This page covers the terms of using Linked.Codes, what data the platform collects, and how those rules stay current as the platform changes. It's deliberately short. If a section becomes more complicated than necessary, we've gotten something wrong.
Terms of use#
Who runs this. Linked.Codes is operated by an individual sole-proprietor based in Bali, Indonesia. There is no company entity, no investors, no third-party operations team. Every line of code on this platform is written or directly reviewed by the operator.
What you get. A free account gives you a working dashboard at <your-handle>.linked.codes where you can create short links, design QR codes, track clicks, and connect a custom domain you own. A one-time Lifetime licence unlocks the full whitelabel platform you can resell to your own customers — your domain, your branding, your prices, your Stripe account. Hosting plans on top cover the platform's running costs scaled to your monthly event volume; cancel any time. The current pricing is on the pricing page and changes from time to time; the price you paid for a paid plan or licence is honoured for the period you paid for.
What you do with it. Use it to run your own short-link / QR business, or for your own brand's links and codes. Standard expectations apply: don't break the law with it, don't host phishing or malware, don't impersonate brands or people you have no relationship with, don't try to break the platform or scrape it at industrial volumes. Accounts caught doing this are suspended without warning — the operator is solely responsible for the platform's reputation with its registrar, hosting provider, and Stripe, and won't risk that for any single tenant.
What we can do. Add features, change features, remove features. The changelog is the canonical record of what's shipped. Suspend or remove an account that's abusing the platform. Decline a signup that looks fake. Update these terms — when we do, the version number on this page changes and signed-in users see a single-line notice in the dashboard the next time they open it.
Liability. As a small product run by one person, the platform is provided "as is" with no warranty. The operator's maximum liability for any claim related to use of this site is capped at the amount you've paid in the last twelve months. If you've paid for a Lifetime licence or hosting plan, that cap is the actual amount you paid. If you haven't paid anything, the cap is zero. The platform isn't liable for indirect or consequential losses (lost campaign revenue, missed deadlines, third-party service outages, etc.) — keep your own records of anything mission-critical.
Refunds. Lifetime licences are refundable within 14 days of purchase, no questions asked. Hosting plans are billed in advance per month; cancel any time and the unused portion of the current month is forfeit (we don't pro-rate). If the platform is unavailable for an extended period (>72h continuous outage on our hosted edge), the affected month's hosting fee is credited or refunded on request.
Jurisdiction. Disputes are governed by the laws of Indonesia, where the operator resides. If a dispute can't be resolved directly, it goes to the courts of jurisdiction at the operator's residence. Practically: send a polite email first; almost everything resolves there.
How to reach us. The contact email is hello@linked.codes. The operator reads every email. There is no support ticketing system; small platform.
Tenants and sub-users#
When you run your own platform on Linked.Codes:
- You own the relationship with your customers. They sign up on your domain, see your branding, pay your prices in your Stripe account. Linked.Codes is the underlying infrastructure, not their counterparty. Your terms with your customers are your responsibility — these terms cover the relationship between you (the platform owner) and us (Linked.Codes).
- Their data lives on the same database we run for everyone, scoped to your account. Each business account is isolated by
agency_id. Sub-users can only see what their parent business has granted them. - If you delete your platform, all your customers' data goes with it. There's no "transfer to a different operator" mechanism — if you're winding down, export what you need first (every list view has a CSV / JSON export linked from the toolbar, or contact us if you need a full DB dump for a specific business).
- We can't disclose your customers' data to third parties — including law enforcement — without due legal process directed at us. Your customers' data isn't ours to hand over.
Privacy#
Short version. The platform does not run third-party tracking, advertising, or behavioral analytics. The only personal data we hold is your email address, your hashed password, your profile (name + avatar if you set one), and a handful of opaque session IDs stored in your browser. The only cookie we set is the one that keeps you signed in.
What gets collected.
- Account email + password. Used to log you in and to send platform notifications when something on your account changes (cap reached, plan upgraded, password reset). Passwords are stored as scrypt hashes — the actual password isn't recoverable even by us. Emails are kept until you ask us to delete the account.
- Profile. First name (optional) and avatar image (optional). Shown only inside your dashboard and on your tenants' tenant pages if you enable it.
- Anonymous click events. Every short-link redirect records a row in
link_clickswith the link id, owner id, timestamp, the referrer header (host only — no full URLs), and the User-Agent string. This powers the analytics page (timeseries chart, top links, change-vs-prior). The referrer URL path is discarded; we keep only the host so the chart can group byfrom twitter.com,from instagram.com, etc. - Conversion + usage events. When a tenant of yours hits their plan cap, signs up, or completes a payment, the platform records a small event tied to the event type and the user / business id. Used for billing + auto-upgrade. No personal data beyond the user's id is included.
- Uploaded files. OG images, QR logos, file-type link uploads, agency-branding logos, avatars. Stored on the same server as the database, scoped to your account, served from
/uploads/.... Deleted when you delete the row that referenced them. - Payments. Lifetime + hosting payments go through Stripe. We get back: the Stripe customer ID, the price ID purchased, the period covered, and the invoice metadata. We don't see your card details — Stripe holds those and we never request them. Your tenants' payments go through your Stripe account; we don't see those at all unless you enable our 5% platform fee, in which case Stripe's platform-fee API tells us only the fee amount, not the full invoice contents.
What does NOT get collected.
- No third-party advertising or analytics SDKs. No Google Analytics, no Meta pixel, no Mixpanel, no Segment, no Hotjar, no Sentry, no Datadog, none of it. The only analytics is the in-house anonymous click + event log described above.
- No browser fingerprinting, no canvas hashing, no WebRTC IP leak collection, no font enumeration.
- No selling or sharing of your data — or your tenants' data — to anyone for any purpose. There's nobody to sell it to. There is no commercial data partnership of any kind.
- No tracking pixels in emails. We send only transactional emails when something on your account changes.
Cookies#
The platform sets exactly one cookie: a session cookie named lnks_session, used to keep you signed in. It's HttpOnly, Secure, SameSite=Lax. On *.linked.codes the cookie scope is .linked.codes so signing in on the platform also signs you in on your own subdomain (and back). On a tenant's custom domain the cookie is host-only — they're separate sites with separate sessions.
This is a "strictly necessary" cookie under GDPR — without it the login flow can't function — so no consent banner is required and we don't show one. The cookie expires when you sign out or after 30 days of inactivity. There are no tracking cookies, no advertising cookies, no analytics cookies.
Data export and deletion#
Export. Every list view in the dashboard (Links, QR codes, Domains, Plans, Users) has a CSV export linked from its toolbar. For a full SQL-level dump tied to a specific business, email us and we'll generate one within a week.
Deletion. Delete an account from /app/account → Danger zone → Delete account. The account, all its links, all its QR designs, all its uploaded files, and all sessions are removed within 30 days. Stripe customer records persist on Stripe's side per Stripe's retention policy — we delete the foreign key on our side but Stripe keeps the invoice history per their own legal requirements.
If you operate a tenant business on the platform and you want a specific sub-user deleted, the business owner can do it from their Users page; the user gets removed and their links transfer to the business owner (so the slugs you've shared don't break).
Updates to these terms#
This page is regenerated whenever the platform changes materially. The version number above the body is bumped on each regeneration; the date is the date of regeneration. Signed-in users see a single-line "Terms updated" notice in the dashboard the next time they sign in after a regeneration; clicking through dismisses the notice and takes you here. Continuing to use the platform after a regeneration means you accept the new version.
The full revision history isn't published; older versions are available on request.