Last updated: June 2, 2026
This Privacy Policy explains how miinideck (the “Service”, “we”, “us”, or “our”) collects, uses, and protects your information.
Privacy is the core of what we build, so this policy is written to be read — not buried.
Account information. When you sign in with Google or GitHub, we receive your email address, display name, and a provider account identifier. We never receive or store your Google or GitHub password.
Files you upload. We store the HTML files you upload and their metadata — the title, the random link slug, expiry settings, and, if you set one, a one-way bcrypt hash of your link password. Link passwords are never stored in readable form.
No-account uploads. If you upload without an account, we store a hashed, irreversible form of your IP address to enforce per-user limits. We do not keep your raw IP address for this purpose.
Usage data. We record basic view counts for your links so you can see how often they have been opened. Each view is stored only as a timestamp tied to the link — no IP address, no visitor identity. These records are kept for the life of the document (or your account) so your totals stay accurate, and they are deleted when the document or your account is deleted.
Payment information. Paid plans are processed by Stripe. We store your Stripe customer and subscription identifiers to manage your plan. We never receive or store your full card number — card details are handled entirely by Stripe.
Security and diagnostics. We use hashed IP addresses for rate limiting, a bot-protection check (Cloudflare Turnstile) on uploads, and error monitoring (Sentry) to diagnose problems. Uploaded files are checked against Google Safe Browsing for known malicious URLs.
Abuse reports. If you submit an abuse report, we store the reason you provide and, if you choose to include it, your email address.
We use a small number of strictly necessary cookies: an HttpOnly authentication cookie that keeps you signed in, and short-lived cookies used only during the sign-in process. We do not use advertising or third-party tracking cookies.
We use the information above only to operate and secure the Service, authenticate you, host and deliver your files, process payments, send essential transactional emails (such as a welcome email or an abuse notification), detect and prevent abuse, and comply with legal obligations.
We rely on the following service providers to operate the Service. Each receives only the information needed for its function:
We do not sell your personal information, and we do not share it for advertising.
Files uploaded without an account are automatically deleted 7 days after upload. On the free plan, links expire 7 days after upload by default; you can keep one link always-on, which is retained until you delete it. Files you delete are held in Trash for 30 days and then permanently purged. Account information is kept while your account is active, and is deleted when you delete your account or ask us to do so.
We protect your information with measures including encrypted connections (HTTPS), one-way hashing of passwords and IP addresses, strict separation of frontend and backend credentials, and access controls on our database. No system is perfectly secure, but we treat your data the way we would want our own treated.
You may access, correct, export, or delete your personal information at any time. You can manage most data directly from your dashboard, or contact us at the address below for anything else. We will respond within a reasonable time.
The Service stores data on infrastructure located in Singapore, and information may be processed in other countries where our service providers operate. By using the Service, you consent to this transfer.
The Service is not intended for anyone under 16 years of age, and we do not knowingly collect information from children.
We may update this Privacy Policy from time to time. When we make material changes, we will update the date at the top of this page.
For any privacy question or request, contact us at support@miinideck.com.