btfy.io - Simple, GDPR compliant custom URL shortener platform

btfy.io - Simple, GDPR compliant custom URL shortener platform

13.Nov.2021

btfy.io is a website creation and hosting platform which allows individuals to make their own short links with custom URLs.

btfy.io is simple and GDPR compliant, but we do encourage everyone to read the full article until the end and contact us directly for more information if needed (see contact details at the end of this article).

It's not necessary to be a coder or designer in order to create your own web pages as everything can be done by filling out forms on btfy.io .

We mainly focus on privacy and respect our visitors' rights, so we also comply with GDPR - General Data Protection Regulation , as you will see below during this article:

How?

The project started as an internal tool we ( .: Team :.) ) were using to make our own short links and share them easily with each other.

We wanted to make it available for the public worldwide, so we started working on a secure platform where everyone would be able to create their own custom URLs, hosted by us.

In the early stages of development there was not enough time or motivation from our side to add any further functionalities or security measures, but later on this project could grow into something far greater than originally expected...

Features?

The features below are a few examples of what can already be done today with btfy.io:         - Create unlimited personal short links        - Filter target page traffic stats by referral source (who shared your link)        - Custom URL's from 1 to 10 characters, for example:  http://btfy.io/1Ei

What is GDPR?

General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It intends to protect personal data and privacy of citizens in the EU. The GDPR regulates how companies / organizations / anyone who processes personal data of people located in EU must act. Although it is valid across all 28 member states, each member state may enact local laws that place further obligations on ' Controllers ' not expressly defined in the GDPR.

What are 'controllers' and 'processors'?

A controller is the entity which determines the purposes, conditions and means of how personal data will be processed. A processor is an entity which processes personal data on behalf of the controller. For example: when you buy a book in a bookstore (buying), the bookstore (controller) is your seller, whereas when you want to ship books from their location to your home (shipping), then they would use a shipping company (processor).

How do we comply with GDPR?

Although btfy.io isn't yet fully GDPR compliant , we already apply some measures for protecting our visitors by:       - Not collecting any unnecessary / excessive visitor data      - Not profiling our visitors into marketing categories      - Making sure data is stored with a minimum risk of loss/theft

How is btfy.io hosted?

We use a dedicated web server based in the Netherlands which only serves the files from btfy.io to our visitors, and currently all HTTP requests are proxied by Nginx .  HTTPS requests are served directly from the web server itself.

Where do we store visitor logs?

The hoster is not allowed to store any sensitive information about our visitors due to GDPR, but they can still keep some non-sensitive visitor info for up to 730 days after visiting us (including referring/exit pages), see:  https://www.hetzner.de/rechtliches/privacy_policy.php

Who is allowed to read visitor logs?

No one except us at Team .:, who created btfy.io, can access these logs unless they are needed for system administration or legally required by the authorities (see below).

How long do we store personal data?

Visitor logs of non-sensitive information (for example: IP address, referring page, timestamp of visit) are stored on our local server for up to 730 days after last visit (so basically 2 years), but this does not include any personal data like e-mail addresses or any other sensitive information which never leaves your own browser (if you were logged in during your visit it will remain stored as long as you are logged in, but will be deleted as soon as you log out or disable cookies).

How do we delete personal data?

We only store visitor logs for up to 730 days after last visit (maximum two years), and there is no need to delete anything manually because this is done automatically with cronjobs and scripts daily.  We also make sure that the server does not run out of disk space by checking various system status indicators .

Is btfy.io GDPR compliant?

Yes, we believe we already meet most GDPR standards , but it's possible that not every visitor agrees with us on this point which is why they can leave anytime without giving any reason (we don't have to ask for consent).

How do visitors delete their personal data?

Visitors can ask us at any time to delete all of their personal data stored with us, but please keep in mind that this will also remove access for you to your account which means that all posts created by yourself will be gone.  If you want the timeline on Facebook or Twitter restored then please submit a request with them.

What rights do visitors have under GDPR?

Basically users can request that we:   - Delete all of their personal data;   - Stop using their personal data (and erase it); and    - Let them reuse these rights as often as they like (which basically means deleting/restoring access/erasing) within reasonable limits (we can ask why you want this data destroyed)

Do we require visitors to agree with our terms of use?

No, there is no need to agree with anything, but it does mean that if anybody wants btfy.io services they should follow the community standards .  If you don't like them then please stop using btfy.io and delete all your posts created on btfy.io - it's as simple as that :)

What's the difference between btfy.io and other social networks?

We don't store all your personal data for years, we don't track you or profile you into marketing categories, we do not run ads so there is no need to share revenue with anyone else (we also won't steal your content), and we don't require our visitors to agree to terms of use they probably won't read anyway :)

How do we delete btfy.io?

If you want to delete your account and all posts created on btfy.io (and don't care about the timeline on Facebook and Twitter) then just stop using it, but please remember that we will not restore this data later .

Can we be kicked off the Internet by authorities?

No, we currently make sure that there is always enough disk space available for what our system needs (even in worst case scenarios), and since no sensitive data leaves our own servers there is no much else they can find :)  We would also like to believe that non-European institutions cannot force German institutions because of GDPR, but only time will tell this might lead us.

 

What does "btfy" mean?

The word btfý means roughly the same as "instant karma hits you right in the face" and was originally invented by a Japanese artist named Takashi Murakami but he claims this is not what it means, so they should ask us :)

How do we know btfy.io isn't a scam?

We don't have any reason to scam anyone because we don't store much data for years, there's no advertising anywhere on the site, and there are no hidden features which can lead to malware infection... also why would we bother running a custom URL shortener if we wanted to run away with users money or sell their personal data?  Absolutely none!

Is btfy.io trustworthy?

Absolutely! We value the user's trust very highly (we've been developing websites for many years) and our motives are pure - we just want to create a nice service that people will enjoy using, and since there doesn't seem to be anything like it anywhere else on the Internet we're hoping it'll work out.

How can I contact you?

Please send an email to: [email protected]

Thank you for using btfy.io :)

We are social