Privacy Policy

How Keep Omni handles your data

Keep Omni connects securely to your Google Search Console data, processes usage in our Cloudflare Workers stack, and uses Paddle.com as our Merchant of Record. This page explains what we collect, why, and how you stay in control.

Effective: December 11, 2025 Last updated: December 11, 2025

What we store

Google auth tokens, saved keywords, row usage counters, and subscription records.

Where data lives

Cloudflare Workers & KV (core app + caching) and Paddle.com for billing.

Cookies

Essential `sid` session cookie only; Paddle may set checkout cookies as needed.

1) Information we collect

Account & authentication

When you sign in with Google, we receive your name, email, and profile picture plus Google OAuth access and refresh tokens. Tokens are stored securely in Cloudflare KV to fetch Google Search Console data on your behalf.

Service data you create

Saved keywords, target URLs, report preferences, and row usage counters are stored in Cloudflare KV and our Durable Object usage counter.

Google Search Console data

We fetch read-only webmasters.readonly data (impressions, clicks, CTR, position, queries, pages) for the properties you connect. We may cache query results temporarily in Cloudflare KV to speed up the UI.

Payment & subscriptions

Paddle.com is our Merchant of Record. Paddle handles payment details and billing instruments. We store the Paddle customer/subscription identifiers and plan metadata needed to manage your account.

Technical & security logs

IP address (for rate limiting and abuse prevention), device/browser info, error logs, and basic performance metrics to keep the service stable. We do not run advertising trackers.

2) How we use data

  • Provide and improve the Keep Omni dashboards, rankings, tests, and reports.
  • Display your Google Search Console insights and saved keyword tracking inside the app.
  • Manage subscriptions, entitlements, and usage limits (via Paddle and our usage counters).
  • Secure the service with rate limiting, abuse prevention, and incident response.
  • Communicate account updates, billing notices, and product changes.
  • Comply with legal and tax obligations.

3) Sharing & processors

  • Google: OAuth authentication and read-only Search Console data per the scopes you approve.
  • Paddle.com: Merchant of Record for checkout, payments, invoicing, and tax.
  • Cloudflare: Application hosting, KV storage, Durable Objects, and security/performance services.
  • Legal compliance: We may disclose data if required by law or to protect rights, safety, and security.

4) Data storage, security, and retention

  • Data is processed and stored on Cloudflare Workers and KV; transmissions use HTTPS and Cloudflare-managed encryption at rest.
  • Session cookies (sid) are HttpOnly and scoped to the app domain. Admin-only impersonation is stored server-side, not as a browser cookie.
  • OAuth tokens and user records are retained while your account is active. Session records auto-expire after roughly 30 days of inactivity; most stored records have a one-year TTL that extends with activity.
  • Cached Google Search Console responses are short-lived and periodically cleared.
  • Subscription identifiers and invoices from Paddle are retained as required for accounting and tax.
  • On verified deletion requests, we remove user records, tokens, saved keywords, and usage data from our KV store and caches, subject to legal retention needs.

5) Your rights & choices

  • Access or export your data by emailing mail@k-o.pro.
  • Request corrections or deletion of your stored data (tokens, saved keywords, usage records).
  • Manage Google permissions from your Google account at any time.
  • Control cookies via your browser; note that disabling the essential session cookie will sign you out.
  • GDPR users: you may exercise rights to access, rectify, erase, restrict, object, and portability by contacting us.

6) Cookies

  • Essential session: sid keeps you logged in (HttpOnly, Secure when available).
  • Support/admin: Super-admin impersonation metadata is kept server-side to help customers; no extra browser cookie is set for regular users.
  • Paddle checkout: Paddle may set necessary cookies to operate checkout and receipts.
  • We do not set advertising or cross-site tracking cookies.

7) International data transfers

Keep Omni runs on Cloudflare's global network. Data may be processed outside your home country. We rely on appropriate safeguards (e.g., SCCs where applicable, HTTPS in transit, and access controls).

8) Children

Keep Omni is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided data, contact us for removal.

9) Changes

We may update this notice. Material changes will be posted here and may be announced in the app or via email. Continued use after an update means you accept the revised terms.

10) Contact

Business name: Private Entrepreneur (FOP) Oleksii Oleksandrovych Khoroshun
Email: mail@k-o.pro
Website: https://k-o.pro