Privacy Policy
Last updated: 16 February 2026
1. Overview
BERT Interlinker ("we", "us", "our") respects your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data.
2. Data We Collect
Data you provide
- Crawl files: CSV files you upload containing URLs, page titles, headings, and other crawl metadata from your website.
- Email address: Only if you create an account via magic link sign-in.
Data collected automatically
- Browser fingerprint: A hash derived from your user agent and IP address, used solely for free tier rate limiting. This is not a tracking identifier.
- IP address: Used for rate limiting and abuse prevention. Not stored long-term.
- Cookies: We use a single essential session cookie (
session_token) for authentication. We do not use analytics, advertising, or tracking cookies.
3. How We Use Your Data
- Crawl files are processed solely to generate internal linking recommendations. They are not read by humans, shared with third parties, or used for model training.
- Email addresses are used only for account authentication (magic link sign-in) and transactional emails (job completion, payment receipts). We do not send marketing emails.
- Browser fingerprints are used only to enforce free tier limits (1 run per day, 1 domain per day).
4. Data Retention
| Data | Retention |
|---|---|
| Uploaded crawl files | Deleted immediately after processing |
| Job results (recommendations, heatmaps) | 30 days from completion, then deleted |
| Account email address | Until account deletion |
| Payment records | As required by tax/accounting law |
| Browser fingerprints | 24 hours (rolling window for rate limiting) |
5. Third-Party Services
We use the following third-party services:
- Stripe for payment processing. Stripe handles all card details directly; we never see or store your card number. See Stripe's Privacy Policy.
- Resend for transactional email delivery. See Resend's Privacy Policy.
- Hetzner for server hosting (EU/Germany). See Hetzner's Privacy Policy.
We do not use Google Analytics, Facebook Pixel, or any advertising trackers.
6. Cookies
We use only essential cookies required for the Service to function:
| Cookie | Purpose | Duration |
|---|---|---|
session_token |
Account authentication | 30 days |
fp |
Browser fingerprint for rate limiting | Session |
Because we only use essential cookies, no cookie consent banner is required under GDPR/ePrivacy.
7. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you.
- Request correction or deletion of your data.
- Export your data in a portable format.
- Object to or restrict processing of your data.
To exercise any of these rights, contact us at hello@bertlinker.com. We will respond within 30 days.
8. Data Security
We protect your data with:
- HTTPS encryption for all data in transit (enforced by Caddy reverse proxy).
- Encrypted storage on Hetzner's infrastructure.
- Parameterized SQL queries to prevent injection attacks.
- Automatic file deletion after processing.
9. Children's Privacy
The Service is not directed at children under 16. We do not knowingly collect data from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will update the "Last updated" date at the top of this page. Continued use of the Service constitutes acceptance of the updated policy.
11. Contact
For privacy-related questions or requests, contact us at hello@bertlinker.com.