Privacy Policy

Last updated : 2025-01-15

1. Introduction

NEBCO ("we", "us", "our") operates the ABSD URL shortening service. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our service.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

  • Company : NEBCO (SASU)
  • Address : 6 Rue d'Armaillé, 75017 Paris, France
  • Email : contact@absd.co

3. Data We Collect

3.1 Data you provide

  • URLs submitted: The original URLs you submit for shortening

3.2 Data collected automatically

  • IP address: Used for rate limiting, abuse prevention, and security
  • Server logs: Including timestamps, URLs accessed, HTTP status codes, user agent, and referrer
  • Analytics data: Page views, click counts, geographic region (country level), device type, and browser information via Google Analytics

4. Cookies and Tracking

4.1 What are cookies?

Cookies are small text files stored on your device when you visit a website. They help us understand how you use our service and improve your experience.

4.2 Cookies we use

Cookie Provider Purpose Duration
_ga Google Analytics Distinguishes unique users 2 years
_ga_* Google Analytics Maintains session state 2 years
cookies_consent ABSD Stores your cookie preferences 1 year

4.3 Managing cookies

Analytics cookies are only activated with your consent. You can change your preferences at any time by clearing your browser cookies and revisiting our site. You can also configure your browser to reject cookies.

5. How We Use Your Data

We use the collected data for the following purposes:

  • Providing the service: Creating and managing shortened URLs
  • Security and abuse prevention: Rate limiting, detecting malicious use
  • Service improvement: Understanding usage patterns, fixing bugs
  • Analytics: Measuring traffic and usage statistics

6. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Legitimate interest: For security, abuse prevention, and server logs (Article 6(1)(f) GDPR)
  • Consent: For analytics cookies (Article 6(1)(a) GDPR)
  • Contract performance: To provide the URL shortening service you requested (Article 6(1)(b) GDPR)

7. Data Sharing

We may share your data with the following third parties:

  • Google Analytics: For usage statistics and analytics. Google may process data outside the EU. See Google's Privacy Policy
  • Google Cloud Platform: Our hosting provider, for infrastructure services

We do not sell your personal data to third parties.

8. Data Retention

  • Shortened URLs: Retained for the lifetime of the link or until deleted
  • Server logs: Retained for 90 days
  • Analytics data: Retained for 14 months (Google Analytics default)
  • IP addresses for rate limiting: Retained for 24 hours

9. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data ("right to be forgotten")
  • Right to restrict processing: Request limitation of data processing
  • Right to data portability: Receive your data in a structured format
  • Right to object: Object to processing based on legitimate interest
  • Right to withdraw consent: Withdraw consent for analytics at any time

To exercise these rights, contact us at contact@absd.co.

You also have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence. In France, this is the CNIL (www.cnil.fr).

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes:

  • HTTPS encryption for all data in transit
  • Secure cloud infrastructure (Google Cloud Platform)
  • Access controls and authentication
  • Regular security reviews

11. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), particularly the United States (Google services). When such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

13. Contact

For any questions about this Privacy Policy or to exercise your rights, please contact us at:

  • Email : contact@absd.co
  • Address : NEBCO, 6 Rue d'Armaillé, 75017 Paris, France