Privacy Policy

Last updated: 6th September 2025

This Privacy Policy explains how URLmkr (“we,” “our,” “us”) collects, uses, stores, and protects your personal information when you use our website and services (“Service”).

We respect your privacy and comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

By using the Service, you consent to this Privacy Policy.

1. Information We Collect

1.1 Information you provide directly

  • Account information: name, email address, password (encrypted).
  • User settings: preferences, Terms & Conditions acceptance.
  • Support requests: any information you submit when contacting us.

1.2 Information collected automatically

  • Technical data: IP address, browser type, device details, operating system.
  • Usage data: pages visited, links shortened, QR codes generated.
  • Log data: date, time, and status of redirect requests.

1.3 Cookies & tracking technologies

  • Essential cookies for login, session management, and site functionality.
  • Optional cookies for analytics or performance (with consent where required).

2. How We Use Your Information

We process your data to:

  1. Provide the Service (URL shortening, QR generation, dashboard access).
  2. Authenticate users and manage accounts.
  3. Prevent abuse, fraud, and misuse of the Service.
  4. Ensure compliance with our Terms & Conditions.
  5. Improve the Service, including diagnostics and performance monitoring.
  6. Communicate with you (support, service updates, important notices).
  7. Comply with legal obligations.

We will never sell your personal data.

3. Legal Basis for Processing

We process personal data under the following lawful bases (GDPR/POPIA):

  • Contractual necessity: to provide the Service you requested.
  • Legitimate interest: to maintain security, prevent misuse, improve features.
  • Legal compliance: where required by law.
  • Consent: for optional cookies, marketing, or features beyond core use.

4. Data Retention

  • Accounts: retained until you delete your account or request erasure.
  • Short links & QR codes: retained according to expiry/retirement policies.
  • Logs (IP, usage): retained for security and audit purposes, generally not exceeding 12 months unless legally required.
  • Support records: retained as long as needed to address the issue.

When data is no longer required, it will be securely deleted or anonymised.

5. Data Sharing

We may share your data with:

  • Service providers (e.g., hosting, email, analytics) under strict data processing agreements.
  • Legal authorities where required by law or court order.
  • Successors in the event of a merger, acquisition, or business transfer (with notice).

We do not sell personal data to third parties.

6. Data Storage and Security

We take appropriate technical and organisational measures to protect the information we collect and process.

  • All user authentication is handled by WordPress, which uses secure hashing and salting for passwords. Plain-text passwords are never stored.
  • All communications with our website are encrypted via HTTPS.
  • Access to personal data is restricted to authorised personnel only.
  • We maintain regular audits and backups to protect against accidental loss. Certain backups may be stored with trusted third-party providers (such as Google Drive) under secure access controls.

While these measures help reduce the risk of data loss or unauthorised access, no system is completely secure. Backups do not guarantee that data will always be preserved or recoverable. By using this service, you acknowledge and accept this limitation.

7. Your Rights

Under GDPR and POPIA, you have the right to:

  • Access your personal data.
  • Correct inaccurate information.
  • Request deletion (“right to be forgotten”).
  • Restrict or object to certain processing.
  • Request a copy of your data (data portability).
  • Withdraw consent (where processing is based on consent).

Requests can be made by contacting us using the form on the Contact Us page.

8. International Transfers

Your data may be processed and stored outside your country of residence. We ensure safeguards such as Standard Contractual Clauses (SCCs) or equivalent under GDPR for international transfers.

9. Children’s Privacy

The Service is not directed to children under 16 (or the digital age of consent in your jurisdiction). We do not knowingly collect personal data from children. If we learn a child has provided personal data, we will delete it promptly.

10. Changes to this Policy

We may update this Privacy Policy from time to time. Any material changes will be posted here with an updated “Last updated” date. Continued use of the Service after changes means you accept the revised policy.

11. Contact Us

For privacy questions or data requests, please contact:

URLmkr Privacy Team
🌐 https://urlmkr.net
📧 contact@urlmkr.net

If you are located in the EU/EEA, you may also contact your local data protection authority.

Scroll to Top