Fstly
Sign up

Legal

Privacy Policy

Last updated:

1. Introduction

Fstly (“Fstly,” “we,” “us,” or “our”) provides a cloud-based link management platform, including short links, QR code generation, analytics, PII scanning features, and related services (collectively, the “Services”). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our websites, use our applications, or interact with our APIs.

By using the Services, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Services. For questions, contact us at privacy@fstly.example.com.

2. Information we collect

2.1 Information you provide

We collect information you submit directly—for example when you create an account, connect a custom domain, contact sales, subscribe to communications, or submit support tickets. This may include your name, email address, company name, billing details (processed by our payment processors), and message content.

2.2 Information collected automatically

When you use the Services, we automatically collect certain technical and usage data, such as IP address, device type, browser type, approximate location derived from IP (e.g., city or region), timestamps, referral URLs, and event data related to link creation, redirects, and API calls. Our analytics features may aggregate this data to show performance metrics to your workspace.

2.3 Customer content

You may upload or configure destinations, campaign parameters, and metadata associated with links and QR codes. Where our PII scanning features analyze URLs, processing occurs to help you identify potential sensitive patterns in accordance with your settings—not for unrelated marketing profiling by Fstly.

3. How we use information

We use collected information to:

  • Provide, operate, maintain, and improve the Services;
  • Authenticate users, enforce security controls, and detect fraud or abuse;
  • Communicate with you about service updates, security notices, and (where permitted) product information;
  • Bill and collect fees, and comply with tax and accounting obligations;
  • Comply with legal obligations and respond to lawful requests; and
  • Analyze aggregated or de-identified usage to improve reliability and user experience.

4. Cookies and similar technologies

We use cookies and similar technologies on our marketing sites and dashboards to maintain sessions, remember preferences, measure performance, and understand how visitors navigate our properties. You can control cookies through your browser settings; disabling cookies may limit certain functionality (such as staying signed in).

We may use first-party and third-party cookies for analytics (e.g., to understand feature adoption) in line with your cookie choices where applicable. We do not use cookies to sell personal information as defined under applicable U.S. state laws.

5. Third-party services and subprocessors

We rely on subprocessors to host infrastructure, deliver email, process payments, monitor application health, and provide customer support tooling. Subprocessors are bound by contractual obligations consistent with this Policy and applicable law. A current list is available upon request and may be updated as our operations evolve.

We do not sell your personal information. We may share information with vendors who process data on our instructions, or when required by law, court order, or to protect the rights, safety, and security of Fstly, our users, or the public.

6. International transfers and retention

If you access the Services from outside the region where our primary servers are located, your information may be transferred to and processed in countries that may have different data protection laws. Where required, we implement appropriate safeguards such as standard contractual clauses.

We retain personal information only as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law (for example, tax or audit requirements). Aggregated or de-identified information may be retained longer.

7. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, or export personal information we hold about you; object to or restrict certain processing; or withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority.

To exercise rights, email privacy@fstly.example.com. We will respond within the timeframe required by applicable law. We may need to verify your identity before fulfilling certain requests.

8. Security

We implement administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, or misuse. No method of transmission over the Internet is 100% secure; we encourage you to use strong passwords, enable multi-factor authentication where available, and review integrations connected to your workspace.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. Material changes may be communicated via email or in-product notice where appropriate. Continued use of the Services after changes become effective constitutes acceptance of the updated Policy.

10. Contact

Questions about this Privacy Policy or our data practices: privacy@fstly.example.com. For EU/UK data protection inquiries, you may also contact our Data Protection contact at the same address with “DPO Inquiry” in the subject line.