Privacy Policy – 0t.link

Your Privacy is Our Priority

At 0t.link, we are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, and protect your information when you use our secure link generation platform.

Last Updated: October 4, 2025

🔒 Our Privacy-First Approach

Zero-Knowledge Architecture

  • No URL storage – We never store your sensitive URLs on our servers
  • Client-side encryption – All encryption happens on your device
  • Minimal data collection – We only collect what’s necessary for service operation
  • Transparent operations – We’re open about our data practices

Privacy by Design

  • Built-in privacy protection – Privacy is designed into every aspect of our platform
  • Data minimization – We collect only the minimum data necessary
  • Purpose limitation – Data is used only for its intended purpose
  • Storage limitation – Data is retained only as long as necessary

📊 Information We Collect

Account Information

  • Email address – For authentication and account management
  • Organization domain – For domain-based access control
  • Account preferences – For personalizing your experience

Usage Information

  • Link creation statistics – Aggregate data on secure link generation
  • Organization domains – For tracking trusted companies (anonymized)
  • Platform usage – For improving our services and security

Technical Information

  • IP addresses – For security monitoring and fraud prevention
  • Browser information – For compatibility and security purposes
  • Device information – For security and performance optimization

🛡️ How We Use Your Information

Service Provision

  • Authentication – Verify your identity and organization domain
  • Access control – Ensure only authorized users can access secure links
  • Security monitoring – Protect against unauthorized access and abuse
  • Service improvement – Enhance platform functionality and user experience

Analytics and Statistics

  • Usage analytics – Understand how our platform is used
  • Performance monitoring – Ensure optimal service delivery
  • Security analysis – Identify and prevent security threats
  • Compliance reporting – Meet regulatory and audit requirements

🔐 Data Protection Measures

Encryption

  • AES-256 encryption – Military-grade encryption for all data
  • HTTPS communication – All data transmission is encrypted
  • Client-side encryption – Sensitive data encrypted before transmission
  • Key management – Secure key generation and storage

Access Controls

  • Role-based access – Limited access based on job requirements
  • Multi-factor authentication – Enhanced security for administrative access
  • Regular audits – Ongoing review of access permissions
  • Incident response – Rapid response to security incidents

🌍 Data Sharing and Disclosure

We Do NOT Share

  • Personal URLs – Your encrypted links are never shared
  • Personal information – No personal data is sold or shared
  • Third-party access – No unauthorized access to your data
  • Marketing data – No data used for marketing purposes

Limited Sharing

  • Legal requirements – Only when required by law
  • Security purposes – To prevent fraud and abuse
  • Service providers – Only with trusted, audited partners
  • Business transfers – In case of merger or acquisition

📋 Your Rights

Access and Control

  • Data access – Right to access your personal data
  • Data correction – Right to correct inaccurate information
  • Data deletion – Right to request data deletion
  • Data portability – Right to export your data

Privacy Controls

  • Consent withdrawal – Right to withdraw consent at any time
  • Opt-out options – Control over data processing
  • Account deletion – Right to delete your account
  • Data restriction – Right to limit data processing

🏛️ Compliance and Certifications

GDPR Compliance

  • Data protection by design – Privacy built into our platform
  • Lawful basis – Clear legal basis for data processing
  • Data subject rights – Full support for individual rights
  • Data protection officer – Dedicated privacy oversight

HIPAA Readiness

  • Healthcare data protection – Meets healthcare industry standards
  • Administrative safeguards – Comprehensive security policies
  • Physical safeguards – Secure data centers and infrastructure
  • Technical safeguards – Advanced encryption and access controls

SOC 2 Certification

  • Security controls – Audited security measures
  • Availability – Reliable service delivery
  • Processing integrity – Accurate data processing
  • Confidentiality – Protection of sensitive information

🔄 Data Retention

Retention Periods

  • Account data – Retained while account is active
  • Usage statistics – Aggregated data retained for analytics
  • Security logs – Retained for security monitoring
  • Legal requirements – Retained as required by law

Data Deletion

  • Account deletion – All personal data deleted upon account closure
  • Automatic deletion – Data automatically deleted after retention period
  • Secure deletion – Data securely erased from all systems
  • Verification – Confirmation of data deletion

🌐 International Transfers

Data Location

  • Primary storage – Data stored in secure, audited data centers
  • Global CDN – Content delivery through secure networks
  • Transfer safeguards – Adequate protection for international transfers
  • Compliance – Meets international data protection standards

📞 Contact Us

For questions about this Privacy Policy or our data practices:

This Privacy Policy is effective as of October 4, 2025, and may be updated from time to time. We will notify you of any material changes to this policy.