Privacy Policy
Last updated: June 2026
1. Overview
Redirect Mapper ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights in relation to it.
2. Data We Collect
Account data
When you register, we collect your name, email address, and a hashed password (or OAuth token if you sign in with Google). This is used to authenticate you and manage your account.
Project and redirect data
We store the URLs you configure, redirect rules, sitemap data, and redirect logs generated from visitor activity on your website. Logs include the broken URL, the suggested destination, a hashed IP address, user agent string, referrer URL, and a timestamp.
Usage data
We collect aggregate usage metrics (e.g. number of redirects served per month) to enforce plan limits and improve the Service.
3. Data We Do Not Collect
- We do not store raw IP addresses — only a one-way hash used for deduplication
- We do not use cookies or tracking pixels on your visitors beyond what is necessary to serve the redirect script
- We do not sell or share your data with third parties for advertising purposes
- UTM parameters appended to redirect URLs (if enabled) are not logged or stored by us
4. How We Use Your Data
- To provide and operate the Service
- To authenticate you and manage access control
- To enforce usage limits under your subscription plan
- To send transactional emails (account invites, password resets)
- To improve the Service based on aggregated, anonymised usage patterns
5. Data Sharing
We do not sell your data. We share data only with the following sub-processors necessary to operate the Service:
- Supabase — database hosting (PostgreSQL)
- Vercel — application hosting and edge functions
- Upstash — Redis caching layer
- Resend — transactional email delivery
- Google OAuth — optional sign-in provider
Each sub-processor is bound by their own data processing agreements and privacy policies.
6. Data Retention
We retain your account data for as long as your account is active. Redirect logs are retained for the lifetime of the project. When you delete a project or close your account, associated data is permanently deleted.
7. Your Rights
Depending on your location, you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, contact us at support@redirectmapper.com. We will respond within 30 days.
8. Security
We use industry-standard measures to protect your data, including encrypted connections (TLS), hashed passwords (bcrypt), and access controls. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
9. Cookies
We use a single session cookie to keep you signed in to the dashboard. We do not use third-party analytics cookies or advertising cookies. The redirect script installed on your website does not set cookies on your visitors.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
11. Contact
For privacy-related questions or requests, contact us at support@redirectmapper.com.