Privacy Policy
Learn how we collect, use, and protect your personal information
🔐 Introduction
This Privacy Policy explains how Bio-Link.se collects, uses, monitors, and protects information when you use our URL shortening and bio page creation services. By using our service, you consent to enhanced monitoring and data collection necessary to prevent fraud and abuse.
⚠️ Important Notice
We employ enhanced security monitoring to protect our platform from fraud, phishing, and abuse. This includes automated content scanning, behavioral analysis, and IP tracking. Your use of the service constitutes consent to these security measures.
📊 Information We Collect
📝 Standard Information
- Account Information: Email address, username, password (encrypted)
- Profile Information: Name, social media links, profile picture, bio content
- Usage Data: Created URLs, bio page content, visitor statistics, click patterns
- Technical Data: IP address, browser type, device information, operating system
🛡️ Enhanced Security Monitoring
- Behavioral Analytics: Usage patterns, content creation frequency, suspicious activity indicators
- Content Analysis: Automated scanning of bio pages and URLs for prohibited content
- Network Information: IP geolocation, ISP details, proxy/VPN detection
- Device Fingerprinting: Unique device identifiers to prevent ban circumvention
- Communication Logs: Support interactions, violation reports, enforcement actions
🔞 Adult Content Data (OF Plan Only)
- Age Verification Logs: Timestamps, IP addresses (hashed), verification responses
- Age Gate Configuration: Settings, minimum age requirements, display preferences
- Content Classification: Adult/non-adult content flags, content type metadata
- Platform Integration: External links to OnlyFans, Fansly, Throne.me, Amazon wishlists
- Content Teaser Data: Blur levels, preview images, click-through rates
- Session Cookies: Age verification status cookies (age_verified, visitor_hash)
🔍 How We Collect Information
Information is collected through:
- Account registration and profile creation
- URL shortening and bio page activities
- Automated fraud detection systems
- Content monitoring and analysis tools
- Server logs and enhanced analytics
- Third-party security services
- User behavior tracking
⚙️ Enhanced Use of Collected Information
We use collected information to:
- Provide URL shortening and bio page services
- Detect and prevent fraud, scams, and phishing attempts
- Monitor content for Terms of Service violations
- Identify and block suspicious user behavior
- Maintain databases of flagged IPs and devices
- Generate security reports and risk assessments
- Cooperate with law enforcement investigations
- Share threat intelligence with other platforms
🔔 Security First
Our primary use of your data is to maintain platform security and prevent abuse. This takes precedence over other uses and may involve sharing information with security partners and authorities.
📧 Email Communications (Mailjet)
Newsletter & System Notifications
We use Mailjet SAS as our email service provider for sending newsletters and system notifications. Mailjet is a French company that processes all data within the European Union in compliance with GDPR.
📝 Data Shared with Mailjet
When you subscribe to our newsletter or create an account, the following data may be shared with Mailjet for email delivery purposes:
- Email address — Required for email delivery
- Name — Used for email personalization
- Country — Used for segmentation and language preferences
- Account type (free/paid) — Used for relevant content delivery
Types of Email Communications
| Type | Description | Can Unsubscribe? | Legal Basis |
|---|---|---|---|
| Newsletter | Product updates, tips, and news | ✅ Yes | Consent |
| System Updates | Security notices, terms changes, maintenance, critical updates | ❌ No | Legitimate interest / Contractual necessity |
Your Email Preferences
You can manage your newsletter subscription at any time by:
- Clicking the "unsubscribe" link in any newsletter email
- Updating your preferences in your account settings
ℹ️ Important Note
Unsubscribing from the newsletter does not delete your account or affect your ability to use Bio-Link.se services. System-related emails (security alerts, terms changes, critical service updates) will continue to be sent to all active users regardless of newsletter subscription status, as these are necessary for the operation and security of the service.
Data Processing by Mailjet
Mailjet may also collect the following data when processing our emails:
- Email open tracking — Whether you opened an email
- Click tracking — Which links you clicked in the email
- Bounce data — If your email address is invalid or inbox is full
- Unsubscribe actions — When you opt out of communications
Data Retention for Email
- Active subscribers: Data retained while subscribed
- Unsubscribed users: Email address retained on suppression list to prevent re-adding
- Email analytics: Aggregated statistics retained for up to 13 months
Mailjet's Privacy Compliance
- 🇪🇺 Data processed within the European Union
- 🔒 GDPR compliant data processing agreement in place
- 📋 Mailjet's privacy policy: www.mailjet.com/privacy-policy
🗄️ Data Retention for Security
Extended Retention Periods
⚠️ Security Data Retention
Security-related data is retained longer than standard user data to prevent repeat offenders and maintain platform integrity.
- Violation Records: Permanently retained for repeat offender detection
- IP Blacklists: Maintained indefinitely for security purposes
- Content Violations: Archived for pattern analysis and evidence
- Account Termination Data: Retained for ban enforcement
- Security Logs: Kept for minimum 2 years or as required by law
- Age Verification Logs (OF Plan): Minimum 3 years (legal requirement)
- Adult Content Compliance Records: 7 years
- OF Plan Subscription History: Account lifetime + 1 year
Standard Retention
- Active account data: Until account deletion
- Analytics data: Up to 2 years
- Legal compliance data: As required by applicable laws
✋ User Rights and Limitations
Your Rights
Access Your Data
Request a copy of your personal data (subject to security restrictions)
Correct Information
Update or correct inaccurate personal information
Request Deletion
Delete your account and associated data (with limitations)
Export Your Data
Download your data in portable format (excluding security data)
Object to Processing
Object to certain data processing activities
File Complaints
Lodge complaints with data protection authorities
Security Limitations
🔒 Important Limitations
- Violation records cannot be deleted even after account termination
- IP blocks and security measures remain regardless of data deletion requests
- Law enforcement data may be retained beyond normal retention periods
- Fraud prevention data may be shared with security partners permanently
🛡️ Enhanced Data Security
We implement comprehensive security measures to protect your data:
🔐 Security Measures Include:
- Encrypted data transmission and storage (SSL/TLS)
- Advanced threat detection systems
- Real-time content monitoring
- Behavioral analysis engines
- IP reputation services
- Multi-layered fraud detection
- Regular security audits and penetration testing
- 24/7 security monitoring
- Secure password hashing (bcrypt)
- Two-factor authentication (optional)
🌍 International Data Transfers
Your data may be transferred to and processed in:
- Sweden (primary jurisdiction)
- EU/EEA countries
- Mailjet SAS (France/EU) for email delivery services
- Security partners globally for fraud prevention
- Law enforcement agencies as legally required
We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses and adequacy decisions where applicable.
👶 Children's Privacy
🔞 Age Restriction
Our service is not intended for users under 16 years old. We do not knowingly collect data from minors.
Suspected underage users in violation of Terms will be immediately suspended and their accounts terminated.
Adult Content & Minors
🚫 Zero Tolerance for Underage Access
We take child protection extremely seriously. Any attempt to:
- Bypass age verification systems
- Access adult content while underage
- Create adult content involving minors
- Share login credentials to allow underage access
...will result in immediate account termination, permanent ban, and reporting to law enforcement.
📝 Changes to Privacy Policy
Material changes will be communicated through:
- Email notifications to registered users
- Prominent website notices
- Immediate notification for security-related changes
Continued use after changes constitutes acceptance. We recommend reviewing this policy periodically.
📢 Complaints and Regulatory Contact
For privacy complaints or concerns:
- Primary Contact: info@bio-link.se
- Swedish Data Protection Authority (for EU residents): www.imy.se
- Response Time: 72 hours for security-related inquiries
⚖️ Legal Basis for Processing (GDPR)
We process data based on:
- Legitimate Interests in preventing fraud and ensuring security
- Legal Obligations to comply with law enforcement requests
- Contractual Necessity to provide services
- Consent where explicitly provided
You have the right to object to processing based on legitimate interests. However, we may continue processing if we demonstrate compelling legitimate grounds that override your interests.
🔞 Special Data Processing for Adult Content (OF Plan)
⚠️ Mandatory Age Verification
Users on the OF Plan ($3.99/month) who create adult content are subject to additional data collection and retention requirements to comply with age verification laws and child protection regulations.
Legal Basis for Adult Content Processing
We process adult content data under the following legal bases:
- Legal Obligation – Compliance with Swedish and EU age verification and child protection laws
- Legitimate Interest – Preventing minors from accessing adult content
- Contractual Necessity – Providing OF Plan features requires age verification
- Explicit Consent – You consent by enabling Age Gate features and creating adult content
Age Verification Data Collection
What We Log When Someone Visits Your Adult Content:
- ✅ Timestamp of age verification interaction
- ✅ IP address (SHA-256 hashed for privacy)
- ✅ Browser type and version
- ✅ Device type (mobile/desktop)
- ✅ User's response: "I am 18+" (proceed), "I am under 18" (blocked), or exit
- ✅ Session identifier (prevents repeated prompts within 24 hours)
- ✅ Referrer source (how visitor found your page)
🚨 Mandatory Retention Period
Age verification logs are retained for a minimum of 3 years to comply with potential legal investigations and child protection audits. This data may be provided to law enforcement upon valid legal request.
Enhanced Monitoring for Adult Content
Bio pages containing adult content undergo additional automated monitoring:
- Age Gate Compliance Checks – System verifies Age Gate is active and properly configured
- Content Classification Scans – AI detection to ensure adult content has age restrictions
- Manual Review Queue – New adult content bio pages may be manually reviewed within 48 hours
- User Reporting System – Enhanced reporting for inappropriate or non-compliant adult content
- Pattern Analysis – Detection of prohibited content types (see Terms of Service Section 4.3B)
Third-Party Platform Integration
When you link to external adult platforms through your bio page:
| Platform | Data We Collect | Data We Share |
|---|---|---|
| OnlyFans / Fansly | Click-through rates, referral analytics | None (anonymized traffic only) |
| Throne.me / Amazon Wishlist | Wishlist clicks, platform validation | None |
| PayPal / Payment Links | Click counts, destination URLs | None |
We do NOT:
- ❌ Share your personal information with OnlyFans, Fansly, or other platforms
- ❌ Track transactions or payments made on external platforms
- ❌ Store sensitive content from your OnlyFans/Fansly accounts
- ❌ Access your external platform login credentials
Content Teaser & Blur Function Data
When using Content Teaser blocks with blur functionality:
- Preview image files are stored on our CDN (cdn.bio-link.se)
- Blur level settings (1-100) are saved in block configuration
- Click-through analytics track teaser effectiveness (aggregated data only)
- Destination URLs are validated to ensure they link to legitimate adult platforms
🔒 Privacy Protection
While we collect analytics on Content Teaser performance, we do NOT track individual visitors' identities or create user profiles based on adult content viewing.
Data Sharing for Adult Content Compliance
We may share data related to adult content in these specific cases:
| Recipient | Data Shared | Legal Basis |
|---|---|---|
| Law Enforcement | Age verification logs, IP addresses, content metadata, violation records | Legal obligation, child protection |
| Child Protection Agencies | User reports, underage access attempts, content flags | Legal obligation, public interest |
| Swedish Data Protection Authority (IMY) | Compliance records, privacy impact assessments | Legal obligation, regulatory oversight |
| Hosting & CDN Providers | Content type classification (adult/non-adult), server allocation needs | Contractual necessity, legitimate interest |
| Security Partners | Threat patterns, abuse reports (anonymized) | Legitimate interest, fraud prevention |
Your Rights Regarding Adult Content Data
✅ You CAN Request:
- Access to your age verification logs
- Information about who accessed your adult content pages
- Export of your Content Teaser analytics
- Deletion of your adult content bio pages
- Downgrade from OF Plan to Free/Premium (requires removing adult content first)
- Anonymization of logs after mandatory 3-year retention
❌ You CANNOT Request:
- Deletion of age verification logs (3-year legal retention)
- Opt-out from Age Gate monitoring
- Prevention of manual content reviews
- Deletion of compliance violation records (7-year retention)
- Removal from adult content creator databases
- Exemption from age verification requirements
Extended Data Retention for Adult Content
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Age Verification Logs | 3 years minimum | Legal compliance, child protection |
| Adult Content Metadata | Account lifetime + 1 year | Terms enforcement, audits |
| Compliance Violation Records | 7 years | Legal defense, regulatory requirements |
| User Reports (Adult Content) | 5 years | Pattern detection, safety |
| Content Teaser Analytics | 2 years | Service improvement, aggregated stats |
| Manual Review Records | 3 years | Quality assurance, compliance |
Cookies & Tracking for Age Verification
Bio pages with Age Gates use the following cookies:
| Cookie Name | Purpose | Expiry | Type |
|---|---|---|---|
age_verified |
Remembers age verification status | Session (browser close) | Essential |
age_gate_timestamp |
Records when verification occurred | 24 hours | Essential |
visitor_hash |
Prevents repeated age prompts | 24 hours | Functional |
🍪 Essential Cookies Only
These cookies are essential for age verification functionality and do not track personal identity. They cannot be disabled if you access adult content pages. No consent banner is required as they are strictly necessary for legal compliance.
International Data Transfers (Adult Content)
All adult content data and age verification logs are stored exclusively within the European Union:
- 🇸🇪 Primary Servers: Sweden (GDPR compliant)
- 🇪🇺 Backup Servers: EU data centers (Frankfurt, Amsterdam)
- 🇪🇺 CDN: EU-based content delivery network only
✅ No Third-Country Transfers
We do NOT transfer age verification data, adult content metadata, or OF Plan user information to countries outside the EU. All processing occurs within GDPR-protected jurisdictions.
Data Breach Notification (Adult Content)
In the event of a data breach affecting adult content users or age verification systems:
- Immediate Response: Breach containment within 2 hours of detection
- User Notification: Within 72 hours via email and in-app notification
- Authority Notification: Swedish Data Protection Authority (IMY) informed within 72 hours
- Law Enforcement: Notification if breach involves minors or illegal content
- Public Disclosure: Transparency report published within 14 days
- Remediation: Enhanced security measures implemented immediately
Special Considerations for OF Plan Users
⚖️ Balancing Privacy & Child Protection
We recognize that adult content creators value privacy. However, child protection takes absolute priority. Age verification data retention and monitoring are non-negotiable legal requirements.
If you cannot accept these terms, you must not use the OF Plan or create adult content on Bio-Link.se. Free and Premium plans do not permit adult content.
Third-Party Privacy Policies
When linking to external adult platforms, those platforms have their own privacy policies:
- OnlyFans: onlyfans.com/privacy
- Fansly: fansly.com/privacy
- Throne: throne.com/privacy
We are not responsible for the privacy practices of these third-party platforms.
Contact for Adult Content Privacy Questions
For questions specific to adult content data processing:
- 📧 Email: privacy@bio-link.se
- 📋 Subject: "OF Plan Privacy Inquiry"
- ⏱️ Response Time: Within 5 business days
📞 Contact Information
Get in Touch About Privacy
Piltegatan 4
431 41 Mölndal
Sweden
✅ Consent and Acknowledgment
By using Bio-Link.se, you acknowledge and consent to this enhanced privacy policy, including increased monitoring and data sharing necessary to maintain platform security and prevent fraud.