1. Introduction
Paramly (“we”, “us”, or “our”) operates a UTM and tracking link management platform (“Service”) accessible via our web application and associated tools. This Privacy Policy explains how we collect, use, and protect information from users (“you”) who access our Website or use our Services.
By using Paramly, you agree to this Privacy Policy. If you do not agree, please discontinue use of our Services.
2. Information We Collect
2a. Account & Registration Data
When you create an account, we collect:
- Name and email address
- Company name (optional)
- Password (stored encrypted)
- Billing information (processed via third-party payment providers; we do not store full card numbers)
2b. Usage Data
As you use the Service, we automatically collect:
- IP address and approximate location
- Browser type, operating system, and device identifiers
- Session activity, feature usage, and link creation logs
- Cookies and similar tracking technologies (see Section 8)
2c. Tracking Link Content (User-Generated)
Users create tracking links and UTM parameters through the Service. The content of those links — including destination URLs and parameter values — is provided entirely by you.
Paramly stores the links you create in order to provide the Service. We do not analyse or sell the content of your links.
3. PII in Tracking Links — User Responsibility
Paramly provides controls to help you avoid embedding Personally Identifiable Information (PII) in your tracking links, including validation rules, parameter restrictions, and warnings that flag common PII patterns (e.g. email addresses, names, phone numbers in URL fields).
However, the responsibility for ensuring that no PII is embedded in tracking links rests solely with you, the user. Paramly:
- Does not review or validate the semantic content of parameters you choose to use
- Is not responsible for PII that you or your team include in URLs, UTM parameters, or custom attributes
- Is not liable for downstream exposure of PII that originates in user-created links, whether shared, published, or distributed by you
We strongly recommend using Paramly’s built-in PII controls and ensuring your team is trained on data hygiene practices before creating and distributing tracking links.
4. How We Use Your Information
We use the information we collect to:
- Provide, operate, and improve the Service
- Authenticate your account and maintain session security
- Process billing and subscription management
- Send transactional emails (account creation, billing, service updates)
- Respond to support requests
- Analyse aggregated, anonymised usage data to improve product features
- Comply with legal and regulatory obligations
We do not sell your personal data to third parties.
5. How We Share Your Information
We do not share your personal information with third parties except in the following circumstances:
- Service Providers: Trusted vendors who process data on our behalf (e.g. payment processors, cloud hosting, email delivery, analytics). These providers are contractually bound to handle data securely and only for specified purposes.
- Legal Requirements: When required by law, regulation, court order, or to protect our rights, property, or the safety of users.
- Business Transfer: If Paramly is acquired or merged, your information may be transferred to the successor entity, which will be bound by this policy or will notify you of changes.
- Aggregated / Anonymised Data: Non-identifiable, aggregated data may be shared or published for research, benchmarking, or marketing purposes.
6. Data Retention
We retain your account data for as long as your account is active or as needed to provide the Service. If you cancel your account:
- Account data is deleted within 90 days of cancellation
- Link history may be retained in anonymised/aggregated form for internal analytics
- We may retain data longer where legally required
7. Data Security
We implement industry-standard technical and organisational measures to protect your data, including:
- Encryption in transit (TLS/HTTPS) and at rest
- Access controls and role-based permissions
- Regular security reviews
To protect our sign-up and sign-in forms from automated abuse, we use Cloudflare Turnstile, a privacy-focused bot-detection service. Turnstile may collect limited technical information (such as your IP address and browser characteristics) to distinguish humans from bots; it does not use this information for advertising or cross-site tracking. Your use of Turnstile is also governed by Cloudflare’s Turnstile Privacy Addendum.
No method of transmission over the Internet is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security.
8. Cookies
We use session and persistent cookies to:
- Maintain login sessions
- Remember user preferences
- Measure and improve Service performance via analytics tools
You may control cookie preferences through your browser settings. Disabling cookies may affect Service functionality.
We use the following analytics tools which may set their own cookies:
- Google Analytics — Privacy Policy | Opt-out
For a full list of cookies in use, see our Cookie Declaration page.
9. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access — request a copy of personal data we hold about you
- Rectification — request correction of inaccurate data
- Erasure — request deletion of your personal data (subject to legal retention requirements)
- Portability — request your data in a machine-readable format
- Objection — object to certain types of processing
- Withdraw Consent — where processing is based on consent
To exercise any of these rights, contact us at: privacy@paramly.com
10. GDPR — Users in the European Economic Area
For users in the EU/EEA, Paramly processes personal data under the following legal bases:
- Contract performance — to provide the Service you have subscribed to
- Legitimate interests — to improve and secure the Service
- Consent — for marketing communications (you may opt out at any time)
- Legal obligation — where required by applicable law
We employ Standard Contractual Clauses (SCCs) for cross-border data transfers outside the EEA where required. A Data Processing Agreement (DPA) is available on request for enterprise customers.
11. Children
Paramly is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.
12. Third-Party Links
The Service may contain links to third-party websites. Paramly is not responsible for the privacy practices or content of those sites. This Privacy Policy applies solely to information collected through our Service.
13. Changes to This Policy
We reserve the right to update this Privacy Policy at any time. When we make material changes, we will:
- Update the “Last Updated” date above
- Notify you by email or via an in-app notice
Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.
14. Contact Us
For questions, concerns, or data requests relating to this Privacy Policy:
Paramly
Email: privacy@paramly.com
We aim to respond to all privacy-related requests within 30 days.