Privacy Policy

1. Overview

This Privacy Policy explains how JWT Dev Tools ("we", "us", "the site") handles information when you use jwtdevtools.com. We are committed to a privacy-first design.

2. Your tokens are never sent to us

JWT decoding, claim inspection, expiry checks, and signature verification all run locally in your browser using JavaScript and the Web Crypto API. Any token, secret, or key you paste is processed on your device and is never transmitted to, logged by, or stored on our servers. When you close the tab, that data is gone.

3. Information we collect

We do not collect personal information directly. We use the following limited data:

• Anonymous analytics. We use Google Analytics to understand aggregate, anonymized traffic (page views, approximate region, device type, referrer). This never includes the contents of your tokens.
• Standard server logs. Our hosting provider may record standard request metadata such as IP address and user agent for security and operational purposes.

4. Cookies and analytics

Google Analytics may set cookies to distinguish unique visitors and sessions. You can block these with your browser settings or an ad/tracker blocker without affecting the decoder's functionality. For details, see Google's Privacy Policy.

5. Third-party services

We rely on a hosting/CDN provider to serve the static site and Google Analytics for traffic measurement. We do not sell, rent, or share any personal data with advertisers.

6. Children's privacy

The site is intended for developers and is not directed at children under 13. We do not knowingly collect information from children.

7. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date at the top of this page.

8. Contact

Questions about this policy? Visit our Contact page.