Privacy & security
Encryption
Fynlink implements end-to-end encryption to ensure maximum security and privacy of your link data. Learn how we handle encryption and what it means for your data security.
What Gets Encrypted?
The following data are always end-to-end encrypted, meaning they are encrypted before leaving your browser and can only be decrypted on your browser:
- Target URLs (including geo-targeted & device specific URLs if any)
- Link title
- Notes
- Tags
All personally identifiable information (PII) like email addresses, names and timezones are encrypted with a key that we posess. It is also important to note that the database is always encrypted at rest (EAR) and encrypted in transit (EIT).
We also store a copy of your short URL as hashed value!
Apart from the e2ee link data, a copy of your short URL is stored as a hashed value. This value is further encrypted with a searchable field-level encryption. This is to ensure the functionality of the link shortening service.
Key Management
Each team in Fynlink has its own encryption key that is:
- Generated in your browser during team creation
- Encrypted with your password before being stored
- Never transmitted in plain text to our servers
- Shared securely with team members during invitation
Make sure to save your recovery phrase!
Your encryption key is protected by your password. If you forget your password, you won't be able to recover encrypted data. Always keep a backup of your recovery phrase. You can access your recovery phrase from the profile page.
Privacy Benefits
Our encryption approach provides several benefits:
- Zero Knowledge: We cannot read your link data
- Data Sovereignty: You maintain complete control
- Breach Protection: Encrypted data is useless without keys
- Team Security: Granular access control through key management
Your analytics data are NOT encrypted!
While encryption provides strong security, the analytics data remain unencrypted to maintain platform functionality. This data includes the number of clicks, referrers,countries, browser & device type.
Best Practices
To make the most of Fynlink's encryption:
- Use strong passwords for your account
- Keep your recovery phrase in a secure location
- Review team member access periodically
- Enable two-factor authentication for additional security
Learn more about our Security Architecture.