Privacy Policy

Last updated: June 2026

What bkmark.link is

bkmark.link is a personal permalink service. You give it a URL; it gives back a short, permanent link that encodes who saved it, when, and what it is. A private library of every link you've ever minted lives at your handle.

Data we collect and why

Account data

Email address and password hash (bcrypt). Used only for authentication. Email is never sold or shared with third parties.

Links you mint

The destination URL, page title, timestamp, and the generated token. This is the core product — without it there is no service. Public links are visible to anyone with the token; private links are visible only to you.

Page excerpts

When minting via the browser extension, a short text excerpt from the page is sent alongside the URL. It is used solely to generate the one-line AI summary attached to your link. It is not stored beyond what appears in your library.

Screenshots

Optional. Captured client-side by the browser extension (the server never opens a headless browser). Stored as a compressed WebP image attached to your link. Visible only to you in your library.

Redirect clicks

When someone follows one of your links, we record a click count (a single integer increment). We do not record the visitor's IP address, browser, or referrer beyond what the server logs transiently for operational purposes.

API keys

Stored as bcrypt hashes. The plaintext key is shown once at creation and never stored.

Third-party services

Anthropic (Claude API)

Page excerpts are sent to Anthropic's API to generate one-line AI summaries. Anthropic's privacy policy applies to data processed there. Summaries are generated once per link and the excerpt is not retained by us after that.

Internet Archive (Wayback Machine)

Each minted URL is submitted to the Wayback Machine for archiving. This is a public service; the URL becomes part of the public archive.

Google Safe Browsing

In open-registration mode, minted URLs are checked against Google's Safe Browsing API to detect malware and phishing. Google's privacy policy applies.

Google Sign-In (optional)

If you sign in with Google, your Google account email is used to create or match your bkmark account. We do not request access to any other Google data.

Cloudflare R2

Screenshots and exports are stored in Cloudflare R2 object storage. The database is continuously replicated there via Litestream for backup purposes.

Browser extension

The bkmark.link Chrome extension uses the following permissions:

  • activeTab — to read the URL and title of the current tab when you click Mint.
  • scripting — to extract a short text excerpt from the page for AI summarisation.
  • clipboardWrite — to copy the minted token to your clipboard automatically.
  • storage — to remember your API key and preferences (private by default, screenshot on/off) locally in Chrome.

The extension communicates only with bkmark.link (or the server URL you configure). No data is sent to any other host. Your API key is stored in chrome.storage.sync and never leaves your browser except as a bearer token in requests to your configured server.

Data retention and deletion

Links are soft-deleted (tombstoned) rather than destroyed, so that tokens already in the wild return a 410 Gone rather than silently misdirecting. If you delete your account, your email and all personally identifiable data are removed; tombstoned links become anonymous. You can export your entire library at any time from Settings → Export.

Contact

Questions about this policy or requests to delete your data: [email protected]