Privacy policy.

Last updated: 9 May 2026 · Plain English. Read it in two minutes.

The short version

The contact info you put into a session is never saved. It lives in encrypted memory only and is destroyed when the session ends. mangocontact has no user accounts and no database of your shared content.

The site itself — the pages you visit, the buttons you click — uses standard third-party services for analytics, security, and advertising. Those are described in detail below so you know exactly what's happening.

What we process — and for how long

Contact info you type into a session

When you (or someone you're sharing with) enters details — first name, last name, phone, email, note — that information is encrypted with industry-standard authenticated encryption using a key derived from your one-time code. It is held only in our server's working memory for the duration of the session you chose: 15, 30, or 60 minutes. The moment the session ends — by timer, by you clicking End session, by inactivity, or by failed unlock attempts — it is permanently deleted. Nothing is written to disk. There is no database of your contacts, no backup, no log of session contents.

Your IP address

Your IP is briefly visible to our servers when you make a request (the way it has to be for the internet to work) and to the third-party services described below. We use it for:

• Rate limiting — counting how many wrong codes a single IP has tried recently, so attackers can't brute-force codes. Counters live in memory only and reset on a short rolling window.
• Abuse prevention — blocking IPs that show automated abuse patterns.

Site analytics (Google Analytics)

We use Google Analytics (GA4) to understand how people find and use the site — page views, browsers, country-level location, time-on-page. Google sets cookies on your device for this purpose. The data is aggregated and cannot identify you personally, but Google itself may use it under their own terms.

• If you don't want to be tracked, you can opt out site-wide by installing the Google Analytics Opt-Out browser add-on, or by enabling "Do Not Track" in your browser (where supported), or by blocking analytics cookies in your browser settings.
• Google's privacy policy: policies.google.com/privacy

Advertising (Google AdSense / similar networks)

We display ads on the site to keep it free. Ads are served by Google AdSense (and may be served by similar partner ad networks). To do that, ad partners may set cookies and read browser characteristics in order to:

• Show you relevant ads based on your past activity on this site and elsewhere
• Measure ad performance
• Prevent the same ad from being shown repeatedly

You can manage personalised advertising at:

• Google Ads Settings
• YourAdChoices.com (US)
• YourOnlineChoices.eu (EU)

Ads never have access to the contact info you share inside a session — that data is on a separate, isolated path and is not visible to ad scripts.

Performance & security (Cloudflare)

We sit behind Cloudflare for speed, security, and protection against attacks. Your requests pass through Cloudflare's network, which is able to see your IP address, request paths, and basic browser data so it can route, cache, and block hostile traffic. Cloudflare may set a small cookie (e.g. __cf_bm) for bot management. See Cloudflare's privacy policy.

Cookies & similar technologies

The cookies and storage that may be set on your device, by category:

• Strictly necessary — a short-lived browser-side storage entry holding your session token while a sharing session is active. Stays on your device, never sent to anyone but our server, gone when you close the tab.
• Security — Cloudflare bot-management cookies (e.g. __cf_bm).
• Analytics — Google Analytics cookies (e.g. _ga, _ga_*).
• Advertising — Google AdSense / partner cookies for ad personalisation and measurement.

You can clear or block any of these from your browser settings at any time. Blocking analytics or ad cookies will not break the sharing functionality.

What we don't do

• No user accounts, no signup, no email collection
• No selling or licensing of the contact info you share — we don't keep it
• No AI training on the contents of your sessions
• No fingerprinting beyond what the third parties listed above perform

Your rights

For the contact data you share inside a session: there's nothing for us to access, delete, correct, or hand over — it never persists.

For the analytics and ad data collected by our third-party providers, you have the rights granted to you by laws like GDPR (EU/UK) and CCPA/CPRA (California). You can:

• Opt out of personalised ads using the links above
• Opt out of analytics via your browser, an extension, or "Do Not Track"
• Request that our third-party providers delete data they hold about you, via their own privacy controls
• Email us with any other concerns and we'll do our best to help

Children

mangocontact is not directed at children under 13 (or under 16 in jurisdictions where that is the higher threshold). We don't knowingly collect data from children. If you believe a child has used the service, contact us and we'll act accordingly.

International transfers

Our infrastructure provider, Cloudflare, Google Analytics, and our ad partners may transfer data internationally, including to the United States, under their standard contractual safeguards. By using the service you accept these transfers as described in their respective policies.

Changes to this policy

If we change anything material — new analytics, new ad networks, new logging, anything that affects what's done with your data — we'll update the date at the top of this page. Significant changes will be flagged on the homepage for a period before taking effect.

Contact

Questions, concerns, or a privacy request? Email us at info@mangocontact.com.

← Back home