Privacy Policy for Linkbucket

Last updated: 2026-06-05

Linkbucket ("we", "us", or "our") is a paid service dedicated to privacy and data protection. You are our customer, not our product. We believe privacy is a fundamental human right and are committed to data minimization and transparency.

Summary

No advertisements.
No sale or sharing of user data to any third party for their own marketing.
No behavior analytics or tracking of user activities.
Strict data minimization: we collect only what is required to operate the Service.
We primarily use service providers located in the EU/EEA (including Norway).
Payments are processed by Stripe Payments Europe (Ireland, EU) with EU data residency features enabled.

What account information do we collect?

We collect only what is necessary to provide and secure your account:

Name (required for registration; stored as a profile field)
Email address (required for registration, login, communication, and billing)
Login credentials: Linkbucket is passwordless. You sign in with a one-time magic link sent to your email (a short-lived, single-use code) and, optionally, a passkey (WebAuthn). For passkeys we store only the public key and a credential identifier — never a secret capable of signing in on your behalf. We never set or store passwords.
Session records: when you sign in we create a session and store its IP address, user-agent (browser/device) string, and last-active time to help secure your account and let you review and sign out your active sessions.
Account status data (email-verification timestamp)
Timestamps (creation, update, and verification times for audit/security purposes)

We do NOT collect, track, or analyze user behavior or browsing activity for analytics or advertising purposes.

What service data do we process?

To provide the Service — saving, organizing, searching, and archiving your links — we process the links you save and the content of the pages behind them:

Your link records: the URL, an optional custom title you give it, tags, folder placement, and timestamps. This is how you organize your own library.
Page metadata and content: when you save a link we fetch the page and store information about it — its title, description, preview image(s), detected language, and the page's text content — so we can display, organize, and search it.
Web archives: at your direction, we make and store a personal backup copy of the page for your own reference, so your link survives even if the original changes or goes offline. These copies are held in our EU-based object storage (see Service providers).
Search index: the link and page content above are indexed in our self-hosted search system so you can search the full text of your saved pages. This index is never shared with third parties.

We process this content solely to provide, maintain, secure, and improve the Service, on the basis of our contract with you and our legitimate interests in operating it. We do not use it for advertising, profiling, or unrelated analytics.

API Keys

When you access Linkbucket via API-integrated services, you authenticate using API keys.

Generation and storage: keys are shown once; we store only a cryptographic digest. If you lose a key, create a new one and deactivate the old one.
Metadata: we store key identifiers, optional names, status (active/deactivated), and timestamps (created, last used).
Control: you can deactivate keys at any time; deactivated keys cannot be reactivated.
Legal basis: performance of a contract and our legitimate interests in security and fraud prevention.
Sharing: API keys are never shared with third parties.

Purposes and legal bases (summary)

Account and authentication (performance of a contract; legitimate interests for security)
Payment processing (performance of a contract; legal obligation for accounting)
Service operation and security (legitimate interests in running a secure, reliable service)
Support communications (performance of a contract; consent where required)

Device information

We do not retain server access logs containing user IP addresses, and our error-monitoring events are scrubbed of IP addresses and URLs before storage. We do, however, store the IP address and user-agent string associated with each login session (see "What account information do we collect?" above) to help secure your account; these are kept with the session and removed when the session ends (including when you sign it out yourself) or your account is deleted. When you interact with Stripe-hosted payment pages or Stripe.js/Elements, Stripe may collect device and technical information for fraud prevention and to operate payment features. See Stripe's privacy links below.

Cookies and local storage

We use only essential cookies or local storage for session management and preferences. No tracking or advertising cookies are used.

Linkbucket Session Cookie

Stores a reference to a server-side session record that is essential for authentication and security.
May include the session reference, a CSRF token, flash messages, and timestamps.
Deleted when you sign out or when the session expires.

Cookies and scripts used during payment

Stripe-hosted payment pages or Stripe.js/Elements may set cookies or collect device/technical information for fraud prevention and to operate payment features. See Stripe's privacy policies linked below.

Who has access to your information?

Only authorized Linkbucket personnel on a need-to-know basis. We do not sell or rent personal data. We disclose personal data only to our service providers as described below.

Access controls and audit logging:

We enforce least-privilege, role-based access. Administrative access to production systems is time-limited and purpose-limited.
Any staff access to customer data is logged with identity, time, and scope; logs are tamper-evident and reviewed periodically.
These audit logs are separate from server request logs and do not include your content or user IP addresses. We do not log user behavior for analytics or advertising.

Service providers

We primarily use providers based in the EU/EEA. Some providers may process limited data in other jurisdictions as described in their policies. Key providers include:

Hetzner (Germany): infrastructure hosting.
Intercolo (Germany): object and encrypted backup storage.
Bunny (Slovenia, EU): content delivery network for serving link preview images.
Lettermint B.V. (Netherlands): transactional email delivery (for essential emails only).
Migadu-Mail GmbH (Switzerland): Email server provider.
Stripe Payments Europe (Ireland, EU): subscription payment processing (with EU data residency features enabled).

Disclosures

Legal and safety: we may disclose information if required by law, regulation, or legal process; in response to requests by government authorities; or when disclosure is necessary to protect rights, safety, or property.
Business transfers: in connection with a merger, acquisition, or sale of assets, we may transfer information as part of the transaction, subject to safeguards and continued protection.
With your direction: we disclose information when you ask us to (for example, when you share collections or use integrations).

Data export, deletion, and retention

You can request a copy of your data and request deletion at any time by contacting privacy@linkbucket.app.
We retain your account and email data only as long as necessary to provide the Service or meet legal requirements.
Upon deletion, your data is removed from live systems promptly and falls out of encrypted backups within 30 days.
For deactivated API keys, we retain limited technical records for up to 12 months for security, abuse prevention, and auditing, after which they are deleted.

International data transfers

We host and process personal data primarily within the EU/EEA and Norway. Where personal data is transferred outside the EEA/UK (for example, certain processing by Stripe), we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and, where applicable, the UK IDTA/Addendum. We minimize data shared and apply additional measures where necessary. Request details at privacy@linkbucket.app.

Your GDPR/EEA/UK privacy rights

Depending on your location, you may have the right to request access, rectification, erasure, restriction, and portability of your personal data, and to object to certain processing. You may also withdraw consent where processing is based on consent. You also have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal or similarly significant effects; we do not carry out such processing.

To exercise your rights, contact privacy@linkbucket.app. We will respond within one month (extendable per law). You may lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) or your local supervisory authority. Datatilsynet: https://www.datatilsynet.no/.

Communications

We send only essential service-related communications (for example, sign-in links, security alerts such as a new sign-in to your account, and account or email-change confirmations). We do not send marketing emails. If we introduce optional marketing communications in the future, you will be able to opt in and unsubscribe at any time.

Do Not Track

Some browsers include a "Do Not Track" (DNT) setting. Because we do not track users for analytics or advertising, our Service operates the same regardless of DNT signals.

Data Processing Addendum (DPA) and subprocessors

For business customers that are controllers of end-user personal data, we offer a Data Processing Addendum incorporating the Standard Contractual Clauses. Contact privacy@linkbucket.app for a copy.

We maintain a list of subprocessors and will provide reasonable advance notice of changes. You may subscribe to updates by contacting us.

Browser Extensions Privacy

This section applies to all Linkbucket browser extensions and add-ons. For Chrome-specific details, see our Chrome Extension Privacy page. For Firefox-specific details, see our Firefox Extension Privacy page.

Extensions access only the minimum data necessary to perform their core functionality. When you choose to save a link, an extension may read the current tab's URL and send it, with your credentials, to save to your account.
Extensions do not collect or transmit browsing history, page content, or personal data beyond what is necessary to authenticate and save the link you explicitly choose to submit.
Permissions requested are limited to those required for functionality and are listed in each store listing.

Data security

We use industry-standard measures to protect data, including encryption, access controls, and secure infrastructure. Our team has experience handling sensitive personal data.

Personal data breaches

We have procedures in place to detect, investigate, and respond to suspected personal data breaches. Where a breach is likely to result in a risk to your rights and freedoms, we will notify the Norwegian Data Protection Authority (Datatilsynet) without undue delay and within 72 hours of becoming aware of it. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

Age requirement

The Service is not directed to children. You must be at least 18 years old to use Linkbucket and to provide personal data to us. We do not knowingly collect personal data from people under 18. If you believe we have collected personal data from someone under 18, contact privacy@linkbucket.app and we will delete it.

Changes to this policy

We may update this policy. For material changes, we will notify you via email and/or a prominent notice.

Contact

For privacy questions or requests, contact:

privacy@linkbucket.app

Linkbucket AS
Grubegata 6
3031 Drammen
Norway