OMGfixMD · privacy
Try the app

How OMGfixMD handles your data

(Short answer: it doesn't.)

The whole thing in one paragraph

OMGfixMD is a browser-only review surface for LLM responses. The website (omgfixmd.com) has no backend. The browser extension has no backend. There is no server, no database, no telemetry pipeline. Your copied text moves from one tab in your browser to another tab in your browser, in RAM, and is cleared the moment the destination tab receives it. Nothing about you, nothing about your content, and nothing about your behavior leaves the machine you're sitting in front of.

That paragraph is the whole product, and it's the whole privacy model. The rest of this page is just the cost of you not having to take our word for it.

What runs where

Two small content scripts run on every webpage you visit. They have to, because the value of OMGfixMD is detecting when you copy a long response on any LLM chat — Claude, ChatGPT, Gemini, Perplexity today, and whatever launches next. We can't pre-list every chat tool that hasn't been invented yet. So the scripts run everywhere, and they do exactly two things:

  1. The first script wraps navigator.clipboard.writeText — the function any web page calls when it puts text on your clipboard. When that function is called with a string longer than 300 characters, the script forwards the text to the rest of the extension and lets the original write through unchanged. The whole thing is about a kilobyte.
  2. The second script listens for the copy event (you pressing ⌘C on a selection) and reads the same selection — same 300-character threshold. If the threshold is hit, it shows the toast you see in the bottom-right corner.

Neither script reads anything else from the page. Not the URL beyond location.hostname. Not your form input. Not your cookies. Not the rest of the DOM. Not your scroll position. Not the content you didn't copy.

What happens to your copied text

When you click "Review" on the toast, the extension opens omgfixmd.com in a new tab and hands the text to that tab through the browser's normal page-injection mechanism. The handoff is the only moment the extension and the omgfixmd.com tab talk to each other. The extension's in-memory copy of the text is cleared the instant the omgfixmd.com tab acknowledges it. omgfixmd.com itself runs entirely client-side: your annotations live in your browser's localStorage, on your machine, and nowhere else.

If you don't click "Review" — if you let the toast time out, or click ✕ — the captured text is dropped on the floor and never leaves the source tab.

The only thing OMGfixMD remembers

One boolean per origin: whether you've clicked ✕ on the toast on this site. If you have, the toast stays quiet on that site for the rest of your browser session, then forgets. That's the entire persistent state of the extension.

We don't store: your copied text, your refined prompts, your annotations, your IP address, your browsing history, your tab state, your account (because there is no account), your usage frequency, or which LLMs you use most. None of that touches a server because there is no server.

What would have to change for OMGfixMD to start collecting data on you

Source code edits in three places, plus a Chrome Web Store re-review (which exposes the change publicly), plus a public reversal of the privacy commitments above. None of those things can happen quietly. If they happen at all, you'll see them in the listing's update notes and in the extension's request for new permissions.

The hedge

"Don't you have to trust us anyway?" Sort of, yes. But the most important thing about the OMGfixMD privacy model isn't a promise we make — it's a structural fact: there is no backend to lie about. We could not collect your data even if we wanted to, because we did not build the thing that would do the collecting. The whole project is shaped around making it expensive to ever break that. That's the design.