Towgle

BETA

Privacy Policy

Last updated: December 27, 2025

1. Data Controller

Towgle is operated by [Your Name/Company]. For privacy inquiries, contact:

2. Data We Collect

  • Shortened Links: URLs you shorten (encrypted in our database, stored for 30 days)
  • Technical Cookies: Strictly necessary cookies (e.g., to remember essential preferences and apply rate limits). No contact-form cookies are used.
  • Advertising Cookies: Google AdSense cookies (only with your consent)
  • Technical Logs: Anonymized IP address (last 2 octets masked), browser user agent, actions performed (stored for 90 days for security and abuse prevention)
  • Anonymous Client ID: Cryptographically signed identifier stored in cookies (to enforce rate limits and associate links)
  • Support Emails: If you email us, we receive your email address, message content, and standard email headers (date, sender, subject, routing).

3. How We Use Your Data

  • Service Provision: To create, store, and redirect shortened links
  • Security: To prevent abuse, enforce rate limits, and protect against malicious use
  • Advertising: To display ads via Google AdSense (only with your consent)
  • Support: To respond to your emailed questions and requests

4. Legal Basis (GDPR Article 6)

  • Contract Performance (Art. 6.1.b): Processing necessary to provide the link shortening service
  • Legitimate Interest (Art. 6.1.f): Security, fraud prevention, and abuse detection
  • Consent (Art. 6.1.a): Advertising cookies (Google AdSense)

5. Data Retention

  • Shortened Links: Automatically deleted after 30 days
  • Technical Logs: Automatically deleted after 90 days
  • Session Cookies: Expire after 30 days
  • Client ID Cookies: Expire after 1 year

6. Third-Party Services

Google AdSense: If you consent to advertising cookies, Google may collect data for personalized ads. Google's privacy policy: https://policies.google.com/privacy

Data Transfers: Google AdSense may transfer data to the USA under Standard Contractual Clauses (SCCs).

7. Your Rights (GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interest
  • Withdraw Consent: Revoke consent for advertising cookies at any time

To exercise these rights, contact:

🍪 Reset your cookies:

After data erasure, your browser retains cookies (pseudonymous identifier, session tokens). To fully reset your identity, clear Towgle cookies:

  • Browser: Settings → Privacy → Cookies → Delete cookies for towgle.com
  • Devtools: F12 → Application → Cookies → Delete entries named towgle_*

Note: HttpOnly cookies cannot be deleted via JavaScript for security reasons; remove them manually in your browser settings.

8. Cookies

We use the following cookies:

  • towgle_csrf (Necessary): CSRF protection token
  • towgle_sid (Necessary): Session identifier for link management
  • towgle_cid (Necessary): Anonymous client identifier for rate limiting
  • Google AdSense cookies (Advertising): Only loaded with your consent

You can manage your cookie preferences using the banner displayed on first visit or by clearing your browser cookies.

9. Data Security

We implement industry-standard security measures including HTTPS encryption, password hashing (bcrypt), URL encryption (AES-256-GCM), and rate limiting to protect your data.

10. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

11. Contact & Complaints

We no longer use a contact form. For privacy questions or to exercise your rights, email us at:

You also have the right to lodge a complaint with your local data protection authority.