Privacy Policy

1. Introduction

Zipdup Technologies ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our URL shortening service (the "Service") available at zipdup.link.

This Privacy Policy applies to all users of our Service and complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, password (encrypted), and display name when you create an account
• URL Information: Original URLs you submit for shortening and custom short codes you create
• API Keys: Names and metadata for API keys you generate (the keys themselves are hashed)
• Communications: Messages you send to us for support or feedback

2.2 Information Collected Automatically

• Usage Data: Click counts, creation dates, and usage patterns for your shortened URLs
• Device Information: IP address, browser type, device type, and operating system
• Access Logs: Date and time of access, referrer URLs, and user agent strings
• Analytics Data: Geographic location (country/city level), referring websites

2.3 Cookies and Similar Technologies

We use cookies and similar technologies for:

• Authentication and session management
• Security and fraud prevention
• Performance monitoring and analytics
• Remembering your preferences

3. How We Use Your Information

We use your information for the following purposes:

• Service Operations: Create and manage shortened URLs, provide analytics, and maintain your account
• Security: Detect and prevent fraud, abuse, and unauthorized access
• Communications: Send service-related notifications, security alerts, and support responses
• Improvements: Analyze usage patterns to improve our Service and develop new features
• Legal Compliance: Comply with applicable laws, regulations, and legal processes
• Business Operations: Internal analytics, quality assurance, and business intelligence

4. Data Protection & Security

4.1 Encryption

We implement industry-standard encryption to protect your personal data:

• Email addresses are encrypted using AES-256-GCM encryption
• Passwords are hashed using bcrypt with salt
• Data in transit is protected using TLS encryption
• Database connections are encrypted and secured

4.2 Access Controls

We maintain strict access controls and security measures including:

• Multi-factor authentication for administrative access
• Regular security audits and vulnerability assessments
• Comprehensive audit logging of all data access
• Rate limiting and DDoS protection

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following limited circumstances:

• Service Providers: Third-party service providers who assist with hosting, analytics, and service operations under strict confidentiality agreements
• Legal Requirements: When required by law, court order, or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
• Consent: With your explicit consent for specific purposes

5.1 Third-Party Services

We use the following third-party services:

• Hosting: Secure cloud hosting for service infrastructure
• Analytics: Anonymous usage analytics to improve our service
• Email: Transactional email delivery for account communications
• Error Tracking: Error monitoring to improve service reliability

6. Your Rights and Choices

6.1 GDPR Rights (EU Residents)

If you are in the European Union, you have the following rights:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a machine-readable format
• Restriction: Limit how we use your data
• Objection: Object to certain uses of your data
• Withdraw Consent: Withdraw consent for data processing

6.2 CCPA Rights (California Residents)

California residents have additional rights including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale (we don't sell personal information)
• Right to non-discrimination for exercising privacy rights

6.3 Exercising Your Rights

To exercise your rights or request information about your data:

• Visit your account dashboard for data export and account deletion
• Contact us at privacy@zipdup.link
• Use our GDPR data export tool (when logged in)

7. Data Retention

We retain your information for as long as necessary to:

• Provide our Service and maintain your account
• Comply with legal obligations and resolve disputes
• Maintain security and prevent fraud

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes.

8. International Data Transfers

Our Service is hosted in secure data centers. If you are accessing our Service from outside the hosting region, your information may be transferred internationally. We ensure appropriate safeguards are in place for such transfers in compliance with applicable privacy laws.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we make changes, we will update the "Last Updated" date and notify you through our Service or by email if the changes are material. Your continued use of our Service after changes become effective constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us: