Privacy Policy

What we store

• Encrypted content — your content is encrypted in your browser using AES-256-GCM before being uploaded. We receive and store only the ciphertext. We have no access to the decryption key and cannot read what you shared.
• Expiry metadata — when the link was created and when it expires. No content metadata.
• A usage counter — a single running total of links created, used for the stats page. No timestamps, no identifiers, just a number.

What we do not store

• Your IP address
• Your identity or email
• What you shared — we genuinely cannot read it
• Who you shared it with
• Browser fingerprints or device information
• Cookies — we use none
• Analytics or tracking scripts

How the encryption works

When you share content, your browser generates a random AES-256-GCM encryption key. Your content is encrypted locally before any network request is made. The encrypted blob is uploaded to our servers. The decryption key is placed in the URL fragment (the part after #) — URL fragments are never sent to the server by design. This means we receive encrypted data we cannot decrypt, and the key only exists in the link you share.

Data retention

Encrypted content is deleted automatically based on the expiry you set — after first view, after a set time period, or when the link is manually deleted. We do not retain content after expiry. Links set to "never expire" persist until manually deleted by the sender.

Infrastructure

LinkMeThat runs on Cloudflare Pages and Cloudflare KV (key-value storage). Cloudflare may collect standard infrastructure-level data (connection logs, error rates) as part of their service. See Cloudflare's privacy policy for details.

Legal requests

If we receive a valid legal order, we can only provide what we have: an encrypted blob and expiry metadata. We have no decryption key, no user identities, and no IP logs. We will notify affected parties to the extent permitted by law.

Contact

Questions about this policy: [email protected]