LinkManagerLinkManager

Privacy Policy

Last Updated: May 2026

Overview

LinkManager ("we", "our", or "us") is a link management service that includes a web application and browser extension. This privacy policy explains how we collect, use, and protect your information when you use our service.

Information We Collect

1. Account Information

  • Email Address: Used for account creation, authentication, and important service communications
  • Password: Handled through our authentication provider's standards (we cannot read your plaintext password)
  • User ID: A unique identifier generated automatically when you create an account

2. Link Data

  • URLs: The web addresses you save to your LinkManager account
  • Link Names: Custom short names you assign to your saved links
  • Creation Timestamps: When each link was added to your account
  • Folder Organization: How you organize your links into folders (Standard tier only)

3. Browser Extension Data

When you use our Chrome extension, in addition to the account and link data described above:

  • Local session artifacts: Authentication material (tokens or equivalent session hints) stored using the browser's extension storage APIs on your device so you stay signed in and can fetch synced links securely.
  • Operational network calls: The extension connects to LinkManager-associated backend hosts (such as Supabase for auth and APIs, and realtime subscriptions where enabled) strictly to authenticate you and sync your saved links—not to build a chronological log of every page you browse.
  • Presence on webpages: A content script runs on sites covered by our published match patterns so the insertion shortcut works in editable fields; that requires the browser injecting our UI-related code bundle on those pages. Invoking features may read or modify only the editable area you actively use together with locally displayed link data from your account.
  • Browsing history: LinkManager does not offer a browsing-history synchronization product under this policy: we do not collect or monetize logs of unrelated pages you browse for behavioral advertising purposes.

4. Payment Information

For Standard tier subscribers:

  • Stripe Customer ID: Links your account to our payment processor
  • Subscription Status: Whether your subscription is active, canceled, etc.
  • Billing Dates: Subscription renewal and cancellation dates

Note: Full payment card numbers are handled by Stripe; LinkManager retains billing identifiers and subscription status metadata needed to administer your plan.

5. Analytics Data (website and web app)

We use Google Analytics on our public website and authenticated web application to improve the service:

  • Usage Events: Sign-ups, logins, link creation, feature usage
  • Performance Data: How users interact with our application
  • Anonymous Statistics: Aggregated data where appropriate

The Chrome extension bundle does not embed Google Analytics; telemetry here refers to flows when you visit or use LinkManager's website and SaaS dashboards in a normal browser tab.

How We Use Your Information

Primary Purposes

  • Service Delivery: Store and organize your saved links
  • Authentication: Verify your identity and maintain secure access
  • Account Management: Manage your subscription and account settings
  • Customer Support: Respond to your questions and technical issues

Secondary Purposes

  • Service Improvement: Analyze usage patterns to enhance our features
  • Security: Detect and prevent unauthorized access or abuse
  • Legal Compliance: Meet regulatory requirements and legal obligations

Data Storage and Security

Storage Infrastructure

  • Database: Supabase (PostgreSQL) with enterprise-grade security
  • Location: Data is stored in secure cloud infrastructure
  • Encryption: All data is encrypted in transit and at rest

Access Controls

  • Row Level Security (RLS): You can only access your own data
  • User Isolation: Complete data separation between user accounts
  • Secure Authentication: Industry-standard OAuth and session management

Browser Extension Security

  • Local credentials: Session material stays on-device under Chrome's extension storage model unless you sign out or remove the extension
  • Backend alignment: Network traffic goes to our configured infrastructure (including Supabase) for auth, data sync, and subscriptions—matching the disclosures in Third Parties below
  • Least privilege: Declared Manifest V3 permissions correspond to insertion UX, syncing, and OAuth support only

Data Sharing and Third Parties

We Share Data With:

1. Supabase - Our database and authentication provider

  • Purpose: Data storage and user authentication
  • Data: All account and link information
  • Location: Cloud infrastructure with enterprise security

2. Stripe - Payment processing for Standard tier subscriptions

  • Purpose: Handle subscription payments and billing
  • Data: Email address and billing data processed by Stripe (full card numbers stay with Stripe)
  • Security: PCI DSS compliant payment processing

3. Google Analytics - Website and web app analytics only

  • Purpose: Understand user behavior on our website and SPA dashboard
  • Data: Pseudonymous identifiers and usage events as configured in Google Analytics
  • Controls: You can restrict cookies or use browser settings and Google's documented opt-out mechanisms where offered

4. Google (OAuth identity) - Social sign-in

  • Purpose: Optional "Sign in with Google" flows mediated through Supabase
  • Data: Subject to Google's Privacy Policy and your Google account controls

We DO NOT:

  • Sell your personal data to third parties
  • Share your links or personal data with advertisers
  • Use your data for marketing purposes without consent
  • Share data with other users (your links are private)

Your Data Rights

Access and Control

  • View Your Data: Access all your saved links through the dashboard
  • Edit Information: Update your links, folders, and account settings
  • Export Data: Request a copy of your data in a portable format
  • Delete Account: Permanently remove your account and all associated data

Account Deletion

When you delete your account:

  • All your links and folders are permanently deleted
  • Your subscription is canceled immediately
  • Personal data is removed from our active systems within 30 days
  • Some data may be retained for legal compliance or security purposes

Cookie Policy

The practices below apply when you use LinkManager's website and web application in a normal browser tab. The Chrome extension uses extension storage and network calls as described in "Browser Extension Data" rather than traditional first-party website cookies.

Essential Cookies

  • Authentication: Keep you logged in to your account
  • Session Management: Maintain your login state across pages
  • Security: Prevent unauthorized access and protect against attacks

Analytics Cookies

  • Google Analytics: Track usage patterns and improve our service
  • Performance Monitoring: Identify and fix technical issues

You can control cookie settings through your browser preferences.

International Data Transfers

Your data may be processed and stored in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable privacy laws.

Legal Basis for Processing (GDPR)

For users in the European Economic Area, our legal basis for processing your data includes:

  • Contract Performance: To provide the LinkManager service you've signed up for
  • Legitimate Interests: To improve our service and ensure security
  • Consent: For analytics and non-essential features (where applicable)
  • Legal Obligations: To comply with applicable laws and regulations

Regulatory complaints

If you are in the EEA/UK, you may lodge a complaint with your local data protection authority. For Poland, this is typically the President of the Personal Data Protection Office (UODO).

Data Retention

We retain your data only as long as necessary:

  • Account Data: While your account is active, plus 30 days after deletion
  • Analytics Data: Up to 26 months in aggregate, anonymized form
  • Legal Requirements: Some data may be retained longer for legal compliance

Contact & data controller

The operator of LinkManager acts as the data controller for personal data described in this policy (with processors such as Supabase and Stripe supporting specific functions).

For privacy requests, data subject rights, or security questions, reach us through our public feedback channel: linkmanager.featurebase.app. Please include enough detail for us to verify and respond within applicable timelines.

Children's Privacy

LinkManager is not directed at individuals who cannot lawfully consent to data processing on their own behalf in their jurisdiction. We do not knowingly collect personal information from children. If you believe we have collected such data in error, reach us via the Contact & data controller channel above and we will take appropriate steps.

Subprocessors (summary)

Representative categories:

  • Supabase — hosted database, authentication, realtime channels
  • Stripe — payments and billing compliance
  • Google Analytics — website / web app analytics (not embedded in the extension bundle)
  • Google (OAuth) — optional federated login when selected by you

Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated through email or service notifications. Your continued use after changes constitutes acceptance of the updated policy.