1. Who we are
Fluxly is a URL-shortening service operated at
fluxly.uk. For any questions about this policy or your data, email
privacy@fluxly.uk.
2. What we collect
- · Account data: email, name, hashed password, sign-in provider, and your chosen plan.
- · Link data: the URLs you shorten, slugs, expiration & password settings, and how often each is clicked.
- · Click telemetry: timestamps, referrers, anonymised IP, and user-agent strings of visitors who click your short links.
- · API keys: hashed (SHA-256) so we never see the plaintext.
- · Payment data: handled entirely by Stripe; we store only your plan and the Stripe customer/session IDs.
3. Why we use it
To operate the service, prevent abuse, send transactional emails (verification, magic links, password resets, billing receipts, account security notices), and improve Fluxly. We do not sell your data.
4. Cookies
We use essential cookies (access_token, refresh_token, session_token) to keep you signed in. No third-party analytics, no advertising cookies.
5. Third parties we share data with
- · Stripe · billing & subscription management.
- · Resend · transactional email delivery.
- · Better Stack · uptime monitoring.
- · Google · only if you sign in with Google OAuth.
6. Your rights (GDPR)
You can request a copy of your data, correct it, or delete your account at any time by emailing
privacy@fluxly.uk. Deletion removes your account, all your links and API keys within 30 days.
7. Data retention
We keep your data for as long as you have an active account. Click telemetry older than 12 months may be aggregated or deleted.
8. Changes
We'll update this page when the policy changes and notify active users by email for any material change.