Privacy
Privacy & how this works
Everything here runs entirely in your browser. There is no backend, no account, and nothing you type is sent to a server.
Everything runs in your browser
Every tool computes locally on your device — hashing, encryption, JWT signing, file inspection, image conversion. There are no API routes and nothing is uploaded; the privacy is structural, not a promise.
No accounts, no tracking of you
There is no sign-up and no user profile. The site doesn't read your inputs, and it can't — your data never leaves the tab.
Your data stays on your device
Favorites, recents, saved snippets, and the workspace tray are kept in your browser's local storage. Clearing your browser data removes them; nothing is synced anywhere.
Secrets are blocked, never stored
Detected secrets — private keys, bearer tokens, API keys, JWTs — are refused by the workspace and snippets, and tools never round-trip secrets through shareable URLs.
Privacy-respecting analytics
Anonymous, aggregate metrics (Vercel Analytics and Speed Insights) measure performance only — no cookies that identify you and no input content. They do nothing if the keys aren't configured, and your browser's tracker blocking is respected.
Works offline
A service worker caches the app locally so it keeps working without a connection — which only makes sense because there's no server it needs to talk to.
Open source — verify it yourself
The whole project is open source. Read the code, audit the privacy claims, or run it yourself.