Back to Home

Privacy Policy

Last Updated: November 2025

1. Introduction

Welcome to Donde.link ("we," "our," or "us"). We value your privacy and are committed to protecting your personal data. This policy outlines how we handle your information, specifically regarding data accessed via Google Services.

2. Data Accessed

When you choose to sign in using Google, our application requests access to the following specific types of Google user data:

  • Primary Email Address: Used as your unique account identifier.
  • Personal Profile: Specifically your First Name, Last Name, and Profile Picture (Avatar), to personalize your dashboard and user experience.

We do not access your contacts, calendar, Google Drive files, or any other sensitive Google data.

3. Data Usage

We use the Google user data we access solely for the following purposes:

  • Authentication: To verify your identity and allow you to log in securely without creating a separate password.
  • Account Management: To create your user profile in our system and associate your created "Donde Links" (locations) with your account.
  • Communication: To send you important service updates, such as password reset emails or notifications about your links (e.g., ownership transfer requests).

We do not use your Google user data for advertising purposes, and we do not sell your data to third parties.

4. Data Sharing

We do not share your Google user data with third parties, except for the infrastructure providers necessary to operate our service:

  • Supabase: Our database and authentication provider. They securely store your user profile and handle the OAuth login flow.
  • Vercel: Our hosting provider, which processes the web requests required to display your dashboard.

These providers adhere to strict security standards and process data only to provide the infrastructure for Donde.link.

5. Data Storage & Protection

We employ industry-standard security practices to protect your data:

  • Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS (HTTPS).
  • Database Security: Your data is stored in a secure Supabase (PostgreSQL) database protected by Row Level Security (RLS) policies, ensuring that only you can modify your account data.
  • Access Control: We restrict access to personal data to authorized employees who need it to operate the service.

6. Data Retention & Deletion

Retention: We retain your user data only for as long as your account remains active. If you choose to delete your account, your data is removed from our live database immediately.

Deletion Process: You have the right to delete your data at any time. To do so:

  1. Log in to your Admin Dashboard.
  2. Click the "Settings" (Gear) icon.
  3. Click "Delete Account" in the Danger Zone section.

This action permanently removes your profile, Google association, and all location links you have created.

7. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at support@donde.link.