Privacy Policy

Last updated: June 2026

1. Overview

Redirect Mapper ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights in relation to it.

2. Data We Collect

Account data

When you register, we collect your name, email address, and a hashed password (or OAuth token if you sign in with Google). This is used to authenticate you and manage your account.

Project and redirect data

We store the URLs you configure, redirect rules, sitemap data, and redirect logs generated from visitor activity on your website. Logs include the broken URL, the suggested destination, a hashed IP address, user agent string, referrer URL, and a timestamp.

Usage data

We collect aggregate usage metrics (e.g. number of redirects served per month) to enforce plan limits and improve the Service.

3. Data We Do Not Collect

  • We do not store raw IP addresses — only a one-way hash used for deduplication
  • We do not use cookies or tracking pixels on your visitors beyond what is necessary to serve the redirect script
  • We do not sell or share your data with third parties for advertising purposes
  • UTM parameters appended to redirect URLs (if enabled) are not logged or stored by us

4. How We Use Your Data

  • To provide and operate the Service
  • To authenticate you and manage access control
  • To enforce usage limits under your subscription plan
  • To send transactional emails (account invites, password resets)
  • To improve the Service based on aggregated, anonymised usage patterns

5. Data Sharing

We do not sell your data. We share data only with the following sub-processors necessary to operate the Service:

  • Supabase — database hosting (PostgreSQL)
  • Vercel — application hosting and edge functions
  • Upstash — Redis caching layer
  • Resend — transactional email delivery
  • Google OAuth — optional sign-in provider

Each sub-processor is bound by their own data processing agreements and privacy policies.

6. Data Retention

We retain your account data for as long as your account is active. Redirect logs are retained for the lifetime of the project. When you delete a project or close your account, associated data is permanently deleted.

7. Your Rights

Depending on your location, you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, contact us at support@redirectmapper.com. We will respond within 30 days.

8. Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), hashed passwords (bcrypt), and access controls. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Cookies

We use a single session cookie to keep you signed in to the dashboard. We do not use third-party analytics cookies or advertising cookies. The redirect script installed on your website does not set cookies on your visitors.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or requests, contact us at support@redirectmapper.com.