Skip to main content

Privacy Policy

This policy explains what UploadToLink collects, how we use it, and what choices you have when uploading files, creating share links, and using account features.

Last updated: June 5, 2026

Introduction

Welcome to UploadToLink. This Privacy Policy explains how we collect, use, store, and protect information when you use our website, upload features, share pages, and account tools.

By using the service, you agree to the practices described here.

Information we collect

1. Upload and share data

When you upload a file, create a text share, or save a source link, we store the content and metadata needed to operate share pages and security controls.

  • Uploaded file content, text body, or saved source URL
  • Share ID, file name, file size, content type, timestamps, and storage keys
  • Security settings such as password hashes, expiry, download limits, burn-after-read flags, and access counts
  • Generated share URLs, QR handoff data, and related operational metadata

2. Account information

When you sign in with Google or GitHub through Better Auth, we receive and store account information needed for authentication and dashboard features.

  • User ID, name, email address, profile image, and provider identifiers
  • Session data and login metadata
  • Shares associated with your account and dashboard activity

3. Technical and usage information

We may process technical information to secure the service, enforce limits, troubleshoot issues, and understand reliability.

  • IP address, country or region signals from infrastructure providers, browser session identifiers, and user agent
  • Upload counts, storage usage, access counts, error logs, and diagnostic events
  • Payment references and billing metadata when you purchase a paid plan through Stripe or Creem

How we use information

We use collected information to operate UploadToLink and deliver the features you request.

  • Store and deliver uploaded files, text shares, and share pages
  • Apply password protection, expiry, download limits, and burn-after-read settings
  • Maintain accounts, dashboards, guest-session controls, and link management workflows
  • Enforce upload limits, detect abuse, investigate reports, and improve reliability
  • Process payments, subscriptions, and support requests where applicable
  • Comply with legal obligations and respond to lawful requests

Public content and link sharing

Files and text shared through UploadToLink are generally intended to be accessible through generated share URLs. Anyone with a share page URL or valid access path may be able to view, download, copy, embed, or redistribute the linked content, subject to any password, expiry, download limit, or burn-after-read settings you apply.

Do not upload sensitive, confidential, private, or regulated information unless you understand that it may become accessible through the links you create or share.

Share pages are not designed for search-engine indexing. We use technical controls such as robots directives to discourage indexing of private dashboard areas and individual share URLs.

Cookies and session storage

We use cookies and similar browser storage to keep you signed in, remember guest upload sessions, store consent preferences, and support security and account workflows.

You can disable cookies in your browser, but some features—including account login, guest upload ownership, claiming temporary uploads, or file management—may not work correctly.

Anonymous uploads and retention

Guest uploads may use browser session identifiers and IP-based limits so we can show upload status, allow limited management from the same browser session, prevent abuse, and support claiming after sign-in.

Guest share links expire automatically within 24 hours unless removed earlier. Signed-in users can choose longer retention options where supported.

Deleted, expired, or policy-removed content is removed from active storage where practical, although logs, caches, backups, and derived operational records may persist for a limited period.

Cookie Policy

We use cookies and similar technologies to improve site functionality, measure usage, and support certain product features.

The types of cookies we use may include:

  • Necessary cookies for core site behavior and sessions
  • Analytics cookies used to understand traffic and usage
  • Performance cookies used to improve site quality

You can control or delete cookies through your browser settings. Disabling certain cookies may affect parts of the site experience.

Sharing with service providers

We use infrastructure, authentication, storage, content delivery, email, payment, security, analytics, and operational providers to run the service. These providers process information only as needed to provide their services to us.

Examples may include Cloudflare for delivery and rate limiting, Cloudflare R2 for object storage, Better Auth for authentication, Stripe or Creem for payments, and Resend for transactional email.

We do not sell your personal information. We may disclose information when necessary to comply with law, enforce our terms, respond to lawful requests, protect rights and safety, prevent abuse, or investigate security issues.

Security

We use administrative, technical, and organizational measures designed to protect information and keep the service reliable. Files are served through controlled access paths rather than exposing raw storage URLs on share pages.

No online service can guarantee absolute security. You are responsible for keeping your account credentials and identity provider account secure.

If you believe your account or a hosted link has been misused, contact us promptly.

Your rights and choices

Depending on your jurisdiction, you may have rights related to your personal information.

  • Signed-in users can manage or delete shares from the dashboard
  • Guest users may have limited controls tied to the browser session that created the upload
  • You may request help with privacy, abuse, or removal issues by contacting us with the relevant URL, account email, or other identifying details
  • You may have rights to access, correct, delete, restrict, or export personal information where applicable law requires

Children's privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe such information has been collected, please contact us so we can investigate and delete it where appropriate.

International data transfers

Your information may be processed or stored in countries outside your place of residence, including where our infrastructure or service providers operate.

Where this happens, we take reasonable measures to maintain appropriate protection.

Updates to this Privacy Policy

We may update this Privacy Policy as the service changes. The updated version will be posted on this page with a new last-updated date.

Contact us

If you have questions, comments, or requests regarding this Privacy Policy or our privacy practices, contact us through:

We will respond as soon as reasonably possible.

Return to Home
Policy highlights
What we collect when you upload or sign in
How public share links and security settings work
Retention, cookies, providers, and your choices