One Dead QR in a Tender, So We Built Our Own Bit.ly
A video in our tender submission got blocked on YouTube after we'd already submitted. No way to edit, no way to resubmit. So we built our own link shortener on links.bce.qa instead of paying for Bitly.
Stack
Live at
links.bce.qaThe problem
We had submitted a tender. The tender document had a QR code linking to an animated visualization of the event on YouTube, one of our strongest selling points in the submission. Already submitted, already locked. A few days later the video got blocked. The editor had used a track that wasn't cleared for commercial use, and YouTube flagged it. The QR in our submission now pointed at a blocked page.
We were able to buy the license and the team got the block revoked quickly. But for a while, our tender had a dead link in it, and there was nothing we could do about it from our side. If it had taken longer, or if the track wasn't available to license, we'd have had to call the client and explain.
That's when it clicked: we had no way to change where a link pointed after it left our hands. It couldn't happen again.
Why not just use Bitly?
We looked at Bitly, Rebrandly, Short.io. They all solve this.
But we use links a few times a month. A tender here, a campaign there. Monthly SaaS pricing for that volume makes no sense, and the free tiers either drop the custom domain, cap QR options, or quietly change their terms. We already owned bce.qa, which is already short enough. So we added links.bce.qa as a subdomain and built on that.
What we built
A single-admin link manager on links.bce.qa. Every link's destination can be swapped at any time. The QR and the short URL stay the same, only the target changes. Every change gets logged with a reason, so there's an audit trail of what pointed where and when.
QR codes download as branded PNGs with a gradient in BCE's brand colors and the logo overlaid in the center.
When I showed the first version to the team, they asked if we could know when someone actually opens the link. Until then we were just checking YouTube views manually. So I added click tracking: every click gets logged with device type, browser, OS, IP, and timestamp. And if tracking is enabled on a link, we get an email via Resend the moment someone opens it. For tender submissions, that's how you know the client is actually looking at it.
Links can also have expiry dates. Once a link expires, it returns a branded 410 Gone page instead of silently breaking. Useful for time-limited campaign links.
Auth is a single-password JWT login. No user management, no OAuth. One admin. Edge middleware handles the JWT verification so redirects stay fast.
Stack
Next.js 14 on Vercel, Supabase for storage and click logs, Resend for notifications.
Total recurring cost: $0. Total build time: a weekend.
The takeaway
Anything you submit and can't take back should route through something you control. A QR in a printed tender, a link in a sent email. Once those are out, they're out. The copyright situation was the trigger. The infrastructure is what we actually got out of it.