally in your browser to power features like "Recently Copied."

3. Data We Collect from Link Recipients

When someone clicks a tracked link (a link where the Plinq user has enabled click tracking), we collect the following data from that click event:

• IP address — used to determine approximate geographic location (country, city, region). We do not use IP addresses to identify individuals.
• Device information — device type (desktop, mobile, tablet), browser name, and operating system, derived from the User-Agent header.
• Referrer URL — the page or application from which the link was clicked (e.g., "mail.google.com" if clicked from Gmail).
• Click timestamp — the date and time the link was clicked.
• Anonymous visitor identifier — a one-way cryptographic hash derived from the IP address and device information. This cannot be reversed to identify an individual. It is used only to distinguish unique visitors in aggregate analytics.

This data is collected automatically when the tracked link is clicked. The link recipient is transparently redirected to the destination URL. The redirect typically takes less than one second.

4. How We Use Your Data

We use collected data solely for the following purposes:

• Provide the service — store your links, authenticate your account, process redirects, and display analytics.
• Click analytics — show Plinq users aggregate information about who clicked their tracked links (device types, locations, timing).
• Service improvement — understand usage patterns to improve Plinq's features and performance.
• Security — detect and prevent abuse, fraud, and unauthorized access.

5. Third-Party Services

Plinq uses the following third-party services to operate. Each has its own privacy policy governing how they handle data that passes through their systems:

• Supabase (database and authentication) — supabase.com/privacy
• Vercel (web hosting and serverless functions) — vercel.com/legal/privacy-policy
• Google Favicon Service — the extension fetches website icons from Google's public favicon service using the domain name of your saved links. No personal data is sent with these requests.

6. Data Storage and Security

• Account data (email, links, click analytics) is stored in a secure PostgreSQL database hosted by Supabase with row-level security enabled.
• Link data in the browser extension is stored locally on your device using Chrome's built-in storage APIs. This data does not leave your device unless you enable click tracking on a link.
• All data transmission between the extension, our servers, and third-party services uses HTTPS encryption.
• Passwords are hashed and salted by Supabase Auth. We never store or have access to plaintext passwords.
• API authentication uses industry-standard JSON Web Tokens (JWT).

7. Data Retention

• Account data — retained as long as your account is active. If you delete your account, your data will be permanently deleted within 30 days.
• Click data — retained as long as the associated tracked link exists. When a tracked link is deleted, all associated click data is automatically and permanently deleted.
• IP addresses — stored for the purpose of geographic analytics. IP addresses may be anonymized or deleted after 90 days as part of routine data maintenance.

8. Your Rights

Depending on your location, you may have the following rights:

• Access — request a copy of the personal data we hold about you.
• Correction — request that we correct inaccurate data.
• Deletion — request that we delete your personal data. Plinq users can delete individual links and their associated click data at any time through the extension. To delete your entire account and all associated data, contact us at the email below.
• Data portability — Plinq users can export all their links as a JSON file using the built-in export feature.
• Opt out — Plinq users can choose not to enable click tracking on any link. Links without tracking enabled do not send any data to our servers.

If you are a link recipient (someone who clicked a tracked link) and wish to request deletion of click data associated with your IP address, please contact us at the email below.

9. Children's Privacy

Plinq is not intended for use by children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify Plinq users through the extension or by email. The "Last updated" date at the top of this page reflects when the policy was most recently revised.

11. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Email: hello@getplinq.com