Cookie policy
Last updated: 2 July 2026
How its.gd uses cookies, local storage, session storage, pixels, SDKs, and similar technologies.
This Cookie Policy explains how its.gd uses cookies, local storage, session storage, pixels, SDKs, and similar technologies.
its.gd is a product of DOMU.STUDIO and is operated by:
Dominic Müller
DOMU.STUDIO
Sole proprietor
Mainzer Straße 19
50678 Cologne
Germany
Email: contact@domu.studio
This Cookie Policy supplements our Privacy Policy. Terms such as “personal data,” “processing,” “controller,” and “consent” have the meanings given to them under the General Data Protection Regulation.
1. What are cookies and similar technologies?
Cookies are small text files stored on your device when you visit a website. They can be used to technically provide a website, enable logins, maintain security, remember settings, support payments, or analyze website usage.
In addition to cookies, similar technologies may be used, including:
- local storage
- session storage
- pixels
- tags
- SDKs
- server-side events
- consent signals
- security and anti-abuse tokens
For simplicity, this Cookie Policy uses the term “cookies” to also refer to similar technologies.
2. Why does its.gd use cookies?
We use cookies and similar technologies to provide its.gd securely, reliably, and in a user-friendly way.
Cookies may be used for:
- operating the website
- login and account management
- dashboard features
- creating and managing short links
- security and abuse prevention
- protection against bots, attacks, spam, and fraudulent use
- storing your cookie and consent preferences
- payment and subscription processing
- error analysis and service stability
- optional usage analytics, where you have given consent
We do not use cookies to secretly add tracking pixels or unexpected advertising interstitials to short-link redirects. Short-link redirects are intended to be clean, fast, and safety-focused.
3. Cookie categories
its.gd may use the following categories of cookies and similar technologies.
4. Essential cookies
Essential cookies are necessary for its.gd to function technically. Without these cookies, certain features cannot be provided.
Essential cookies may be used for:
- session management
- login and authentication
- protection against cross-site request forgery
- account and dashboard features
- storing your cookie preferences
- security functions
- bot and abuse protection
- rate limiting
- payment and checkout processes
- technical error detection
- stable delivery of the website
These cookies are processed on the basis of Article 6(1)(b) GDPR where they are necessary to provide the service, and/or Article 6(1)(f) GDPR where they are necessary for security, stability, and abuse prevention.
Where cookies or similar technologies are strictly necessary, consent is generally not required under applicable law.
5. Consent and preference cookies
We use cookies or similar technologies to store your privacy and cookie settings.
These may store:
- whether you accepted or rejected cookies
- which categories you allowed
- when you made your choice
- which consent version was shown to you
- whether optional analytics technologies may be activated
This storage is necessary so that we can respect your choice and do not have to ask you again on every visit.
The legal basis is Article 6(1)(c) GDPR where storage is necessary to comply with legal documentation obligations, and Article 6(1)(f) GDPR for user-friendly and legally compliant preference management.
6. Security and anti-abuse technologies
its.gd is a short-link service. Security, abuse prevention, and protection against fraudulent links are therefore central parts of the service.
We may use cookies and similar technologies to:
- detect automated attacks
- reduce bots
- prevent spam and abuse
- enforce rate limits
- detect suspicious activity
- protect accounts and visitors
- perform redirects securely
- prevent fraudulent or unsafe use
Technical data such as IP address, request metadata, user agent, access time, security events, and similar information may be processed for these purposes.
The legal basis is Article 6(1)(f) GDPR. Our legitimate interest is the secure operation of its.gd, the protection of visitors, users, third parties, and our infrastructure, and the prevention of fraud, phishing, malware, and other abuse.
7. Cloudflare cookies
We use Cloudflare for DNS, security, performance, routing, and protection against abusive or malicious traffic.
Cloudflare may use cookies and similar technologies to:
- distinguish legitimate visitors from bots
- detect and prevent attacks
- manage traffic securely
- deliver the website reliably
- enforce security rules
- prevent abuse
Cloudflare documents that certain cookies may be used to optimize network resources, manage traffic, and protect websites from malicious traffic.
Possible data may include:
- IP address
- request metadata
- browser and device information
- security events
- firewall and bot-management signals
- cookie or challenge information
The legal basis is Article 6(1)(f) GDPR. Our legitimate interest is security, performance, abuse prevention, and stable website delivery.
Further information:
- Cloudflare Cookie Policy: cloudflare.com/cookie-policy
- Cloudflare Cookies Documentation: developers.cloudflare.com
- Cloudflare Privacy Policy: cloudflare.com/privacypolicy
- Cloudflare Customer DPA: cloudflare.com/cloudflare-customer-dpa
8. Lovable.dev and technical platform cookies
its.gd is technically operated and implemented using Lovable.dev.
Lovable.dev may use cookies or similar technologies in connection with platform operation, deployment, app functionality, consent management, account features, integrations, and technical settings.
Possible purposes include:
- operation of the website and application
- technical delivery of features
- management of consent and cookie settings
- account or dashboard features, where configured
- security and stability functions
- technical integrations with service providers
- error analysis and support
The legal basis is Article 6(1)(b) GDPR where processing is necessary to provide the service, and Article 6(1)(f) GDPR for security, stability, and technical administration. Where Lovable.dev uses optional analytics or tracking technologies, this is done only on the basis of your consent where legally required.
Further information:
- Lovable.dev Privacy Policy: lovable.dev/privacy
- Lovable.dev Data Processing Agreement: lovable.dev/data-processing-agreement
- Lovable.dev Security: lovable.dev/security
9. Cloudways / hosting
We use Cloudways-managed server infrastructure to operate its.gd. The server is operated in Frankfurt, Germany.
Cloudways may process technical data as part of hosting, for example:
- IP addresses
- server logs
- request metadata
- security events
- technical error data
- backup and system data
Hosting-related cookies are generally not set directly by Cloudways for visitors of its.gd, but hosting infrastructure may be relevant for technical delivery, security, or platform configuration.
The legal basis is Article 6(1)(b) GDPR for providing the service and Article 6(1)(f) GDPR for security, stability, and technical administration.
Further information:
- Cloudways Privacy Policy: cloudways.com/en/privacy
- Cloudways Terms: cloudways.com/en/terms
- Cloudways Cookie Policy: cloudways.com/en/cookie-policy
10. Google Analytics
We may use Google Analytics to understand how visitors use its.gd and to improve the website.
Google Analytics may use cookies and similar technologies to process information about website usage, for example:
- page views
- interactions
- referrers
- device and browser information
- approximate location data
- online identifiers
- cookie identifiers
- usage events
Google Analytics is used only where legally permitted and, where required, only after you have given consent through our consent system.
You can withdraw your consent at any time through the cookie or consent settings. The withdrawal applies for the future.
The legal basis is Article 6(1)(a) GDPR. Accessing information on your device or storing information on your device is also based on your consent where required.
We do not intend to use Google Analytics on short-link redirect pages unless this is clearly disclosed and legally permitted. Short-link redirects are intended to work without unexpected tracking.
Further information:
- Google Privacy Policy: policies.google.com/privacy
- Google Analytics Terms: google.com/analytics/terms
- Google Analytics Data Processing Terms: support.google.com/analytics/answer/3379636
- How Google uses information from sites or apps: policies.google.com/technologies/partner-sites
- Google Consent Mode: support.google.com/analytics/answer/9976101
11. Stripe cookies and payment technologies
We use Stripe for payments, subscriptions, invoices, checkout, fraud prevention, and payment-related compliance.
Stripe may use cookies and similar technologies as part of checkout and payment processing, for example to:
- process payments securely
- detect and prevent fraud
- provide payment functionality
- manage checkout sessions
- comply with legal and regulatory requirements
- assess payment risks
- prevent abuse and unauthorized transactions
Possible data may include:
- payment and checkout information
- IP address
- device and browser information
- payment status
- fraud-prevention signals
- technical interaction data
Some Stripe technologies may be necessary for secure payment processing and fraud prevention. Other Stripe technologies may be optional or controlled by Stripe in its own responsibility.
The legal basis is Article 6(1)(b) GDPR where processing is necessary for payment processing, Article 6(1)(c) GDPR for legal obligations, and Article 6(1)(f) GDPR for fraud prevention, security, and legitimate interest enforcement.
Further information:
- Stripe Privacy Policy: stripe.com/privacy
- Stripe Cookie Policy: stripe.com/legal/cookies-policy
- Stripe Cookie Settings: stripe.com/cookie-settings
- Stripe Data Processing Agreement: stripe.com/legal/dpa
- Stripe Privacy Center: stripe.com/legal/privacy-center
12. Lovable Email and email technologies
We use Lovable Email, the built-in email service provided by Lovable.dev (using Mailgun as the underlying delivery provider), for transactional and service-related emails.
Lovable Email and Mailgun generally do not set website cookies for visitors of its.gd, but they may process technical information as part of email delivery, for example:
- email address
- email content
- sending time
- delivery status
- bounce information
- technical email metadata
- opening or interaction data, where enabled and legally permitted
If email open or click tracking is used, this is done only where legally permitted and, where required, on the basis of consent.
The legal basis is Article 6(1)(b) GDPR for service-related emails, Article 6(1)(f) GDPR for operation, delivery, and security, and Article 6(1)(a) GDPR where consent is required.
Further information:
- Lovable Privacy Policy: lovable.dev/privacy
- Lovable DPA: lovable.dev/data-processing-agreement
- Mailgun Privacy Policy: mailgun.com/legal/privacy-policy
- Mailgun DPA: mailgun.com/legal/dpa
13. Short-link redirects
its.gd is designed so that short-link redirects work in a clean and safety-focused way.
When a redirect occurs, technical data may be processed, for example:
- requested short link
- time of access
- IP address
- browser and device information
- referrer, if transmitted by the browser
- security and abuse signals
- redirect status
- warning or blocking status
This processing is used for technical redirection, security, abuse prevention, error analysis, and, where relevant, aggregated link statistics.
We do not use short-link redirects to secretly load tracking pixels or unexpected advertising interstitials.
14. Link analytics
Paid plans may include link analytics, such as click counts, country, device, operating system, source, or social-media referrer.
These analytics are intended to be aggregated or statistical. They are not intended to identify individual visitors.
For link analytics, technical data generated when a short link is accessed may be processed. Where cookies or similar technologies are required for this, they are used only where legally permitted and, where required, with consent.
The legal basis may be Article 6(1)(f) GDPR where aggregated, privacy-conscious statistics are necessary for contract performance, improvement, and abuse prevention. Where consent-based technologies are used, the legal basis is Article 6(1)(a) GDPR.
15. Cookie duration
The duration of cookies depends on their purpose.
Possible durations include:
- session cookies: deleted when you close your browser
- security cookies: stored for the duration of the security check or for a limited period
- login cookies: stored for the duration of your session or to recognize a logged-in user
- consent cookies: stored for a longer period so that we can respect your cookie choice
- analytics cookies: stored according to the Google Analytics configuration and your consent
- payment cookies: stored according to Stripe’s configuration and payment requirements
Specific durations may change if we change providers, settings, or technical implementation. Where possible, the specific cookies, providers, purposes, and durations are shown in the cookie or consent banner.
16. Changing cookie settings
You can change your cookie settings or withdraw your consent at any time.
This is possible through the cookie or consent settings on its.gd.
Withdrawal of consent applies for the future. It does not affect the lawfulness of processing before withdrawal.
You can also delete or block cookies in your browser. Please note that some features of its.gd may not work properly if essential cookies are disabled.
17. Browser settings
Most browsers allow you to delete, block, or restrict cookies.
Depending on your browser, these settings are usually available under privacy, security, or website settings.
If you block cookies completely, the following features may be limited:
- login
- dashboard
- link management
- checkout
- payment processing
- cookie preferences
- security checks
- abuse protection
18. Third-party cookies
Some cookies or similar technologies may be set or processed by third parties when you use certain features, for example:
- Cloudflare for security and performance
- Google Analytics for optional analytics
- Stripe for checkout and payments
- Lovable.dev for technical platform functionality
- Lovable Email (Mailgun) for email delivery and, where enabled, email interaction data
These providers may have their own privacy and cookie policies. The relevant links are provided in the sections above.
19. No guarantee of a complete cookie list
We aim to keep this Cookie Policy current and transparent.
Because cookies and similar technologies may be dynamically set or changed by technical providers, security services, payment providers, and platform integrations, the specific cookie list may change.
The information shown in the cookie or consent banner should reflect the current technical implementation.
20. Changes to this Cookie Policy
We may update this Cookie Policy from time to time, for example if we use new providers, change existing providers, add new features, or adapt to legal requirements.
The current version will be published on its.gd.
21. Contact
For questions about this Cookie Policy or the processing of personal data, you can contact us:
DOMU.STUDIO
Dominic Müller
Mainzer Straße 19
50678 Cologne
Germany
Email: contact@domu.studio
Placeholder document for the its.gd prototype. Replace with reviewed legal copy before production.