Privacy Policy - omg.kim

                TL;DR: We don't track you. We don't sell your data. We don't use cookies. We only count clicks.
            

What We Collect

When you use omg.kim, we collect minimal, non-personal information:

Click counts: Total number of times a short link is clicked
Timestamps: When links are created and last clicked
URLs: The original long URL you want to shorten

Security & Abuse Prevention

To protect our users and service, we process IP addresses for:

Rate limiting: In-memory only, cleared frequently (not permanently stored)
Security logging: When malicious URLs are blocked, we log the IP address and blocked URL (retained for security analysis)

This is necessary to:

Prevent bot abuse and spam
Block malicious actors
Protect our users from harmful links

What We Don't Collect

We are committed to your privacy. We do NOT collect:

IP addresses from normal usage (only logged when blocking malicious URLs)
Personal information (names, emails, etc.)
Browser fingerprints
Location data
Device information
Browsing history
Cookies (we don't use any)

How We Use Data

The limited data we collect is used solely for:

Service operation: Making short links work
Security: Preventing abuse and blocking malicious URLs

We do NOT use your data for marketing, advertising, or any other purpose.

Data Retention

Data retention periods:

Short links: Expire after 30 days (including click counts)
Security logs: Retained for security analysis and fraud prevention

Third-Party Services

We use the following services:

Google reCAPTCHA: Prevents bot abuse (subject to Google's Privacy Policy)
Security scanning services: Check URLs for malware and threats

We do NOT share your data with any other third parties.

Data Sharing

We do NOT:

Sell your data
Share your data with advertisers
Use tracking pixels
Participate in ad networks

Your Rights (GDPR)

Under GDPR, you have the right to:

Access: We don't store personal data to access
Deletion: Links auto-delete after 30 days
Portability: No personal data to export
Object: You can stop using the service anytime

California Privacy Rights (CCPA)

California residents have the right to:

Know what data we collect (see above)
Request deletion (automatic after 30 days)
Opt-out of data sales (we don't sell data)

Security

We protect your data with:

HTTPS encryption (all traffic encrypted)
Industry-standard security infrastructure
Malicious URL blocking
Rate limiting to prevent abuse

Children's Privacy

Our service is not directed at children under 13. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy occasionally. Changes will be posted on this page with an updated date.

Contact Us

Questions about privacy? Contact us at: soorena@pm.me

Last updated: November 27, 2025