Privacy Policy for SmallTrack

Last updated: May 28, 2026

Welcome to SmallTrack (available at https://smalltrack.online). Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our URL shortening service.

1. Information We Collect

When you use SmallTrack, we collect the following types of information:

• URLs you submit: The original long URL you want to shorten. This is stored in our database to enable redirection.
• IP Address: We log the IP address of every visitor who clicks a short link for security, analytics, and fraud detection.
• Browser and Device Information: User agent string, operating system, browser type, device model, screen resolution.
• Click Data: Timestamp, referrer URL, geographic location (country, city, region), ISP, network type.
• Account Information (if registered): Username, email address, hashed password, and your saved links.
• Cookies: We use cookies to maintain user sessions, remember preferences, and analyze usage patterns.

2. How We Use Your Information

We use the collected information for the following purposes:

• Provide and maintain the Service: Shorten URLs, redirect visitors, and display your link dashboard.
• Fraud Detection and Security: Identify and block bot traffic, VPNs, proxies, data center IPs, and other fraudulent clicks. This protects your links and our infrastructure.
• Analytics and Improvement: Understand how our service is used, optimize performance, and improve user experience.
• User Support: Respond to your inquiries and troubleshoot issues.
• Legal Compliance: Comply with applicable laws, regulations, and legal requests.
• Advertising (if applicable): If you use our free service, we may show advertisements. Ad networks (like Google AdSense) may use cookies to serve relevant ads.

3. Fraud Detection and Data Sharing

To detect fraudulent traffic (VPNs, proxies, bots, datacenter IPs), we may query third-party IP intelligence services (such as ip-api.com or IP2Proxy). These services receive only the IP address and return risk assessment data. We do not share your personal identity or URL data with these services.

We also use internal algorithms to analyze click patterns. Click data marked as fraudulent is used only for blocking and analytics; it is not sold or shared for advertising purposes.

4. Cookies and Tracking Technologies

We use the following cookies:

• Session Cookies: Essential for logged-in users to access their dashboard.
• Preference Cookies: Remember your settings (e.g., theme, language).
• Analytics Cookies: Help us understand how visitors interact with our site (e.g., Google Analytics).
• Advertising Cookies: If we display ads, third-party ad networks may place cookies to show relevant ads.

You can disable cookies through your browser settings. However, some features (like user login) may not work properly.

5. Data Retention

We retain your data as follows:

• Short links and click data: Retained indefinitely unless you delete your link. You can delete any link from your dashboard at any time.
• Account information: Retained until you delete your account. You can request account deletion by contacting us.
• Fraud logs: Retained for up to 12 months for security analysis.

6. Your Rights (GDPR and CCPA Compliance)

If you are located in the European Economic Area (EEA) or California, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Correct inaccurate or incomplete data.
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data.
• Right to Restrict Processing: Limit how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests (e.g., direct marketing).

To exercise any of these rights, contact us at