Privacy Policy

**Effective Date: October 20, 2025**

**Last Updated: October 20, 2025**

At 1Link.ng (referred to as "we," "us," or "our"), we are committed to protecting your privacy and ensuring transparency in how we handle your personal information. This Privacy and Cookie Policy ("Policy") explains how we collect, use, disclose, and safeguard your data when you visit our website at https://1link.ng/ (the "Website"), use our services, tools, and features (collectively, the "Platform"), or interact with us in any way. This includes our all-in-one digital toolkit for bio link pages, URL shortening, QR code generation, static site hosting, AI-powered tools, analytics, and more.

By accessing or using the Platform, you agree to the terms of this Policy. If you do not agree, please do not use the Platform. We may update this Policy from time to time; changes will be posted here with the updated date. Your continued use of the Platform after changes constitutes acceptance of the revised Policy.

This Policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Privacy and Electronic Communications Regulations (PECR) in the UK, and the Nigeria Data Protection Regulation (NDPR). Our analytics features are specifically designed to be GDPR, CCPA, and PECR compliant.

## 1. Information We Collect

We collect information to provide, maintain, and improve the Platform, deliver personalized experiences, and comply with legal obligations. The types of information we collect fall into the following categories:

### a. Personal Information You Provide

- **Account Registration and Profile Data**: When you create an account, we collect your name, email address, username, password (which is hashed and encrypted), and any optional profile details you provide.

- **Payment Information**: If you subscribe to paid plans, we collect billing details such as credit card information, billing address, and transaction history. This is processed securely through third-party payment providers (e.g., Stripe or PayPal) and not stored on our servers.

- **Content and User-Generated Data**: Information you upload or input, such as URLs for shortening, bio link page content, QR code designs, static site files, AI generation prompts, custom domains, or project details.

- **Communications**: Any information you share when contacting us via email, live chat, or support tickets, including your queries and attachments.

- **Affiliate or Referral Data**: If you participate in our affiliate program, we collect details like referral links and earnings.

### b. Automatically Collected Information

- **Usage and Device Data**: When you interact with the Platform, we automatically collect data such as your IP address, browser type and version, device type (e.g., mobile, desktop), operating system, unique device identifiers, pages viewed, links clicked, timestamps, and navigation patterns.

- **Analytics Data**: Through our built-in analytics, we track interactions with your links, bio pages, QR codes, and static sites. This includes:

- Geographic data: Continents, countries, cities (derived from IP addresses).

- Referral sources: Referrers, UTMs, and traffic origins.

- Device and technical details: Devices, operating systems, browsers, languages.

- Engagement metrics: Clicks, pageviews, unique visitors, bounce rates, and session durations.

- **Tracking Pixels and Integrations**: If you enable integrations with third-party pixels (e.g., Facebook, Google Analytics, Google Tag Manager, LinkedIn, Pinterest, X, Quora, TikTok, Snapchat), we facilitate the collection of data by those providers, which may include user behavior and conversion tracking.

- **API Usage Data**: For developers using our API, we log requests, including endpoints accessed (e.g., links, statistics, QR codes, projects, pixels), API keys, and response data.

### c. Cookies and Similar Technologies

We use cookies, web beacons, tracking pixels, and similar technologies (collectively, "Cookies") to enhance your experience, analyze usage, and deliver targeted features. Cookies are small text files stored on your device that help us remember preferences and track interactions.

#### Types of Cookies We Use:

- **Essential Cookies**: Necessary for the Platform to function, such as maintaining your session, enabling login, and remembering your settings (e.g., language preferences). These cannot be disabled.

- **Performance and Analytics Cookies**: Help us understand how users interact with the Platform, including page load times, error rates, and usage patterns. Examples include Google Analytics cookies that track anonymized data like visitor counts and sources.

- **Functional Cookies**: Enable enhanced features, such as remembering your custom themes, bio link layouts, or AI tool preferences.

- **Targeting/Advertising Cookies**: Used in conjunction with tracking pixels to support integrations you enable. These may be set by third parties (e.g., Facebook Pixel) to track conversions, retarget ads, or measure ad performance across sites.

- **Third-Party Cookies**: From integrated services like payment processors or analytics providers. For instance:

- Google Analytics: Collects anonymized usage data.

- Social media pixels: Track interactions if you link your accounts or enable sharing.

We do not use Cookies for unsolicited advertising on our free plan, which is ad-free. You can manage Cookie preferences via your browser settings or our Cookie consent banner (if applicable). Note that disabling Cookies may limit Platform functionality.

For a list of specific Cookies, see Appendix A below.

### d. Information from Third Parties

- We may receive data from integrated services (e.g., analytics from Google) or public sources if you connect your accounts (e.g., social media logins).

- Aggregated or anonymized data from partners for benchmarking or improving features.

We do not collect sensitive personal information (e.g., racial origin, health data, or biometric data) unless you voluntarily provide it in content, and even then, it is handled with extra care.

## 2. How We Use Your Information

We use your information for the following purposes:

- **Providing Services**: To create and manage your account, process payments, generate bio links, shorten URLs, create QR codes, host static sites, run AI tools, and deliver analytics.

- **Personalization and Improvement**: To customize features (e.g., targeting links by country/device/language, A/B rotation), analyze trends, and enhance the Platform based on usage data.

- **Analytics and Insights**: To generate reports, such as weekly email summaries of clicks, locations, and devices, helping you optimize your content.

- **Security and Fraud Prevention**: To detect and prevent abuse, monitor for suspicious activity, and enforce our Terms (e.g., using IP data to block spam).

- **Communications**: To send support responses, updates, newsletters, or promotional offers (you can opt out via email preferences).

- **Compliance and Legal Obligations**: To respond to legal requests, audits, or disputes.

- **Research and Development**: Anonymized data for internal research, such as improving AI algorithms or API performance.

- **Marketing and Advertising**: With your consent, to send targeted offers or enable third-party integrations for ad tracking.

Under GDPR, our legal bases for processing include consent (e.g., for Cookies), contract performance (e.g., providing services), legitimate interests (e.g., analytics), and legal compliance.

## 3. How We Share Your Information

We do not sell your personal information. We may share data as follows:

- **Service Providers**: With trusted vendors for hosting, payments, analytics, email delivery, and support (e.g., AWS for storage, Stripe for payments). They are bound by confidentiality and data protection agreements.

- **Integrations and Pixels**: Data shared with third-party providers you enable (e.g., Facebook Pixel for conversion tracking). You control these integrations.

- **Business Transfers**: In the event of a merger, acquisition, or sale, your data may be transferred to the new entity.

- **Legal Requirements**: To comply with laws, subpoenas, court orders, or to protect rights, safety, or property.

- **Affiliates and Partners**: For referral programs or joint features, with your consent.

- **Aggregated/Anonymized Data**: Shared for research or marketing without identifying individuals.

## 4. Data Security and Retention

We implement robust security measures, including:

- Encryption of data in transit (HTTPS) and at rest.

- Regular backups and access controls (limited to authorized personnel).

- Firewalls, intrusion detection, and vulnerability scans.

- Compliance audits for GDPR, CCPA, etc.

Despite these efforts, no system is 100% secure. In case of a breach, we will notify affected users as required by law.

Data Retention:

- Account data: Retained while your account is active; deleted 30 days after closure.

- Analytics data: 3 months for free plans; longer for paid plans (up to 24 months) or as needed for reports.

- Other data: Retained as necessary for services or legal reasons; you can request deletion.

## 5. Your Rights and Choices

You have rights under applicable laws:

- **Access and Portability**: Request a copy of your data.

- **Correction**: Update inaccurate information.

- **Deletion**: Request erasure (subject to legal retention).

- **Objection/Restriction**: Opt out of processing for marketing or legitimate interests.

- **Consent Withdrawal**: For Cookies or marketing.

- **CCPA/CPRA Rights (California Residents)**: Opt out of "sales" (we don't sell data), request disclosures, and non-discrimination.

- **GDPR Rights (EU/UK Residents)**: Lodge complaints with authorities (e.g., ICO in UK).

Exercise rights by emailing privacy@1link.ng. We respond within 30 days (45 for CCPA).

For Cookies: Use browser settings (e.g., Do Not Track) or our consent tool. Opt out of Google Analytics via their browser add-on.

## 6. Children's Privacy

The Platform is not intended for children under 13 (or 16 in some jurisdictions). We do not knowingly collect data from children; if we learn of such, it will be deleted.

## 7. International Data Transfers

Data is primarily processed in Nigeria but may be transferred to countries with adequate protections (e.g., EU via Standard Contractual Clauses). We ensure equivalent safeguards.

## 8. Third-Party Links and Services

The Platform may link to third-party sites or integrate services. We are not responsible for their privacy practices; review their policies.

## 9. Contact Us

For questions or requests:

Email: privacy@1link.ng

Address: [Company Address, e.g., Lagos, Nigeria]

## Appendix A: List of Cookies

- **Session Cookie**: Essential; expires at session end; stores login state.

- **Preference Cookie**: Functional; 1 year; remembers themes and settings.

- **_ga (Google Analytics)**: Analytics; 2 years; tracks unique users.

- **_gid**: Analytics; 24 hours; tracks daily users.

- **fbp (Facebook Pixel)**: Targeting; 3 months; ad tracking (if enabled).

- Other third-party Cookies depend on integrations; see provider policies.

This Policy is part of our Terms and Conditions. For updates, check back regularly.