Draft. This document is being finalised by counsel before launch — please contact legal@elido.app for an executable version.
Privacy Policy
Last updated: 2026-04-30
1. Who we are
Elido is a URL-shortening service operated from the European Union. Data controller contact: privacy@elido.app.
2. What we collect
Account data (email, name, password hash) when you sign up. Workspace content (links, tags, custom domains) you create. Click events (URL slug, IP-derived country, device class, browser, referrer, UTM parameters) when someone follows your short link.
3. What we don't collect
We don't fingerprint visitors with third-party trackers. We don't sell click streams to ad networks. We don't store the visitor's full IP — only the country derived from it.
4. Where it lives
All operational data is stored in EU data centres (Hetzner FRA, OVH FRA). Click events go to ClickHouse with a default 365-day retention; metadata in PostgreSQL. We do not back up to non-EU regions.
5. Your rights (GDPR)
Access, rectification, deletion, portability, and objection rights are available through the dashboard or by emailing privacy@elido.app. We respond to requests within 30 days.
6. Sub-processors
We use a small set of EU sub-processors: Hetzner / OVH (hosting), Postmark (transactional email), monobank Plata (payments — replaced LiqPay under ADR-0026). The current list with location and purpose is maintained at /legal/subprocessors.
7. Cookies
We set one essential session cookie (ory_kratos_session) and an optional locale cookie (elido_locale). No advertising or analytics cookies — visitor analytics are server-side only.
8. Live chat (Crisp)
When the live chat widget is enabled, Crisp (https://crisp.chat, EU sub-processor) loads its client script and opens a WebSocket connection to relay your messages to our support team. Crisp drops a session cookie (crisp-client/session/*) so it can resume an in-progress conversation across page loads. The chat is opt-in by interaction — no message contents leave your browser until you send one. Authenticated dashboard users have their email and display name passed to Crisp so support can reply by email if you close the tab; anonymous marketing-site visitors stay anonymous unless they type their email into the form.
9. Browser extension — data scope
The Elido browser extension (Chrome MV3 + Firefox) stores your API token or OAuth2 access token in chrome.storage.sync, the per-browser-profile sync container — Google syncs the value across signed-in devices, but Elido never sees it. The extension fires zero telemetry and embeds no third-party scripts; the only network call it makes is to the API origin you configure (https://api.elido.app by default, or your self-hosted endpoint). When you complete the OAuth2 flow, the refresh token lives in chrome.storage.local instead of chrome.storage.sync — it stays on the local machine and never roams across the sync container, which limits exposure if a sync key is ever compromised on another device.