Privacy & Security

Created on 16 September, 2020 • 6,753 views • 2 minutes read

Our aim is to provide you with a no-thrills free service, with an option to make a payment to support the running of this service (if you so wish).

We make every effort to ensure the data (your name, email address, passwords, links, and pages) stored on this service is secure, however we ask users to understand that we do not have the same funding as a larger service, and therefore signing up to this website is done at your own risk, and individuals associated with Addr.Bio shall not be held to account for anything that happens to your data while you use this website.


We advise providing as with little information to us as possible, and ensuring that you use a unique password (very important).


 

The data we collect from you: (Very little, to ensure low risk)


- Your name


- Your email address


- User Agent (i.e 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36', '10')


- Your IP Address


- Your password (Hashed in the database)


- When you were last active on our website


- A number of total logins to the website (With associated IP addresses)


- Links you shorten


- Shortened Link Statistics


- Your name, email, address may be collected by Stripe (payment processor) when you make a contribution.



The above information is stored in a MySQL cluster hosted with a reputable hosting provider on a virtual machine hosted in London, United Kingdom.


In addition to above, we also store your name and email address in our Email Newsletter service account with MailChimp.


 


Where is your data transferred to?


  • Mailchimp (Newsletter Platform)


  • Zopier (Automation platform)


  • SQL Cluster based in the United Kingdom


  • Digital Ocean


  • Stripe (Payment Processor) when you make a supporter payment


  • Some telemetry data may be submitted to Google Adsense (Ad display placement)

 


We DO NOT sell your data.

It's generally said, "If it's free, you are the product" - While true in many cases, we do not do anything with your information, and actually want you to provide as a little information to us as possible. Do become a supporter those if you enjoy the service, otherwise we display adverts to try and generate some money to pay to keep the platform running.

 


To minimise risk and ensure maximum security on our site, we follow best practice guidance:


- Unnecessary ports are not exposed to the internet.


- SSH access to the server is locked down.


- We patch the underlying operating system and software stack on our web server(s) when possible


- We ensure the application running on this site is up to date when the developer releases new versions of their software (Based on AltumCode biolinks software)


- We use modern SSL cipher suites and ensure that the certificate bind to our web servers is valid.


- MFA is enforced on the account we hold with our hosting provider.


- Your interactions with addr.bio are proxied via a global web application firewall solution.


 


Concerned about your online security?


Here are some useful links:


- https://haveibeenpwned.com/


- https://breachalarm.com/


- https://www.dehashed.com/


 


Remember to use unique complex passwords, and store your passwords in a password manager such as 1Password.


 


Removing your data from our system:


Deleting your account is simple - Login and head over to the 'Settings' area, select 'Delete account' and enter your account password to proceed.


Upon deleting your account, all associated data is dropped from our 'Live' database.


Note that your account data may reside on our backup systems until older backups are purged.