Coz.jp

新しいリンク短縮サイト

Privacy Policy

Effective Date: 30 September 2025

1. Introduction

This Privacy Policy explains how Coz.jp ("we," "us," or "our") collects, uses, and protects your personal data when you use our link-shortening services. By using Coz.jp, you agree to the practices described here.

2. Data We Collect

We collect the following data:

A. Data You Provide

  • Name (optional, if you choose to set it in your profile).
  • Email address (for account registration and communication).
  • Password (stored securely using industry-standard hashing; we cannot view your plaintext password).
  • Links shortened (to provide the service).

B. Automated Data

  • Technical request headers (IP address, user agent, browser type) during registration, link creation or normal usage.
  • Server performance data (e.g., error logs, response times) via New Relic for monitoring and optimization.

C. What We Do Not Collect

3. Legal Basis for Processing (GDPR Compliance)

We process your data based on:

  • Contractual necessity (to provide the service).
  • Legitimate interests (service optimization, fraud prevention, and server monitoring).

4. How We Use Your Data

  • To shorten links and deliver services.
  • To communicate with you (e.g., account updates).
  • To monitor server performance and troubleshoot issues via New Relic or Umami.
  • To comply with legal obligations (e.g., Italian law).

5. Data Sharing

We do not sell or share your data with third parties. The only third parties handling our data are:

  • Paddle: For payment processing (name and email).
  • Mailcoach: For transactional emails (name and email).
  • New Relic: For server performance monitoring (technical data like IPs and error logs).
  • Legal authorities: If required by law.

All third parties:

  • Process data in the EU through their European instances.
  • Are GDPR-compliant and act only on our instructions.

6. Data Retention

  • Links: Retained while your account is active (or manually deleted).
  • Account data (name, email, password): Retained while your account is active.
  • IP/user agent: Deleted after 1 year (unless required for fraud investigations).
  • Server performance data: Retained for up to 1 year.

7. Analytics

We use self-hosted Umami to track aggregated usage data (e.g., page visits, country derived from anonymized IPs).

  • No personal data (e.g., cookies, full IPs, identifiers) is collected.
  • Data is fully anonymized and stored only on our servers in Italy.
  • No consent is required under GDPR for this anonymized analytics processing.

8. Your Rights (GDPR)

You have the right to:

  • Access, correct, or delete your data (including updating your name or email).
  • Object to processing.
  • Request data portability.

To exercise these rights, contact us at admin [at] coz.jp.

9. Data Security

  • Passwords are hashed using bcrypt and never stored in plaintext.
  • Data is stored on servers in Italy with encryption at rest.
  • Encryption (HTTPS) protects data in transit.
  • Regular security audits are performed.

10. International Transfers

All data is processed in Italy (EU). Third parties (Paddle, Mailcoach, New Relic) use EU-based servers and comply with GDPR.

11. Children’s Privacy

Coz.jp is not intended for users under 18 or not of legal age under their legislation. We do not knowingly collect data from minors.

12. Changes to This Policy

Updates will be posted here. Material changes will be notified via email or a website banner.

13. Contact

For questions or data requests:
Email: admin [at] coz.jp