Privacy Policy

Last updated: September 28, 2025

1. Introduction

This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information when using uffy.cc, a privacy-focused URL shortener.

2. Information We Collect

• Discord user ID
• Discord username and display name
• Original URLs (Discord Invite links)
• Chosen shortcodes
• Creation date of each shortcode
• User credits, account creation date, and last login date

2.1. Cookies

We use a single session cookie (connect.sid) to maintain your login state after you authenticate via Discord OAuth2. This cookie:

• Is essential for the login system to function
• Expires when you close your browser (session cookie)
• Contains only a session identifier - no personal information
• Is not used for tracking, analytics, or advertising

Important: We do not use cookies to track visitors who click your shortened links. The session cookie is only used for authenticated users managing their accounts.

2.2. Database Structure Transparency

We believe in complete transparency about how your data is stored. We maintain separate databases with minimal data collection:

Redirect Database:

• Discord ID, username, and display name
• Original URL and chosen shortcode
• Status (Active/Grace Period/Expired)
• Creation and renewal timestamps (used only for countdown timers and deletion scheduling)
• Deletion reason (if applicable)

User Database:

• Discord ID and username
• Available credits (avail)
• Account creation timestamp
• Discord Webhook URL (used for Redirect Status Notifications)
• Last login timestamp (used for system maintenance to identify inactive accounts - never used for tracking or analytics)

Data Separation: These databases are kept separate by design. When you delete all your shortcodes, your data is removed from the redirect database but remains in the user database to preserve your credits and account status.

3. Temporary Data Collection for Support

When you contact us for support, we temporarily collect:

• Contact form messages and Discord usernames
• Email addresses (when voluntarily provided for responses or required for data deletion verification)
• Any follow-up correspondence related to your support request

Purpose: This data is collected solely to process your support requests, verify identity for data deletion requests, and provide assistance.

Retention: Support communications are stored temporarily and deleted within 30 days of resolution. Data deletion request emails are deleted immediately after confirmation and completion of the deletion process.

Usage: Email addresses are never used for marketing or shared with third parties. They are used only to respond to your specific request.

4. How We Use Your Data

• To create and manage redirect shortcodes
• To authenticate via Discord OAuth2
• To provide renewal and expiration reminders
• To respond to support inquiries and enforce the Terms of Service
• To process temporary support communications as described in Section 3

5. Data Retention

• Shortcodes are active for 30 days.
• They may be renewed within 7 days after expiration.
• If not renewed by day 37, the shortcode and associated data are deleted.
• Support communications are deleted within 30 days of resolution (as detailed in Section 3).
• If you delete all shortcodes from your dashboard, your Discord ID and username will be removed from the shortcode database.
• Your Discord ID and username are still retained in a separate database for user credits, account creation date, and last login.
• You may request full deletion of all your data by contacting us here.

6. Security

We take reasonable measures to secure your data. However, no system is completely secure, and we cannot guarantee absolute protection.

7. Third-Party Services

• We use Discord OAuth2 for login and authentication.
• Third-party services may process limited data on our behalf but are contractually obligated to protect your information and never use it for unrelated purposes.

8. Children

This service is not intended for children under the age of 13. We do not knowingly collect personal data from anyone under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. All changes will be reflected in the "Last updated" date at the top of this page.

10. Contact

Questions about your privacy? Please contact us here.