Service Description
This page explains in detail what bzz.nu actually is, what it does, how data flows through the service, and which third parties are involved. It is designed to give prospective users, compliance teams, and auditors a clear picture without hunting through multiple documents.
1. Service Overview
bzz.nu is a Software-as-a-Service (SaaS) product operated by Junovy (Amsterdam, The Netherlands, KvK 71813977). It lets signed-in users:
- Turn long URLs into short ones under the
bzz.nudomain. - Pick custom slugs (e.g.
bzz.nu/spring-sale) where available. - Set expiry dates so short links can auto-disable.
- Build a single-page micro site (a “link-in-bio” style profile) at their own slug.
- See aggregate click analytics (total clicks, daily counts, rough country-level breakdowns).
bzz.nu is explicitly not:
- A general web hosting provider.
- A file-storage or file-sharing service.
- An advertising platform.
- A consulting or agency service.
2. Architecture
bzz.nu consists of three main components:
| Component | Runs at | Purpose |
|---|---|---|
| Redirect service (Go + Echo) | bzz.nu | Serves the public marketing page, the redirect endpoint /:slug, and the rendered micro-site pages. |
| API (Go + gqlgen GraphQL) | api.bzz.nu | CRUD for links and micro sites. Authenticated by Keycloak-issued JWTs. |
| Dashboard (Next.js 16) | dashboard.bzz.nu | The web UI where users manage their links and micro sites. |
Authentication is handled by our identity provider Keycloak at auth.junovy.com/realms/dds. Both the dashboard and the API verify Keycloak-issued tokens; bzz.nu itself never sees or stores user passwords.
3. Infrastructure
All production infrastructure for bzz.nu lives in the European Union. Specifically:
- Compute. Virtual machines on Hetzner Cloud in Germany, running a managed Kubernetes cluster.
- Database. Managed PostgreSQL on Hetzner Cloud in Germany, with encrypted backups.
- Cache / rate limiting. In-cluster Redis, used for short-link caching and per-IP rate limiting on the
/:slugendpoint. - Object storage. SeaweedFS (self-hosted) for micro-site avatar images.
- DNS. Hetzner Cloud DNS as the primary authoritative provider, with Bunny.net (BunnyWay d.o.o., Slovenia) as a secondary authoritative provider for redundancy.
- TLS certificates. Issued by Let’s Encrypt (no personal data exchanged).
- Transactional email. Mailjet SAS (France), used only for password resets and account notifications.
We do not replicate or fail over to any non-EU region. If you need a data-residency commitment in writing, email [protected email].
4. Data Processing per Feature
4.1 Short Link Resolution
When a visitor requests bzz.nu/example:
- The redirect service receives the HTTP request.
- The per-IP rate limiter checks whether this client has exceeded its quota. The rate-limit key is the visitor’s SHA-256 salted IP hash, not the raw IP.
- The slug is looked up in Redis (cache); if missed, it is fetched from PostgreSQL.
- If the link exists and is active, an analytics event is enqueued (see § 4.3).
- The visitor receives an HTTP 301/302 redirect to the destination URL.
The destination URL is set by the link owner; bzz.nu does not inspect it in real time beyond checking it against a blocklist of known-malicious domains.
4.2 Micro Site Rendering
Micro sites are single-page profiles at bzz.nu/<slug>. They are rendered server-side by the redirect service using an embedded Go template. The micro-site record (display name, bio, links, avatar URL, theme) is fetched from PostgreSQL. Avatar images are served from SeaweedFS. An analytics event is recorded for each view, using the same hashing approach as link clicks.
4.3 Analytics
Every click and every micro-site view generates an analytics event with the following fields:
link_idormicrosite_idtimestampip_hash— SHA-256 of (visitor IP + server-side salt)user_agent— browser-reported UA stringreferrer— HTTP Referer header, when presentdnt— boolean, whether the browser sentDNT: 1
Events are stored in PostgreSQL. The salt is held in the ANALYTICS_SALT environment variable, managed through our secrets manager, and never logged. The salt is rotated when we redeploy the service, so hashes from different deployments cannot be correlated. Because we never retain the raw IP, we cannot cross-reference a click with any other data to identify the visitor.
4.4 Account Management
Account creation and authentication are handled by Keycloak. bzz.nu receives an opaque subject identifier (sub) and an email claim from the Keycloak ID token. We store these, plus an optional display name, in our own users table to associate links and micro sites with the correct owner.
5. Retention per Feature
| Data | Retention | Notes |
|---|---|---|
| Account profile | Life of account + 30 days | Deleted fully within 30 days of account closure; persists in backups up to 30 additional days. |
| Short-link records | Until deleted by user, or 30 days after account closure | Slugs become available for reuse after deletion. |
| Micro-site content and assets | Until deleted by user, or 30 days after account closure | Avatar images are removed from object storage in the same window. |
| Analytics events | 12 months in raw form, then aggregated | After 12 months only per-day totals per link remain. |
| Traefik access logs | 90 days | No analytics use; kept only for security and incident response. |
| Support email | 3 years after last correspondence | To let us handle follow-up questions and disputes. |
| Backups (full database) | 30 days rolling | Encrypted, stored in Hetzner EU object storage. |
6. Subprocessors
The following third parties may process personal data on our behalf. Each has signed a Data Processing Agreement (DPA) under Article 28 GDPR. For a complete summary of data categories shared with each processor, see Privacy Policy § 6.
| Processor | Role | Location | Category |
|---|---|---|---|
| Hetzner Online GmbH | Cloud infrastructure, managed PostgreSQL, primary authoritative DNS, object storage | Germany (EU) | Essential |
| BunnyWay d.o.o. (Bunny.net) | Secondary authoritative DNS (backup) | Slovenia (EU) | Essential |
| Mailjet SAS | Transactional email delivery | France (EU) | Essential |
| Let’s Encrypt (ISRG) | TLS certificate issuance | United States (no personal data) | Essential |
We do not currently use any analytics, CRM, marketing, or ad-tech vendors. If we ever add a subprocessor, we will update this list and notify existing users by email before any new processing begins.
7. Service Availability
bzz.nu is currently in public preview. Our internal availability target is 99.5% monthly uptime for the public redirect endpoint, measured externally. We do not currently offer a formal Service Level Agreement (SLA) with service credits.
We monitor the service 24/7 with on-call engineers and publish status updates at status.bzz.nu (coming soon — until then, follow the Junovy status page or email [protected email]).
8. Pricing
bzz.nu is free to use during the public preview period. Reasonable usage limits apply (see Terms of Service § 6). Paid plans are planned for a future launch; when we introduce them, existing accounts will receive at least 30 days’ notice and the option to export data and close the account before any charge.
Current pricing, when available, will be published at dashboard.bzz.nu/pricing.
9. Security Measures
See Privacy Policy § 10 for the full list of technical and organisational measures. Highlights:
- TLS 1.2+ everywhere, with HSTS.
- Hashed, salted IP storage for analytics.
- Encrypted database backups.
- Secrets managed through HashiCorp Vault.
- Role-based access control and least privilege for staff.
- Automatic dependency scanning and security patching.
- Documented incident response plan, including GDPR Article 33 breach notification within 72 hours.
10. Questions
Compliance questions, DPA requests, and procurement reviews can be sent to [protected email]. General product questions go to [protected email].