Back to home
Privacy Policy

Privacy Policy

This page explains what data we collect, how we use it, and the choices you have when using our security utilities (one-time secret links, password generator, Base64, hashing, and more).

Last updated: February 7, 2026
Security-first
Data minimization
Transparent practices

1) What we collect

  • Account data (if applicable): email, name, organization, and basic preferences.
  • Usage data: approximate timestamps, feature usage (e.g., “one-time link created”), and technical logs (e.g., error traces) to keep the service reliable.
  • Device & network data: IP address, browser type, and basic device identifiers for security, abuse prevention, and debugging.
  • Support communications: messages you send to us and related metadata.

We do not want your secrets. For tools that process sensitive input (passwords, secrets, payloads), we aim to keep data client-side where possible and store as little as necessary server-side.

2) One-time secret links (critical details)

  • Purpose: you can share a secret that can be viewed once.
  • Storage model (recommended): store only an encrypted blob on our servers. The decryption key can be kept in the URL fragment (after #) so it’s not sent to the server.
  • Expiry: secrets expire automatically after the chosen time or after the first view.
  • Access logs: we may log access events (timestamp, IP, user agent) for abuse detection and reliability.

If you paste highly sensitive data, prefer short expirations and share links over end-to-end encrypted channels.

3) Cookies & local storage

We may use cookies (or similar technologies) for:

  • Session management (if you sign in)
  • Security features (CSRF protection, abuse prevention)
  • Remembering preferences (theme, language)

You can control cookies through your browser settings. Some features may not work without them.

4) How we use data

  • Provide and operate the service (including generating and delivering one-time links)
  • Improve reliability, performance, and user experience
  • Prevent fraud, abuse, and attacks
  • Respond to support requests
  • Comply with legal obligations

5) Legal bases (where applicable)

  • Contract: to deliver requested features.
  • Legitimate interests: security, analytics for service reliability, and abuse prevention.
  • Consent: where required (e.g., certain optional analytics cookies).
  • Legal obligation: compliance with applicable laws and lawful requests.

6) Data retention

  • One-time secrets: deleted after first view or at expiry (whichever comes first).
  • Logs: retained for a limited period for security and debugging, then deleted or anonymized.
  • Account data: retained while your account is active or as required by law.

7) Security measures

  • Encryption in transit (HTTPS)
  • Encryption at rest for sensitive stored data (where applicable)
  • Rate limiting, anomaly detection, and abuse monitoring
  • Least-privilege access controls
  • Regular dependency updates and security reviews

No system is 100% secure. If you believe you found a vulnerability, please contact us responsibly.

8) Contact

If you have questions about this Privacy Policy or your data, contact us:

If your jurisdiction grants you rights (access, deletion, correction, portability, objection), mention your request in your email.