Privacy Policy for Linkbucket

Last updated: 2025-08-29

Linkbucket ("we", "us", or "our") is a paid service dedicated to privacy and data protection. You are our customer, not our product. We believe privacy is a fundamental human right and are committed to data minimization and transparency.

Company Information

Linkbucket AS

Org. no: 932 915 014

Address: Grubegata 6, 3031 Drammen, Norway

Norway is part of the EEA and fully subject to the GDPR.

Summary

• No advertisements.
• No sale or sharing of user data to any third party for their own marketing.
• No behavior analytics or tracking of user activities.
• Strict data minimization: we collect only what is required to operate the Service.
• We primarily use service providers located in the EU/EEA (including Norway).
• Payments are processed by Stripe Payments Europe (Ireland, EU) with EU data residency features enabled.

What account information do we collect?

We collect only what is necessary to provide and secure your account:

• Email address (required for registration, login, communication, and billing)
• Encrypted password (stored securely; we never store plaintext passwords)
• Account confirmation/reset tokens (for secure account management)
• Account status data (confirmation timestamps, failed login attempts, locked/unlocked status)
• Timestamps (creation, update, confirmation times for audit/security purposes)

We do NOT collect, track, or analyze user behavior or browsing activity for analytics or advertising purposes.

What service data do we process?

To provide bookmarking functionality, we process the links and related metadata you choose to save (for example, URL, title, notes, tags, collection, timestamps). We process this content solely to provide, maintain, secure, and improve the Service. We do not use it for advertising, profiling, or unrelated analytics.

API Keys

When you access Linkbucket via API-integrated services, you authenticate using API keys.

• Generation and storage: keys are shown once; we store only a cryptographic digest. If you lose a key, create a new one and deactivate the old one.
• Metadata: we store key identifiers, optional names, status (active/deactivated), and timestamps (created, last used).
• Control: you can deactivate keys at any time; deactivated keys cannot be reactivated.
• Legal basis: performance of a contract and our legitimate interests in security and fraud prevention.
• Sharing: API keys are never shared with third parties.

Purposes and legal bases (summary)

• Account and authentication (performance of a contract; legitimate interests for security)
• Payment processing (performance of a contract; legal obligation for accounting)
• Service operation and security (legitimate interests in running a secure, reliable service)
• Support communications (performance of a contract; consent where required)

Device information

We do not retain server logs containing user IP addresses. Ephemeral request data (such as IP address and user agent) may be visible in real-time server output but is not persisted. When you interact with Stripe-hosted payment pages or Stripe.js/Elements, Stripe may collect device and technical information for fraud prevention and to operate payment features. See Stripe's privacy links below.

Cookies and local storage

We use only essential cookies or local storage for session management and preferences. No tracking or advertising cookies are used.

Devise Session Cookie

• Stores a reference to server-side session data essential for authentication and security.
• May include session reference, CSRF token, flash messages, timestamps, and account lock status.
• Deleted when you log out or close your browser session.

Cookies and scripts used during payment

Stripe-hosted payment pages or Stripe.js/Elements may set cookies or collect device/technical information for fraud prevention and to operate payment features. See Stripe's privacy policies linked below.

Who has access to your information?

Only authorized Linkbucket personnel on a need-to-know basis. We do not sell or rent personal data. We disclose personal data only to our service providers as described below.

Access controls and audit logging:

• We enforce least-privilege, role-based access. Administrative access to production systems is time-limited and purpose-limited.
• Any staff access to customer data is logged with identity, time, and scope; logs are tamper-evident and reviewed periodically.
• These audit logs are separate from server request logs and do not include your content or user IP addresses. We do not log user behavior for analytics or advertising.

Service providers

We primarily use providers based in the EU/EEA. Some providers may process limited data in other jurisdictions as described in their policies. Key providers include:

• Hetzner (Germany): infrastructure hosting.
• Intercolo (Germany): object and encrypted backup storage.
• mySMTP.eu (Denmark): transactional email delivery (for essential emails only).
• AppSignal (Netherlands): application monitoring (technical/session data only; no personal content).
• Domeneshop (Norway): domain and email server provider.
• Stripe Payments Europe (Ireland, EU): subscription payment processing (with EU data residency features enabled). See:
  • Privacy: https://stripe.com/en-no/privacy
  • Service providers: https://stripe.com/en-no/legal/service-providers
  • Privacy Center: https://stripe.com/en-no/legal/privacy-center

Except for Stripe as described above, we do not intentionally process or store personal data outside the EU/EEA through our providers.

Disclosures

• Legal and safety: we may disclose information if required by law, regulation, or legal process; in response to requests by government authorities; or when disclosure is necessary to protect rights, safety, or property.
• Business transfers: in connection with a merger, acquisition, or sale of assets, we may transfer information as part of the transaction, subject to safeguards and continued protection.
• With your direction: we disclose information when you ask us to (for example, when you share collections or use integrations).

Data export, deletion, and retention

• You can request a copy of your data and request deletion at any time by contacting privacy@linkbucket.app.
• We retain your account and email data only as long as necessary to provide the Service or meet legal requirements.
• Upon deletion, your data is removed from live systems promptly and falls out of encrypted backups within 30 days.
• For deactivated API keys, we retain limited technical records for up to 12 months for security, abuse prevention, and auditing, after which they are deleted.

International data transfers

We host and process personal data primarily within the EU/EEA and Norway. Where personal data is transferred outside the EEA/UK (for example, certain processing by Stripe), we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and, where applicable, the UK IDTA/Addendum. We minimize data shared and apply additional measures where necessary. Request details at privacy@linkbucket.app.

Your GDPR/EEA/UK privacy rights

Depending on your location, you may have the right to request access, rectification, erasure, restriction, and portability of your personal data, and to object to certain processing. You may also withdraw consent where processing is based on consent.

To exercise your rights, contact privacy@linkbucket.app. We will respond within one month (extendable per law). You may lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) or your local supervisory authority. Datatilsynet: https://www.datatilsynet.no/.

Communications

We send only essential service-related communications (for example, account confirmations and password resets). We do not send marketing emails. If we introduce optional marketing communications in the future, you will be able to opt in and unsubscribe at any time.

Do Not Track

Some browsers include a "Do Not Track" (DNT) setting. Because we do not track users for analytics or advertising, our Service operates the same regardless of DNT signals.

Data Processing Addendum (DPA) and subprocessors

For business customers that are controllers of end-user personal data, we offer a Data Processing Addendum incorporating the Standard Contractual Clauses. Contact privacy@linkbucket.app for a copy.

We maintain a list of subprocessors and will provide reasonable advance notice of changes. You may subscribe to updates by contacting us.

Browser Extensions Privacy

This section applies to all Linkbucket browser extensions and add-ons. For Chrome-specific details, see our Chrome Extension Privacy page.

• Extensions access only the minimum data necessary to perform their core functionality. When you choose to save a link, an extension may read the current tab's URL and send it, with your credentials, to save to your account.
• Extensions do not collect or transmit browsing history, page content, or personal data beyond what is necessary to authenticate and save the link you explicitly choose to submit.
• Permissions requested are limited to those required for functionality and are listed in each store listing.

Data security

We use industry-standard measures to protect data, including encryption, access controls, and secure infrastructure. Our team has experience handling sensitive personal data.

Changes to this policy

We may update this policy. For material changes, we will notify you via email and/or a prominent notice.

Contact

For privacy questions or requests, contact:

privacy@linkbucket.app