Last updated: May 12, 2026
Overon ("we", "us", or "our") operates the Overon URL shortening and banner overlay platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By accessing or using the Service, you agree to the terms of this Privacy Policy.
When you register for an account, we collect your email address and, optionally, your name and contact number. If you sign in via Google or Facebook, we receive your name, email, and profile identifier from those providers.
Payment processing is handled by Stripe. We do not store your full credit card number. We retain only the card brand and last four digits for display purposes.
When someone clicks a shortened link, we record the click timestamp, referrer URL, approximate geographic location (country), device type, browser, and IP address. This data is used to provide analytics to link owners.
Banner images you upload are stored in our cloud storage (AWS S3) and are displayed to visitors who click your shortened links.
When a visitor clicks a Free-plan short link, they pass through a 5-second interstitial page that serves third-party advertising (see Section 4.2). On that page, the advertising network may set cookies and collect technical signals (IP address, user agent, referring URL, approximate location) for ad serving and fraud prevention. We do not control which specific data the ad network collects beyond the contractual obligations of its terms of service. Visitors can decline non-essential cookies via the consent banner on the interstitial page; declining will prevent the advertising script from loading.
We do not sell your personal data. We share information with the following providers only as needed to operate the Service:
The Free-plan interstitial page displays third-party advertising. We currently work with Adsterra (operated by Globalmd Group SRL) as our advertising network. Adsterra serves display ads inside the interstitial and may, in connection with that serving, set its own cookies and collect technical signals from the visitor's browser (e.g., IP address, user agent, ad-impression identifiers, referring URL, approximate location) for the purposes of ad delivery, frequency capping, and fraud prevention.
Information collected by Adsterra is subject to Adsterra's privacy policy, which is available at https://adsterra.com/privacy-policy/. We do not receive a copy of the data Adsterra collects beyond aggregated reporting (impressions, click counts) for the purpose of measuring revenue.
Visitors to the interstitial page can decline non-essential cookies via the consent banner shown on first visit. Declining will prevent the Adsterra script from loading and stop any associated cookie placement; the redirect itself still works without ads.
Paid plan links (Lite and above) do not show ads and do not involve third-party advertising trackers.
We retain your account data for as long as your account is active. Analytics data is retained according to your plan tier (7 days for Free, up to 365 days for Business plans). When you delete your account, we process the deletion within 30 days and remove your personal data, links, and analytics.
We use first-party essential cookies for authentication, session management, and preventing duplicate click counting. These cookies do not require consent because they are strictly necessary for the Service to function.
The Free-plan interstitial page may, with your consent, allow Adsterra and its sub-vendors to set advertising cookies. These cookies are used by Adsterra for ad delivery, frequency capping, and fraud prevention. On the first visit to an interstitial page, a consent banner is shown. You may accept or decline. Your choice is stored in a first-party cookie (overon_ad_consent) so we don't ask again on subsequent visits.
If you decline, the advertising script will not load and no Adsterra cookies will be set on your browser through our pages. You can change your choice at any time by clearing the overon_ad_consent cookie for the interstitial domain.
The marketing site (overon.io) and the logged-in dashboard (app.overon.io) use Google Tag Manager (GTM) to load analytics and measurement scripts. GTM may set cookies and send data to Google's servers to help us understand how visitors use our site (page views, navigation paths, conversion events). No advertising-network or retargeting pixels are loaded through GTM. You can opt out of Google Analytics data collection by installing the Google Analytics Opt-out Browser Add-on. Only essential first-party cookies are used beyond analytics.
You may:
We implement industry-standard security measures including encrypted connections (TLS), secure password hashing, and access controls. However, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.
The Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.
If you have questions about this Privacy Policy, please contact us at [email protected].