Privacy Policy
Effective 2026-07-15. The short version: we keep as close to nothing as the tools allow.
Client-side tools
The JWT Decoder, Decoder Toolbox, and Email Header Analyzer run entirely in your browser. The data you paste into them is never transmitted to us or anyone else.
Server-assisted tools
The Security Headers Checker, DNS Lookup, and CVE Lookup send only the target you typed (a URL, domain name, or CVE ID) to our serverless functions, which query the stated third party (the target site, Cloudflare DNS, or NVD) and return the result. We do not store these inputs in any application database. Standard, short-lived operational logs of our hosting provider (Cloudflare) may record requests as with any website.
Cookies and tracking
We set no cookies and run no advertising or fingerprinting trackers. If we adopt analytics, it will be a cookieless, aggregate-only service and this policy will be updated first.
External links
Outbound links (including disclosed affiliate links) lead to sites with their own privacy policies.
Contact
Privacy questions: contact page.