Contents
01 Who We Are
posts.link ("we", "us", "our") operates the posts.link service β a professional link page and email signature platform. This Privacy Policy describes how we collect, use, and protect your personal information when you use our service.
If you have any questions about this policy, contact us at privacy@posts.link.
02 What Data We Collect
| Data type | What it is | Why we collect it |
|---|---|---|
| Email address | Your email, provided at sign-up | Authentication, account management, trial and billing notifications |
| Profile information | Name, bio, job title, company, social profile URLs | To build and display your public profile page |
| Profile photo | Optional photo you upload | Displayed on your public profile |
| Usage data | Pages visited, features used, time spent | To improve the product and fix bugs |
| Analytics data | Visitor IP (anonymised), city-level location, referrer, device type | To power your Pulse analytics dashboard |
| Payment data | Processed entirely by Stripe β we never see your card number | Subscription billing |
We do not collect sensitive personal data such as financial records beyond payment tokens, health information, or government identification numbers.
03 How We Use Your Data
We use your data to:
- Create and maintain your posts.link account and profile.
- Send magic link authentication emails.
- Send service communications: trial reminders, billing receipts, important updates.
- Display analytics in your dashboard (views, clicks, locations).
- Improve the Service through aggregate analysis of usage patterns.
- Comply with legal obligations.
We do not use your data for advertising, marketing profiling, or sale to third parties.
04 Data Sharing
We share your personal data only in the following limited circumstances:
- Stripe: Payment processing. Stripe is PCI-DSS compliant. See Stripe's Privacy Policy.
- Cloudflare: Bot protection and CDN services. See Cloudflare's Privacy Policy.
- Legal requirements: We may disclose data if required to do so by law, court order, or to protect the rights and safety of posts.link or its users.
We do not sell, rent, or trade your personal information to third parties.
05 Cookies & Tracking
posts.link uses a small number of essential cookies required for the service to function:
- Session cookie: Keeps you logged in during your session. Expires when you close your browser or log out.
- Authentication token: Remembers your login on trusted devices. Expires after 30 days.
- Cloudflare Turnstile: Bot verification. A minimal, privacy-preserving token β no tracking cookie.
We do not use advertising cookies, tracking pixels, or third-party analytics scripts (such as Google Analytics). Our analytics are built and hosted entirely within posts.link.
06 Analytics We Collect on Your Behalf
When someone visits your posts.link profile, we record:
- The date and time of the visit.
- The approximate city-level location derived from their IP address (we do not store raw IP addresses longer than necessary to derive location).
- Which link or platform they clicked.
- The referring source (e.g., "from email" or "from LinkedIn").
- Device type (mobile or desktop).
This data is displayed in your Pulse analytics dashboard and used for no other purpose. Visitor data is aggregated and not individually identifiable in your dashboard.
07 Data Retention
We retain your personal data for as long as your account is active. When you delete your account:
- Your public profile is taken offline immediately.
- Your username is held for 48 hours before release.
- Your personal data (profile, email, analytics) is permanently deleted within 30 days.
- Payment records are retained for 7 years as required by financial regulations.
If your trial expires and you do not subscribe, we retain your data for 14 days before deletion.
08 Your Rights
Depending on your jurisdiction (including under GDPR for EEA residents and UK GDPR for UK residents), you may have the following rights:
To exercise any of these rights, email privacy@posts.link. We will respond within 30 days. You also have the right to lodge a complaint with the relevant supervisory authority (the ICO in the UK, or your local EU data protection authority).
09 Security
We take security seriously and implement appropriate technical and organisational measures to protect your data, including:
- All data transmitted over HTTPS/TLS.
- Passwords are never stored β we use magic link authentication only.
- Payment data handled entirely by Stripe (PCI-DSS Level 1).
- Regular security reviews of our infrastructure.
No system is completely secure. If you discover a security vulnerability, please contact us responsibly at security@posts.link.
10 Children's Privacy
posts.link is not directed at children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
11 Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email at least 14 days before they take effect. The updated date at the top of this page reflects when the policy was last revised.
12 Contact & Data Controller
posts.link is the data controller for personal data processed under this policy.
- Privacy enquiries: privacy@posts.link
- Security: security@posts.link
- Legal: legal@posts.link
- General contact: posts.link/contact
Questions about your privacy? We're happy to help.
Contact us