Last updated April 29, 2025
At scrt.link, we take your privacy seriously and handle all personally identifiable information with care, in accordance with the General Data Protection Regulation (GDPR).
This document outlines how we collect, use, and manage personal data. For more details, please refer to our Terms of Service and Privacy Policy.
Personal Data We Collect
We collect and store the following personal information when you sign up for or use scrt.link:
- Email address
- Name (optional)
We do not store IP addresses. For security and abuse prevention (e.g. rate limiting), IP addresses may be processed transiently and appear in our hosting provider's server logs, where they are retained only briefly before being discarded.
Data Storage
Your personal data is securely stored in our production database hosted on infrastructure managed by Vercel and Neon Inc. (Postgres). All services we use are GDPR-compliant or operate under standard contractual clauses that comply with EU law.
Data Shared with Third Parties
We share necessary data with the following GDPR-compliant providers to deliver and maintain our service:
Stripe
Used for processing payments. Card data is never stored on our systems.
Data shared:
- Email address
- Name (optional — only if provided)
- Organization (optional — only if provided)
Brevo
Used for transactional and authentication emails, and to manage our marketing contact list. Brevo is an EU-based provider and stores data within the European Union.
Data shared:
- Email address
- Name (if available)
Used for authentication only if you choose to sign in with Google as your identity provider. In that case, Google provides us with your email address and name to create or access your account, and processes the sign-in on their systems. If you sign up with an email and password instead, no data is exchanged with Google.
Data involved:
- Email address
- Name
Legal Basis for Processing
We process your data under the following legal bases:
- To fulfill our contractual obligations to you
- To provide services you request prior to entering into a contract
- To comply with legal obligations (e.g., invoicing under EU/Swiss law)
- Based on your consent (e.g., for optional newsletters or meeting bookings)
Use and Flow of Data
We use your data to:
- Allow you to authenticate and access your account
- Provide secure and private file sharing
- Monitor system usage and detect errors
- Issue invoices and process payments
- Send critical notifications related to your account or activity
- Improve the usability and performance of scrt.link
Data Retention
We store your data only for as long as your account is active.
When you delete your account, your personal data is erased from our active systems immediately. Any residual copies in encrypted backups are purged within 30 days. We retain limited records (e.g., invoices) only where legal obligations require it.
Your Rights Under GDPR
You have the right to:
- Request a copy of your personal data
- Request correction or updates to your personal data
- Request deletion of your data
- Object to or restrict the processing of your data
To exercise any of these rights, please email us at: support@scrt.link