Privacy Policy

Last updated: January 2025

Overview

YourSiteName is a self-hosted, open-source application. This privacy policy describes what data is collected when someone uses a YourSiteName link, how that data is used, and how long it is retained. Because YourSiteName is self-hosted, this policy applies to the specific instance you are accessing. The operator of this instance is responsible for how data is handled on their infrastructure.

What we collect when a link is accessed

When a visitor accesses a public YourSiteName link, the following information is automatically logged:

  • IP address โ€” the network address of the request
  • Timestamp โ€” the date and time of the access
  • User-Agent string โ€” the browser and operating system reported by the visitor's device
  • HTTP Referrer โ€” the URL of the page that linked to the secret, if any
  • Approximate geolocation โ€” country and region derived from the IP address using an offline database. City-level precision is provided where available; no exact coordinates are collected.
  • Standard HTTP headers โ€” including Accept-Language, Sec-CH-UA, and Sec-Fetch-Site, as sent by the browser

This information is logged solely for the benefit of the link creator and is accessible only through the private Control Link associated with each secret.

What we do not collect

YourSiteName does not use cookies, tracking pixels, browser fingerprinting scripts, or any form of cross-session tracking. No information is collected from visitors beyond what is listed above. The application makes no outbound requests to third-party analytics or advertising services.

Secret content

The content of a secret is stored in an obfuscated form and is never logged. When a secret is revealed, the content is displayed once and, if "Burn after reading" was selected, immediately and permanently deleted from the server. The server operator does not have the ability to retrieve secret content after it has been burned.

How collected data is used

Access log data is used exclusively to generate the access report visible to the link creator in the Control Link dashboard. It is not used for advertising, profiling, or any purpose beyond providing the creator with visibility into who accessed their link.

Data sharing

YourSiteName does not sell, rent, or share visitor data with third parties. No data is transmitted to external services at runtime. If a webhook is configured by the link creator, access event details (including IP address, approximate location, and User-Agent) are sent to the webhook endpoint specified by the creator โ€” this is at the discretion of the creator, not YourSiteName.

Data retention

Access logs are automatically deleted after 30 days by default. The server operator may configure a shorter or longer retention period. Logs for a given secret are also deleted when the secret is burned or expires. Secret content that has been burned or has expired is deleted permanently and cannot be recovered.

Your rights

If you are a visitor who accessed a YourSiteName link and have questions about the data logged from your visit, please contact the operator of the specific YourSiteName instance you used. Because YourSiteName is self-hosted, Anthropic and the YourSiteName open-source project have no access to data stored on third-party deployments.

Changes to this policy

The operator of this instance may update this policy at any time. Continued use of the service constitutes acceptance of the current policy.