Skip to main content
Mue
Effective Date: October 3, 2025

Privacy Policy

At Mue, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our URL shortening service.

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Definitions

For purposes of this Privacy Policy:

  • "Personal Data" means any information relating to an identified or identifiable individual.
  • "Usage Data" refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
  • "Cookies" are small files placed on your device.
  • "Service Provider" means any natural or legal person who processes data on behalf of Mue.
  • "You" means the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service.

2. Information Collection and Use

2.1 Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Profile picture (optional)

Usage Data

We collect Usage Data automatically when you access the Service. This Usage Data may include:

  • Your computer's Internet Protocol (IP) address
  • Browser type and version
  • Pages of our Service that you visit
  • Time and date of your visit
  • Time spent on those pages
  • Unique device identifiers
  • Other diagnostic data

When you access the Service through a mobile device, we may collect:

  • Type of mobile device
  • Unique device ID
  • IP address of your mobile device
  • Mobile operating system
  • Type of mobile browser
  • Other diagnostic data

Customer Data

When you use our Service to create short links, we collect:

  • Original URLs - The long URLs you want to shorten
  • Custom slugs - If you create custom short link paths
  • Link metadata - Titles, descriptions, password protection settings, expiration dates, UTM parameters
  • Click analytics - Number of clicks, geographic location (country/region), device types, browsers, referrers, and timestamps

This data is collected to provide you with link management and analytics features.

2.2 Tracking & Cookies Data

We use cookies and similar tracking technologies to track activity on our Service and hold certain information.

Cookies are files with small amounts of data which may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of cookies we use:

  • Session Cookies - To operate our Service and keep you logged in
  • Preference Cookies - To remember your preferences and settings
  • Security Cookies - For security purposes
  • Analytics Cookies - To analyze usage patterns and improve our Service

2.3 Privacy-First Analytics

We use Plausible Analytics, a privacy-friendly analytics tool, to understand how visitors use our marketing website. Plausible is designed with privacy in mind and provides the following benefits:

  • No cookies or persistent identifiers - Plausible does not use cookies or store any personal data
  • No cross-site or cross-device tracking - We do not track you across different websites or devices
  • Anonymized and aggregated data - All analytics data is anonymized and aggregated, with no personally identifiable information collected
  • GDPR, CCPA, and PECR compliant - Plausible complies with major privacy regulations without requiring consent banners
  • EU data storage - Analytics data is stored in the European Union (when using Plausible cloud hosting)

For more information about Plausible's data practices, please see Plausible's Data Policy.

3. Use of Data

Mue uses the collected data for various purposes:

  • To provide and maintain our Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information to improve our Service
  • To monitor the usage of our Service
  • To detect, prevent, and address technical issues
  • To provide you with analytics and insights about your short links
  • To process payments for premium features
  • To send you newsletters, marketing materials, and promotional content (with your consent)
  • To prevent fraud and abuse of our Service

4. Retention of Data

Mue will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy:

  • Account data - While your account is active and for a reasonable period after account deletion
  • Link data - As long as the short link is active or until you delete it
  • Analytics data - Aggregated analytics may be retained indefinitely for service improvement
  • Payment records - As required by tax and accounting regulations (typically 7 years)

We will also retain Usage Data for internal analysis purposes, except when this data is used to strengthen security or improve functionality, or we are legally obligated to retain it for longer periods.

5. Transfer of Data

Your information, including Personal Data, may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Mue will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

6. Disclosure of Data

6.1 Legal Requirements

Mue may disclose your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of Mue
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users of the Service or the public
  • Protect against legal liability

6.2 Service Providers

We may employ third-party companies and individuals to facilitate our Service ("Service Providers"), provide the Service on our behalf, perform Service-related services, or assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Current Service Providers include:

  • Supabase - Database hosting, authentication, and real-time synchronization
  • Stripe - Payment processing for Pro subscriptions
  • Upstash - Redis caching and rate limiting
  • Resend - Transactional email delivery
  • Vercel - Application hosting and content delivery

6.3 Business Transfers

If Mue is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

6.4 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

7. Security of Data

The security of your data is important to us. We implement industry-standard security measures:

  • All data transmission is encrypted using HTTPS/TLS
  • Passwords are hashed and salted using bcrypt
  • Strict access controls and authentication for our systems
  • Regular security audits and monitoring

However, remember that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

8. Your Data Protection Rights Under GDPR

If you are a resident of the European Economic Area (EEA), you have certain data protection rights:

  • Right to access - You have the right to request copies of your personal data
  • Right to rectification - You have the right to request correction of inaccurate data
  • Right to erasure - You have the right to request deletion of your personal data
  • Right to restrict processing - You have the right to request restriction of processing
  • Right to object to processing - You have the right to object to our processing
  • Right to data portability - You have the right to request transfer of your data
  • Right to withdraw consent - You have the right to withdraw consent at any time

To exercise these rights, please contact us at privacy@mue.so. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority.

9. Your Data Protection Rights Under CalOPPA

CalOPPA is a California law that requires commercial websites to post a privacy policy. Under CalOPPA, we agree to:

  • Users can visit our site anonymously
  • This Privacy Policy is linked on our homepage and prominently displayed
  • Our Privacy Policy link includes the word "Privacy"
  • Users will be notified of Privacy Policy changes on our Privacy Policy page
  • Users can change their personal information by emailing us at privacy@mue.so

10. Your Data Protection Rights Under CCPA

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know - Request information about personal data collected, used, or shared
  • Right to delete - Request deletion of your personal data
  • Right to opt-out - We do not sell personal information
  • Right to non-discrimination - We will not discriminate against you for exercising your rights

To exercise your CCPA rights, email privacy@mue.so with "California Privacy Rights" in the subject line.

We will verify your identity before processing your request and respond within 45 days.

11. Service Providers

We may employ third-party companies and individuals due to the following reasons:

  • To facilitate our Service
  • To provide the Service on our behalf
  • To perform Service-related services
  • To assist us in analyzing how our Service is used

These third parties have access to your Personal Data only to perform these tasks and are obligated not to disclose or use it for any other purpose.

12. Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site.

We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

13. Children's Privacy

Our Service is not intended for children under the age of 13 ("Children").

We do not knowingly collect personally identifiable information from anyone under 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

14. Chrome Extension Privacy

Our Chrome browser extension collects minimal data necessary for functionality:

What we collect:

  • URLs you choose to shorten through the extension
  • Authentication tokens to keep you logged in
  • Extension settings and preferences

What we DON'T collect:

  • Your browsing history
  • Websites you visit (unless you choose to shorten a URL)
  • Personal data from websites you visit
  • Keystroke or mouse activity

Permissions explained:

  • activeTab - To capture the current page URL for shortening
  • storage - To store your preferences and link history
  • contextMenus - To add right-click shortening option
  • clipboardWrite - To auto-copy shortened links
  • notifications - To show success notifications
  • tabs - To enable keyboard shortcuts
  • identity - For optional authentication

All extension code is bundled within the package. We do not execute remotely hosted code. Our Content Security Policy enforces script-src 'self'.

15. Do Not Track Signals

We do not currently respond to Do Not Track (DNT) signals. We do not track users across third-party websites to provide targeted advertising.

16. International Data Transfers

Your information may be transferred to and maintained on computers located outside of your jurisdiction where data protection laws may differ.

We ensure appropriate safeguards are in place when transferring your data internationally, including:

  • Standard Contractual Clauses approved by the European Commission
  • Service providers certified under relevant privacy frameworks
  • Ensuring adequate protection under GDPR Article 46

17. Data Breach Notification

In the event of a data breach that affects your Personal Data, we will:

  • Notify affected users within 72 hours of discovery
  • Report to relevant supervisory authorities as required by law
  • Provide details about the breach and steps we're taking
  • Offer guidance on protecting your account

18. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending you an email notification (if you have an account) for significant changes
  • Displaying a prominent notice on our Service

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

19. Contact Us

If you have any questions about this Privacy Policy, please contact us:

For data protection inquiries, you may also contact our Data Protection Officer at privacy@mue.so.