Privacy Policy

Last Updated: January 26, 2026

Link2Link ("we," "us," or "our") operates the website lil2link.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our URL shortening service, including all related features such as link analytics, QR code generation, malware scanning, password-protected links, and SMS notifications.

By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of the Service immediately.

1. Information We Collect

a. Account Information

When you register for an account, we collect your name, email address, and any credentials you use to authenticate (including passwords stored in hashed form). If you choose to enable SMS notifications, we also collect your mobile phone number.

b. Link & Usage Data

When you create shortened URLs, we collect the original destination URL, any custom alias you configure, expiration settings, and password-protection preferences. We also log metadata associated with each link you create or access.

c. Analytics & Click Data

For every click on a shortened link, we collect the visitor's IP address (anonymized where required by law), approximate geographic location, browser type and version, operating system, device type, referring URL, and timestamp. This data powers our Basic and Advanced Analytics features.

d. Security Scanning Data

Every URL submitted to the Service is scanned against multiple malware and threat-intelligence providers—including Google Safe Browsing, CheckPhish, and IPQualityScore. We retain scan results and threat scores to protect our users and improve detection accuracy.

e. Payment Information

If you purchase Pay-Per-Feature add-ons or Pro Bundle links, your payment is processed by a third-party payment processor. We do not store your full credit card number, CVV, or banking details on our servers. We may retain transaction IDs, purchase history, and billing email for record-keeping purposes.

f. Automatically Collected Technical Data

We automatically collect standard server log information such as IP addresses, browser type, operating system, access times, pages viewed, and cookies or similar tracking technologies used to maintain sessions and preferences.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To shorten URLs, generate QR codes, enforce password protection, apply expiration rules, and display analytics dashboards.
• Security & Abuse Prevention: To scan URLs for malware, enforce rate limiting (30 requests/minute), detect suspicious activity, manage IP banning, and trigger CAPTCHA challenges when necessary.
• Communications: To send you account-related emails, security alerts, and—if you opt in—SMS notifications regarding link activity, account updates, and security events.
• Improvements & Analytics: To analyze aggregate usage patterns, diagnose technical issues, and improve the Service's features and performance.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

3. Cookies and Tracking Technologies

We use cookies and similar technologies to maintain your session, remember your language preferences, and provide session-based validation for password-protected links. You can control cookie preferences through your browser settings. Disabling cookies may affect certain features of the Service such as automatic language selection and session persistence.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data in the following limited circumstances:

• Service Providers: With trusted third-party vendors who assist in operating the Service (e.g., payment processors, hosting providers, malware-scanning APIs) under strict contractual obligations to protect your data.
• Security Purposes: With threat-intelligence providers when a submitted URL is flagged as potentially malicious, to protect the broader internet ecosystem.
• Legal Requirements: When required by law, subpoena, court order, or governmental regulation, or to protect the rights, property, or safety of Link2Link, our users, or the public.
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your data may be transferred as part of that transaction, with notice provided to you.

5. Data Security

We implement industry-standard security measures to protect your personal information, including encryption of data in transit (TLS/SSL) and at rest, secure hashed password storage, regular security audits, and access controls limiting employee access to personal data on a need-to-know basis. While we strive to protect your information, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. SMS/MMS Messaging Policy

a. Consent and Opt-In

When you provide your mobile phone number and explicitly opt in to SMS notifications from Link2Link, you consent to receive text messages related to your account. These messages may include security alerts (e.g., suspicious login attempts), account updates (e.g., password changes, billing confirmations), and link activity notifications (e.g., click milestones or expiration warnings). Message frequency varies based on your account activity and notification preferences.

b. No Sharing of Phone Number Data

We do not sell, rent, lease, or share your phone number or SMS opt-in data with any third parties for their marketing or promotional purposes. Your phone number is used solely by Link2Link for delivering the notifications you have authorized.

c. Message Frequency and Charges

Message frequency varies. Standard message and data rates may apply depending on your mobile carrier and plan. Link2Link is not responsible for any messaging or data charges imposed by your wireless provider.

d. Opting Out

You may opt out of SMS notifications at any time by replying STOP to any message you receive from us, or by updating your notification preferences in your account profile settings. After opting out, you will receive one final confirmation message, and no further SMS messages will be sent unless you re-subscribe.

e. Help

For assistance with SMS notifications, reply HELP to any message or contact us through our support channels. You may also email us at the address provided in the Contact section below.

f. Phone Number Data Storage and Security

Your phone number is stored using industry-standard encryption and is retained only for as long as your account is active or as needed to provide SMS services. Upon account deletion or removal of your phone number from your profile, we will delete your phone number from our active systems within 30 days, though it may persist in encrypted backups for up to 90 days.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with the Service. Link analytics data is retained for the lifetime of the shortened link. If you delete your account, we will remove your personal information from our active systems within 30 days, though anonymized and aggregated data may be retained for analytical purposes. Expired links are subject to our graceful expiry handling process and associated analytics may be retained in anonymized form.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention obligations.
• Portability: Request your data in a structured, commonly used, machine-readable format.
• Objection: Object to the processing of your data in certain circumstances.
• Withdrawal of Consent: Withdraw consent at any time where processing is based on consent (e.g., SMS notifications), without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us using the information in the Contact section below. We will respond to your request within 30 days.

9. International Data Transfers

The Service is hosted in the United States. If you access the Service from outside the United States, please be aware that your data may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate. We take appropriate safeguards to ensure your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

10. Children's Privacy

The Service is not intended for individuals under the age of 13 (or under 16 in jurisdictions where applicable). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information promptly. If you believe a child has provided us with personal data, please contact us immediately.

11. Third-Party Links

Our Service enables users to create shortened links to third-party websites. We are not responsible for the privacy practices or content of those third-party sites. Although we scan destination URLs for known malware and threats, we encourage you to review the privacy policies of any third-party website you visit through our shortened links.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, providing additional notice (such as an email notification or an in-app banner). Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

13. Contact

For questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us through one of the following methods:

• Contact Form: Available on our website at lil2link.com — select "Support" as the message type.
• Website: https://lil2link.com

We aim to respond to all privacy-related inquiries within 30 days.