Legal

Terms of service

302me is provided as-is, without warranty of any kind. By using this service you agree to the following:

What you can do

  • Create searchbars and shortcuts for personal or team use
  • Share public searchbars with anyone
  • Use the API with a valid token
  • Enable client-side encryption for your bookmarks

What you can't do

  • Use the service to redirect users to malware, phishing, or illegal content
  • Abuse the API or attempt to degrade the service for others
  • Create accounts in bulk or use automation to scrape the service
  • Impersonate other users or organizations

Account termination

We reserve the right to suspend or delete accounts that violate these terms, without notice. You can delete your own account at any time from your account settings. When an account is deleted, all associated data (searchbars, shortcuts, API tokens) is permanently removed.

Liability

302me is not liable for any damages arising from your use of the service, including but not limited to data loss, incorrect redirects, or loss of encrypted bookmark URLs due to lost encryption keys. If you enable encryption and lose your key, your URLs are gone. We can't recover them.

Privacy

What we store

  • Your email address and hashed password (via Devise/bcrypt)
  • Searchbar metadata: name, slug, description, visibility, fallback URL
  • Shortcut data: keyword, URL, label
  • API token names and hashed token values

What we don't store

  • Encryption keys. They live in your URL fragment and sessionStorage. The server never sees them.
  • Plaintext URLs for encrypted searchbars. We store the ciphertext only.
  • Analytics, tracking pixels, or third-party cookies. There are none.

What we log

Standard server logs (IP, user agent, timestamps) for operational purposes. We don't sell or share this data. Logs are rotated and not retained long-term.

Third parties

We load Bootstrap CSS and JS from the jsDelivr CDN. That's the only external resource. No analytics, no ads, no tracking scripts.

Data deletion

Delete your account from account settings and everything goes with it. If you want a data export first, use the API.

Disclosure

The author of this site pleaded guilty to a violation of 18 U.S.C. § 1030(a)(2), which is technically a federal computer fraud charge. The actual context was software piracy. This is disclosed here because it's public record, and because if someone on Hacker News is going to dig it up, it might as well be easy to find.

This has no bearing on how the service operates. Your data isn't being pirated. The irony is not lost.