Privacy Policy

LinkRescue ("we", "us", or "our") operates the website linkrescue.io and the LinkRescue monitoring service (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Questions about this policy should be directed to privacy@linkrescue.io.

Information you provide

• Email address — used for authentication (magic link login), email digests, and transactional notifications.
• Website domains and URLs — the sites you add to LinkRescue for monitoring.
• Payment information — processed directly by Stripe. We never store your card details.

Information we collect automatically

• Scan data — URLs, HTTP status codes, redirect chains, and link metadata discovered while crawling your sites.
• Usage data — pages visited within the dashboard, features used, and scan history.
• Log data — IP addresses, browser type, and timestamps for security and debugging purposes.

• To provide, operate, and improve the LinkRescue Service
• To authenticate your account and maintain sessions
• To send weekly digest emails and scan notifications
• To process payments and manage subscriptions via Stripe
• To detect and prevent fraud, abuse, or security incidents
• To respond to your support requests
• To comply with legal obligations

We do not sell your personal information to third parties. We do not use your data for advertising purposes.

We share data with the following trusted third parties to operate the Service:

• Supabase — our database and authentication provider. Your data is stored in Supabase's PostgreSQL infrastructure with row-level security. See Supabase Privacy Policy.
• Stripe — payment processing. Stripe handles all payment card data. See Stripe Privacy Policy.
• Resend — transactional email delivery. Your email address is shared with Resend to send you notifications.
• Vercel — hosting and edge network. See Vercel Privacy Policy.

We retain your account data for as long as your account is active. Scan results and issue history are retained for 90 days. If you close your account, we delete your personal data within 30 days, except where we are required by law to retain it longer.

We use cookies solely for session authentication (Supabase auth tokens). We do not use advertising cookies, analytics cookies, or third-party tracking pixels.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data ("right to be forgotten")
• Object to or restrict certain processing
• Data portability

To exercise any of these rights, email us at privacy@linkrescue.io. We will respond within 30 days.

We implement industry-standard security measures including TLS encryption in transit, encrypted storage, row-level security policies on all database tables, and regular security reviews. However, no system is 100% secure and we cannot guarantee absolute security.

The Service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a notice in the dashboard. The "Effective date" at the top of this page indicates when the policy was last revised.

For privacy-related questions, requests, or complaints, contact us at privacy@linkrescue.io.