What is a GDPR-compliant URL shortener?

A GDPR-compliant URL shortener is a service that respects the European data protection regulation: hosting within the EU, minimal data collection, no transfer to third parties outside the EU, no tracking cookie. Lejumo meets all of these criteria.

What data does Lejumo collect when creating a link?

Lejumo only records the long URL, the generated short code, the creation timestamp and the chosen expiry duration. An anonymous click counter is incremented on each redirect. No personally identifiable data is collected.

Are there tracking cookies on Lejumo?

No. Lejumo sets no advertising or tracking cookies, neither when creating a link nor during a redirect. No third-party SDK is loaded. The redirect is handled server-side in pure HTTP.

Is data transferred outside the EU?

No. The server is physically hosted in France. No data is replicated on non-EU infrastructure. No US provider is involved in the processing.

How long is my data retained?

Short links and their click statistics are retained as long as the link is active. When a link expires and its code is reassigned, the click data is reset. Permanent links are retained indefinitely.

GDPR URL shortener, GDPR-compliant link shortener — are these the same?

Yes. These terms all refer to a URL shortening service that complies with GDPR. Lejumo meets these criteria: data hosted in France, no tracking cookies, no third-party data transfers.

GDPR

GDPR-Compliant URL Shortener

Other tools URL Shortener QR Code Generator

Lejumo is a URL shortener hosted on a dedicated server in France. No personal data is collected when creating a link. Click statistics are anonymous and not shared with third parties. No advertising cookies are set. GDPR-compliant by design.

Where is your data hosted when you use Bitly or TinyURL?

Bitly is a US company subject to the CLOUD Act: American authorities can demand access to hosted data, including for European users. TinyURL is in the same situation. Links created, IP addresses and click metadata are transmitted and stored on servers in the United States, without a clear legal basis for transfer to the EU since the invalidation of Privacy Shield.

Lejumo runs on a dedicated server physically hosted in France. No data is replicated on foreign infrastructure.

Lejumo: dedicated server in France, no data sharing

Unlike SaaS solutions that rely on American CDNs (Cloudflare, Fastly, AWS CloudFront), Lejumo does not go through any foreign public cloud. The server is dedicated: no opaque sharing, no non-EU hosting subcontractor. Data stays physically in France, subject only to European law.

No third-party SDK, no tracking pixel, no network call to an external service is triggered when creating or visiting a short link.

What Lejumo collects — and what it doesn't

Collected:

The long URL provided by the user (required for the service)
The randomly generated short code
The creation timestamp and the chosen expiry date
An aggregated and anonymous click counter per link

Not collected:

Identity, name, email, phone number
IP address stored durably
Tracking cookie or advertising identifier
Behavioural profile or browsing history
Precise geolocation data

No tracking cookie, no advertising profile

When a visitor clicks on a Lejumo link, the redirect is handled via a pure server-side HTTP 301/302 response. No third-party JavaScript is loaded, no tracking pixel is triggered, no cookie is set on the visitor's browser. The click counter is incremented anonymously, with no possible correlation to an identity.

This architecture is fundamentally different from commercial shorteners that inject tracking scripts to monetise behavioural data.

Ideal for SMBs, IT managers and DPOs

For a company subject to GDPR, using Bitly without a documented Data Processing Agreement (DPA) constitutes a legal risk. Transfer outside the EU without an adequate legal basis is prohibited by Article 44 of the GDPR.

With Lejumo, processing stays within the EU. No DPA with a US provider is required. For DPOs and IT managers who need to document their processing register, Lejumo is the simplest solution: data hosted in France, minimal processing, no third party involved.

GDPR comparison — URL shorteners

Lejumo vs European and American alternatives on key GDPR criteria.

	Lejumo	URLR.me	URLs.fr	Bitly
EU hosting	France	France	France	USA
Tracking cookie	✕ None	Analytics	Analytics	Yes
Account required	✕ No	Free (limited)	Required	Required
Data shared with third parties	✕ No	Yes (analytics)	Yes (analytics)	Yes
Free API	✓ Yes	Paid	✕ No	Paid

Frequently asked questions

What is a GDPR-compliant URL shortener?: A GDPR-compliant URL shortener is a service that respects the European data protection regulation: hosting within the EU, minimal data collection, no transfer to third parties outside the EU, no tracking cookie. Lejumo meets all of these criteria.
What data does Lejumo collect when creating a link?: Lejumo only records the long URL, the generated short code, the creation timestamp and the chosen expiry duration. An anonymous click counter is incremented on each redirect. No personally identifiable data is collected.
Are there tracking cookies on Lejumo?: No. Lejumo sets no advertising or tracking cookies, neither when creating a link nor during a redirect. No third-party SDK is loaded. The redirect is handled server-side in pure HTTP.
Is data transferred outside the EU?: No. The server is physically hosted in France. No data is replicated on non-EU infrastructure. No US provider is involved in the processing.
Is it suitable for organisations subject to GDPR (SMBs, IT managers, DPOs)?: Yes. Lejumo is designed for organisations that need to document their data processing activities and avoid transfers outside the EU. No data processing agreement with a US third party is required. Processing is minimal and hosted in France.
Is my IP address recorded when I create a link?: IP addresses are not durably stored in the link database. They may temporarily appear in standard server logs (nginx logs) required for security and abuse detection, as with any web server, but they are not associated with the created link or used for profiling.
How long is data retained?: Links are kept until their expiry date as chosen by the user (1 day, 7 days, 30 days, 1 year, or permanent). On expiry, the data associated with the link is automatically deleted.
GDPR URL shortener, France-hosted link shortener, tracking-free short link — same thing?: Yes, these terms all describe the same need: a URL shortening service that respects privacy and the European legal framework. Whether you call it a GDPR URL shortener, a GDPR-compliant link shortener, a tracking-free short link service, or a France-hosted URL reducer, Lejumo covers all these use cases.
How long is my data retained?: Short links and their click statistics are retained as long as the link is active. When a link expires and its code is reassigned, the click data is reset. Permanent links are retained indefinitely unless deleted by the administrator.
GDPR URL shortener, GDPR-compliant link shortener, privacy-friendly URL compressor — are these the same?: Yes. These terms all refer to a URL shortening service that complies with GDPR data protection requirements. Lejumo meets these criteria: data hosted in France, no tracking cookies, no third-party data transfers, and no advertising profile creation.

Go further

Shorten a link now — free URL shortener, no account required
Short link + QR code in one click — generate both simultaneously
Reliable and durable shortener — why Lejumo won't shut down like Goo.gl
API no sign-up — integrate the shortener into your tools
Printable QR code — free generator, high-resolution PNG