Controller
The data controller is David Trotonda Gilabert, owner of TuBack.link. You can consult the identification details in the Legal notice and contact us at info@tuback.link.
Data we process
We may process your store URL, selected category, searches performed, opportunities viewed, saved results, unlock status, account data, email, technical logs, IP address and support communications.
If you voluntarily subscribe to the newsletter, we process your email, the category from which you signed up and the subscription confirmation status.
If a paid plan is activated in the future, we may also process the data needed for billing and payment through secure payment providers.
Purposes
We use data to generate backlink lists, save searches in the dashboard, unlock results with registration, improve recommendation quality, prevent abuse, solve incidents and comply with legal obligations.
We also use email to confirm the account, recover access, send a welcome message related to the service and answer support requests.
When you request the newsletter, we first send a double-confirmation email. Only after confirming will you receive the weekly summary of ecommerce news, trends and marketing.
TuBack.link is not designed to process end-customer data from a store. We do not need names, orders, addresses or payment data from your ecommerce customers.
Legal basis
Account management and provision of the tool are based on performance of the relationship requested by the user. Security and abuse prevention are based on legitimate interest and compliance with legal obligations when applicable.
Periodic tips, updates or offers by email will only be sent when the user has voluntarily checked the consent box. This permission can be withdrawn at any time without affecting the account.
Providers
We use Vercel for hosting, Supabase for database and authentication, Google for optional Google access, Resend to send and receive account and support emails, and beehiiv to manage confirmed subscriptions and send the newsletter.
These providers should only process data necessary to perform their function and under confidentiality and security commitments.
Some providers may process data outside the European Economic Area. In those cases, mechanisms recognized by the GDPR apply, such as adequacy decisions or standard contractual clauses.
Retention
We retain data while the account is active or while it is necessary to provide the service, handle support, maintain security records or comply with legal obligations.
Consents and unsubscribe records will be retained as long as necessary to demonstrate compliance. Messages and technical events will be reviewed and deleted when they are no longer needed for support, security or legal defense.
Rights
You may request access, rectification, deletion, objection, restriction or portability by writing to info@tuback.link. You can also withdraw email consent through the unsubscribe link included in each communication.
If you consider that we have not processed your data correctly, you can file a complaint with the Spanish Data Protection Agency.
Security
We apply reasonable technical measures to protect the platform: HTTPS, access control, database policies, activity logs and separation between public and private data.
No system is infallible, but the service is designed to minimize personal data and prevent unauthorized access.
Automated decisions and minors
TuBack.link does not make automated decisions with legal effects on its users. Backlink recommendations are directional and the user decides which ones to use.
The service is aimed at businesses and professionals and is not intended for children under 14.
TuBack.linkHow it works