Legal
Privacy Policy — CodoKit
Last updated: January 1, 2025
This Privacy Policy explains how CodoKit ("we", "us", "our") handles information when you visit our website at https://codokit.example.com (the "Service"). By using the Service, you agree to the practices described in this policy.
The short version
- We do not collect, store, or transmit any data you enter into our tools. Everything you paste, type, or generate inside a tool — JSON, JWTs, Base64 strings, code, hashes — is processed entirely in your browser and never sent to our servers.
- We do use third-party advertising and analytics partners that may set cookies and collect usage data (page views, browser type, approximate location). This is described in detail below.
- We do not sell your personal information. Not to ad networks, not to data brokers, not to anyone. Ever.
1. Data you enter into tools
All CodoKit tools are implemented as client-side JavaScript applications. When you paste text into the JSON Formatter, decode a JWT, generate a UUID, or use any other tool on this site, the input is processed by JavaScript running inside your web browser. The result is rendered into the page you are looking at. At no point is your input transmitted over the network to our servers, to any third-party API, or to any external service.
We have designed it this way on purpose. Many of the inputs our users work with — production API responses, signed JWTs, customer records, credentials — are sensitive. A server-side tool would be a security liability. By keeping all processing in the browser, we eliminate the possibility that your data could be intercepted, logged, or breached in transit.
You can verify this claim yourself: open your browser's Developer Tools (F12 in Chrome or Firefox), switch to the Network tab, and use any CodoKit tool. The only network requests you will see are the initial page load and the loading of static assets (fonts, images, the JavaScript bundle for the specific tool).
2. Data we collect automatically
When you visit CodoKit, our infrastructure and our third-party partners automatically collect certain technical information about your visit. This information is standard for virtually every website on the internet and includes:
- Your IP address (used for routing and rough geolocation, e.g. country-level)
- The type of browser and operating system you are using
- The pages you visit and the time spent on each
- The referring URL (the page you came from)
- Approximate geographic location (country, region — never more granular than city level)
We use this data in aggregate form to understand which tools are most used, which pages perform poorly, and to detect abuse (e.g. someone scraping the site). We do not use this data to build a profile of individual users.
3. Cookies and local storage
CodoKit uses the following storage mechanisms in your browser:
3.1 Local storage (set by us)
We use localStorage to remember your light/dark theme preference. The key is codokit-theme and the value is either "light" or "dark". This is purely a UI preference, contains no personal information, and is never transmitted anywhere.
3.2 Cookies set by our advertising partners
We display advertising through third-party ad networks. These networks may set or read cookies in your browser to select and display relevant advertisements, measure ad performance, and prevent click fraud.
4. Third-party advertising and your choices
Third-party vendors, including Google, use cookies to serve ads based on a user's prior visits to our website or other websites. Google's use of advertising cookies enables it and its partners to serve ads to you based on your visits to our site and/or other sites on the internet.
- You may opt out of Google's personalized advertising by visiting Google Ads Settings.
- You may opt out of third-party vendors' use of cookies for personalized advertising by visiting aboutads.info/choices.
5. Data we do not collect
For absolute clarity, we do not collect:
- The text, code, or data you enter into any tool
- The output produced by any tool
- Your name, email address, or any identifying information (unless you voluntarily contact us)
- Account credentials (we do not have accounts; there is no login)
- Payment information (we do not sell anything; there is no checkout)
6. Data retention
Because we do not collect the data you enter into tools, there is nothing for us to retain or delete on your behalf. Server-side access logs (containing IP addresses and request paths) are retained for a maximum of 30 days for security and abuse-detection purposes, then automatically purged.
7. Your rights under GDPR and CCPA
If you are located in the European Economic Area, the United Kingdom, Switzerland, or California, you have rights to access, rectify, or request erasure of your personal data under applicable data protection laws (GDPR / CCPA).
To exercise any of these rights, contact us at support@codokit.example.com. Because we collect minimal server-side data and no tool input, most requests will be resolved by confirming that no relevant personal data is held.
8. Contact us
If you have any questions about this Privacy Policy or about how CodoKit handles data, please contact us at support@codokit.example.com.