Privacy Policy

1. Local First Approach

All tools provided by DevDeck are designed to run locally within your browser using modern Web APIs. We do not transmit your data to any external servers unless explicitly required for a specific feature you opt into (like Quick Dump).

2. Data Collection

We do not collect analytics, telemetry, or tracking data. Your Scratchpad notes, Clipboard history, and Audit Logs are stored entirely within your browser's localStorage.

3. Zero-Knowledge Quick Dump

The Quick Dump feature allows you to sync data across devices. To protect your privacy, this feature uses Zero-Knowledge End-to-End Encryption. Your text and files are encrypted locally in your browser using AES-GCM before being uploaded. The encryption key is included in the URL fragment (#hash) which is never sent to our servers. We store only the ciphertext. Even if our servers are compromised, your data cannot be read without your specific share link. All ciphertext is permanently deleted when it expires or after its first read if Burn After Read is enabled.

4. Client-Side Processing

Tools such as the JSONPath Playground, Local SQLite Explorer, Image Compressor, QR Code Generator, and SVG to React Converter perform all processing entirely on your local CPU. Your databases, image files, JSON payloads, and SVG code are never uploaded to any external server.

5. client-side Capability (PWA)

DevDeck is built as a Progressive Web App (PWA). Once loaded, the core application logic is cached on your device. This ensures that your sensitive data (like in the JWT Decoder) physically cannot be transmitted when you disconnect from the internet.