Privacy Policy

1. Introduction

At Initly, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our services.

2. Information We Collect

We collect several types of information from and about users of our services, including:

  • Account Information: When you create an account, we collect your email address and other registration information.
  • Usage Data: We collect data about how you interact with our services, including the links you create and manage.
  • Device Information: When users visit links created through our service, we collect and store information about the device type (iOS, Android, or web) used to access the link. This information is used to redirect users to the appropriate destination and to provide analytics to link creators.
  • Location Information: We automatically collect approximate location data derived from IP addresses, including country, city, and region. We do not collect precise geolocation coordinates (latitude/longitude). This information is used to provide our services and generate analytics for link creators.

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • Providing and maintaining our services
  • Processing link redirections based on device type
  • Generating analytics and statistics for link creators
  • Improving our services and developing new features
  • Communicating with you about our services

4. Device and Location Tracking for Link Redirects

Our core service functionality involves detecting the device type (iOS, Android, or web) and approximate location of users who click on links created through our platform. This information is essential to:

  • Direct users to the appropriate platform-specific destination URL
  • Provide link creators with analytics on which devices and regions are accessing their links
  • Generate aggregated statistics on device usage patterns and geographic distribution
  • Improve service quality and detect fraudulent activity

Each time a user clicks a link created with our service, we record the device type, approximate location (country, city, region), and a timestamp. This data is stored in our database and associated with the specific link that was accessed.

IP-Based Location Tracking: We derive location information from IP addresses provided by our hosting infrastructure (Vercel). We collect only approximate location data at the country, city, and region level. We do not collect or store precise geolocation coordinates (latitude/longitude) to minimize privacy impact. IP addresses themselves are not stored in our database.

Legal Basis: We process this location data based on our legitimate interest in providing and improving our link redirection services, generating analytics for our users, and ensuring service security. We have conducted a balancing test and determined that this processing does not override your privacy rights, especially given our data minimization approach.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share aggregated or de-identified information with third parties for business or research purposes. We may also share information:

  • With your consent
  • To comply with legal obligations
  • To protect our rights and safety or the rights and safety of others
  • With service providers who help us operate our business

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Link analytics data, including device and location information, is retained to provide ongoing analytics to link creators. You may request deletion of your data at any time by contacting us.

7. Your Rights

Depending on your location, you may have certain rights regarding your personal information, including:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Object: Object to processing of your personal data based on legitimate interests
  • Right to Data Portability: Request transfer of your data to another service

To exercise these rights, please contact us using the information provided at the end of this policy. We will respond to your request within 30 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at hi@luthi-mar.co.

Last updated: January 4, 2026