Legal

Cookie policy

Last updated: 2 July 2026

How its.gd uses cookies, local storage, session storage, pixels, SDKs, and similar technologies.

This Cookie Policy explains how its.gd uses cookies, local storage, session storage, pixels, SDKs, and similar technologies.

its.gd is a product of DOMU.STUDIO and is operated by:

Dominic Müller
DOMU.STUDIO
Sole proprietor
Mainzer Straße 19
50678 Cologne
Germany

Email: contact@domu.studio

This Cookie Policy supplements our Privacy Policy. Terms such as “personal data,” “processing,” “controller,” and “consent” have the meanings given to them under the General Data Protection Regulation.

1. What are cookies and similar technologies?

Cookies are small text files stored on your device when you visit a website. They can be used to technically provide a website, enable logins, maintain security, remember settings, support payments, or analyze website usage.

In addition to cookies, similar technologies may be used, including:

  • local storage
  • session storage
  • pixels
  • tags
  • SDKs
  • server-side events
  • consent signals
  • security and anti-abuse tokens

For simplicity, this Cookie Policy uses the term “cookies” to also refer to similar technologies.

2. Why does its.gd use cookies?

We use cookies and similar technologies to provide its.gd securely, reliably, and in a user-friendly way.

Cookies may be used for:

  • operating the website
  • login and account management
  • dashboard features
  • creating and managing short links
  • security and abuse prevention
  • protection against bots, attacks, spam, and fraudulent use
  • storing your cookie and consent preferences
  • payment and subscription processing
  • error analysis and service stability
  • optional usage analytics, where you have given consent

We do not use cookies to secretly add tracking pixels or unexpected advertising interstitials to short-link redirects. Short-link redirects are intended to be clean, fast, and safety-focused.

3. Cookie categories

its.gd may use the following categories of cookies and similar technologies.

4. Essential cookies

Essential cookies are necessary for its.gd to function technically. Without these cookies, certain features cannot be provided.

Essential cookies may be used for:

  • session management
  • login and authentication
  • protection against cross-site request forgery
  • account and dashboard features
  • storing your cookie preferences
  • security functions
  • bot and abuse protection
  • rate limiting
  • payment and checkout processes
  • technical error detection
  • stable delivery of the website

These cookies are processed on the basis of Article 6(1)(b) GDPR where they are necessary to provide the service, and/or Article 6(1)(f) GDPR where they are necessary for security, stability, and abuse prevention.

Where cookies or similar technologies are strictly necessary, consent is generally not required under applicable law.

5. Consent and preference cookies

We use cookies or similar technologies to store your privacy and cookie settings.

These may store:

  • whether you accepted or rejected cookies
  • which categories you allowed
  • when you made your choice
  • which consent version was shown to you
  • whether optional analytics technologies may be activated

This storage is necessary so that we can respect your choice and do not have to ask you again on every visit.

The legal basis is Article 6(1)(c) GDPR where storage is necessary to comply with legal documentation obligations, and Article 6(1)(f) GDPR for user-friendly and legally compliant preference management.

6. Security and anti-abuse technologies

its.gd is a short-link service. Security, abuse prevention, and protection against fraudulent links are therefore central parts of the service.

We may use cookies and similar technologies to:

  • detect automated attacks
  • reduce bots
  • prevent spam and abuse
  • enforce rate limits
  • detect suspicious activity
  • protect accounts and visitors
  • perform redirects securely
  • prevent fraudulent or unsafe use

Technical data such as IP address, request metadata, user agent, access time, security events, and similar information may be processed for these purposes.

The legal basis is Article 6(1)(f) GDPR. Our legitimate interest is the secure operation of its.gd, the protection of visitors, users, third parties, and our infrastructure, and the prevention of fraud, phishing, malware, and other abuse.

7. Cloudflare cookies

We use Cloudflare for DNS, security, performance, routing, and protection against abusive or malicious traffic.

Cloudflare may use cookies and similar technologies to:

  • distinguish legitimate visitors from bots
  • detect and prevent attacks
  • manage traffic securely
  • deliver the website reliably
  • enforce security rules
  • prevent abuse

Cloudflare documents that certain cookies may be used to optimize network resources, manage traffic, and protect websites from malicious traffic.

Possible data may include:

  • IP address
  • request metadata
  • browser and device information
  • security events
  • firewall and bot-management signals
  • cookie or challenge information

The legal basis is Article 6(1)(f) GDPR. Our legitimate interest is security, performance, abuse prevention, and stable website delivery.

Further information:

8. Lovable.dev and technical platform cookies

its.gd is technically operated and implemented using Lovable.dev.

Lovable.dev may use cookies or similar technologies in connection with platform operation, deployment, app functionality, consent management, account features, integrations, and technical settings.

Possible purposes include:

  • operation of the website and application
  • technical delivery of features
  • management of consent and cookie settings
  • account or dashboard features, where configured
  • security and stability functions
  • technical integrations with service providers
  • error analysis and support

The legal basis is Article 6(1)(b) GDPR where processing is necessary to provide the service, and Article 6(1)(f) GDPR for security, stability, and technical administration. Where Lovable.dev uses optional analytics or tracking technologies, this is done only on the basis of your consent where legally required.

Further information:

9. Cloudways / hosting

We use Cloudways-managed server infrastructure to operate its.gd. The server is operated in Frankfurt, Germany.

Cloudways may process technical data as part of hosting, for example:

  • IP addresses
  • server logs
  • request metadata
  • security events
  • technical error data
  • backup and system data

Hosting-related cookies are generally not set directly by Cloudways for visitors of its.gd, but hosting infrastructure may be relevant for technical delivery, security, or platform configuration.

The legal basis is Article 6(1)(b) GDPR for providing the service and Article 6(1)(f) GDPR for security, stability, and technical administration.

Further information:

10. Google Analytics

We may use Google Analytics to understand how visitors use its.gd and to improve the website.

Google Analytics may use cookies and similar technologies to process information about website usage, for example:

  • page views
  • interactions
  • referrers
  • device and browser information
  • approximate location data
  • online identifiers
  • cookie identifiers
  • usage events

Google Analytics is used only where legally permitted and, where required, only after you have given consent through our consent system.

You can withdraw your consent at any time through the cookie or consent settings. The withdrawal applies for the future.

The legal basis is Article 6(1)(a) GDPR. Accessing information on your device or storing information on your device is also based on your consent where required.

We do not intend to use Google Analytics on short-link redirect pages unless this is clearly disclosed and legally permitted. Short-link redirects are intended to work without unexpected tracking.

Further information:

11. Stripe cookies and payment technologies

We use Stripe for payments, subscriptions, invoices, checkout, fraud prevention, and payment-related compliance.

Stripe may use cookies and similar technologies as part of checkout and payment processing, for example to:

  • process payments securely
  • detect and prevent fraud
  • provide payment functionality
  • manage checkout sessions
  • comply with legal and regulatory requirements
  • assess payment risks
  • prevent abuse and unauthorized transactions

Possible data may include:

  • payment and checkout information
  • IP address
  • device and browser information
  • payment status
  • fraud-prevention signals
  • technical interaction data

Some Stripe technologies may be necessary for secure payment processing and fraud prevention. Other Stripe technologies may be optional or controlled by Stripe in its own responsibility.

The legal basis is Article 6(1)(b) GDPR where processing is necessary for payment processing, Article 6(1)(c) GDPR for legal obligations, and Article 6(1)(f) GDPR for fraud prevention, security, and legitimate interest enforcement.

Further information:

12. Lovable Email and email technologies

We use Lovable Email, the built-in email service provided by Lovable.dev (using Mailgun as the underlying delivery provider), for transactional and service-related emails.

Lovable Email and Mailgun generally do not set website cookies for visitors of its.gd, but they may process technical information as part of email delivery, for example:

  • email address
  • email content
  • sending time
  • delivery status
  • bounce information
  • technical email metadata
  • opening or interaction data, where enabled and legally permitted

If email open or click tracking is used, this is done only where legally permitted and, where required, on the basis of consent.

The legal basis is Article 6(1)(b) GDPR for service-related emails, Article 6(1)(f) GDPR for operation, delivery, and security, and Article 6(1)(a) GDPR where consent is required.

Further information:

13. Short-link redirects

its.gd is designed so that short-link redirects work in a clean and safety-focused way.

When a redirect occurs, technical data may be processed, for example:

  • requested short link
  • time of access
  • IP address
  • browser and device information
  • referrer, if transmitted by the browser
  • security and abuse signals
  • redirect status
  • warning or blocking status

This processing is used for technical redirection, security, abuse prevention, error analysis, and, where relevant, aggregated link statistics.

We do not use short-link redirects to secretly load tracking pixels or unexpected advertising interstitials.

14. Link analytics

Paid plans may include link analytics, such as click counts, country, device, operating system, source, or social-media referrer.

These analytics are intended to be aggregated or statistical. They are not intended to identify individual visitors.

For link analytics, technical data generated when a short link is accessed may be processed. Where cookies or similar technologies are required for this, they are used only where legally permitted and, where required, with consent.

The legal basis may be Article 6(1)(f) GDPR where aggregated, privacy-conscious statistics are necessary for contract performance, improvement, and abuse prevention. Where consent-based technologies are used, the legal basis is Article 6(1)(a) GDPR.

15. Cookie duration

The duration of cookies depends on their purpose.

Possible durations include:

  • session cookies: deleted when you close your browser
  • security cookies: stored for the duration of the security check or for a limited period
  • login cookies: stored for the duration of your session or to recognize a logged-in user
  • consent cookies: stored for a longer period so that we can respect your cookie choice
  • analytics cookies: stored according to the Google Analytics configuration and your consent
  • payment cookies: stored according to Stripe’s configuration and payment requirements

Specific durations may change if we change providers, settings, or technical implementation. Where possible, the specific cookies, providers, purposes, and durations are shown in the cookie or consent banner.

16. Changing cookie settings

You can change your cookie settings or withdraw your consent at any time.

This is possible through the cookie or consent settings on its.gd.

Withdrawal of consent applies for the future. It does not affect the lawfulness of processing before withdrawal.

You can also delete or block cookies in your browser. Please note that some features of its.gd may not work properly if essential cookies are disabled.

17. Browser settings

Most browsers allow you to delete, block, or restrict cookies.

Depending on your browser, these settings are usually available under privacy, security, or website settings.

If you block cookies completely, the following features may be limited:

  • login
  • dashboard
  • link management
  • checkout
  • payment processing
  • cookie preferences
  • security checks
  • abuse protection

18. Third-party cookies

Some cookies or similar technologies may be set or processed by third parties when you use certain features, for example:

  • Cloudflare for security and performance
  • Google Analytics for optional analytics
  • Stripe for checkout and payments
  • Lovable.dev for technical platform functionality
  • Lovable Email (Mailgun) for email delivery and, where enabled, email interaction data

These providers may have their own privacy and cookie policies. The relevant links are provided in the sections above.

19. No guarantee of a complete cookie list

We aim to keep this Cookie Policy current and transparent.

Because cookies and similar technologies may be dynamically set or changed by technical providers, security services, payment providers, and platform integrations, the specific cookie list may change.

The information shown in the cookie or consent banner should reflect the current technical implementation.

20. Changes to this Cookie Policy

We may update this Cookie Policy from time to time, for example if we use new providers, change existing providers, add new features, or adapt to legal requirements.

The current version will be published on its.gd.

21. Contact

For questions about this Cookie Policy or the processing of personal data, you can contact us:

DOMU.STUDIO
Dominic Müller
Mainzer Straße 19
50678 Cologne
Germany

Email: contact@domu.studio

Placeholder document for the its.gd prototype. Replace with reviewed legal copy before production.