Privacy Policy

Your data, under your control.

Overview

Link Crypt is built to be a modern Pocket replacement with a focus on privacy. We collect only what we need to operate the service and never sell your data.

Data we collect

  • Account: your email address to authenticate via Supabase Auth.
  • Content: the links you save, their metadata (title, description, images, author, reading time), and your tags. Tags are scoped to your account.
  • Page metadata: when using our Chrome extension, we extract metadata from web pages you choose to save (Open Graph tags, meta descriptions, page titles). This data is only collected when you explicitly save a link.
  • Usage analytics: anonymous usage data through Google Analytics to improve the product. You can block analytics with browser settings or extensions.

How we use your data

  • To provide and maintain the service (store links, tags, preferences).
  • To secure your account and prevent abuse.
  • To understand aggregate usage and improve features.

Chrome Extension

Our Chrome extension:

  • Authentication: Shares your session with the web app by reading authentication tokens from Link Crypt pages (getlinkcrypt.com). No credentials are stored in the extension itself.
  • Page access: Only accesses the current page when you explicitly save a link. We do not track your browsing history or access pages in the background.
  • Permissions: The extension requests minimal permissions: active tab access (to save current page), storage (for authentication tokens), and scripting (to extract page metadata).
  • Data storage: Authentication tokens are stored locally in Chrome's secure storage. All saved links are stored in our Supabase database, not in the extension.

Cookies

We use cookies/local storage for session authentication and preferences (including theme). Google Analytics may set its own cookies. You can disable analytics cookies in your browser.

Data retention

We retain your content while your account is active. You can request deletion of your account and data at any time.

Security

We use Supabase (Postgres with Row-Level Security) to isolate your data by user. While no service is perfectly secure, we continuously improve our security posture.

Third-party services

  • Supabase: We use Supabase for authentication and data storage. Supabase is SOC 2 Type II compliant and provides enterprise-grade security. Data is stored in secure PostgreSQL databases with Row-Level Security (RLS) policies ensuring users can only access their own data.
  • Google Analytics: We use Google Analytics for anonymous usage tracking. You can opt-out using browser settings or extensions.

Your rights

  • Access and export your data.
  • Request correction or deletion.
  • Withdraw consent for analytics.
  • Uninstall the Chrome extension at any time (this will remove stored authentication tokens from your browser).

Contact

For privacy questions or data requests, contact us at [email protected].