Privacy Policy – LM‑ID

Last updated: June 20, 2025

1. Introduction

LM‑ID (“we”, “us”, or “our”) is a service that uses Discord OAuth to authenticate users and provide them with a one-time unique ID. Users can view their ID at any time and vote in live events. This policy outlines how we collect, use, store, and protect your information.

2. Information We Collect

• Discord OAuth Data: User ID, username, avatar, and email (if you permit).
• Authentication Tokens: Short-lived tokens used to verify identity.
• Generated IDs: One-time IDs generated by our system.
• Votes: Live event votes tied to your account.
• Technical Logs: IP addresses, user agent, timestamps, and basic browser details for security auditing.

3. How We Use Your Data

• Authenticate users via Discord.
• Generate and display your unique ID.
• Enable live voting functionality.
• Prevent duplicate accounts and fraudulent votes.
• Monitor service usage and prevent abuse.

4. Security Measures

We take security seriously and implement the following protections:

• Encryption in Transit: All communication between your browser and our servers uses HTTPS.
• OAuth Scope Minimization: Only essential Discord scopes are requested (identity and optionally email).
• Token Management: Tokens are never stored long-term and are rotated frequently.
• Rate Limiting & Abuse Prevention: Multiple backend protections prevent spamming and unauthorized access.
• Secure Hosting: Data is hosted on Vercel, a secure, access-controlled platform.
• Database Storage: All user-related data is stored securely in Firebase Firestore with strict access control rules.
• Access Control: Only the developer (Noah) has access to server logs and database entries.
• Regular Reviews: Code and dependencies are reviewed to identify vulnerabilities.

5. Data Sharing

We do not sell or trade your personal information. Data may only be shared with:

• Service Providers: Firebase (database) and Vercel (hosting) only as required to provide the service.
• Legal Authorities: Only if required by law or necessary to protect against abuse.
• Anonymous Aggregates: Data may be anonymized and used to understand voting trends.

6. Data Retention

• OAuth information is kept for the lifetime of your account.
• Generated IDs and votes are retained indefinitely to preserve service continuity.
• Server logs are stored securely for up to 90 days unless required longer by law.

7. Your Rights

• You may request access to or deletion of your data at any time.
• You can contact us to correct errors or withdraw your data if possible.
• Under GDPR/CCPA, you have the right to object to certain types of processing.

8. Cookies & Tracking

LM‑ID uses only essential session cookies. No tracking cookies, ads, or third-party analytics are included.

9. Children’s Privacy

LM‑ID is not intended for users under 13 years of age or equivalent age in your jurisdiction.

10. Changes to This Policy

We may update this policy. Major changes will be announced via Discord or the LM‑ID site. Please check this page for the latest version.

11. Contact Us

For questions or data requests, contact us at:
Email: contact@noahwaseaten.com
Discord: @noahwaseaten