Privacy Policy

1. Data We Collect

Account information (if you register):

• Name, email address
• OAuth identifiers (Google ID, Apple ID) if you use social sign-in
• Avatar URL (from Google, if provided)

User-generated content (if you use authenticated features):

• Todo items, ideas, notes
• Pastes (code snippets)
• Short links and UTM links
• Tool usage history (if you opt to save it)

Automatically collected:

• IP address (used for the IP Info tool; not stored)
• Basic usage analytics (page views, via Google Analytics)
• Error reports (via Sentry) when something goes wrong

2. Public Tools

Most developer tools (JSON formatter, Base64 encoder, hash generator, etc.) work without an account. Input you submit to these tools is processed on the server and is not stored or logged.

3. Authentication

You can create an account using:

• Email and password
• Google Sign-In
• Sign in with Apple

The iOS app uses token-based authentication (Laravel Sanctum). Tokens are stored securely on your device and can be revoked at any time from your profile settings.

4. Analytics & Error Reporting

• Google Analytics — used on the website (production only) to understand which tools are popular. No analytics in non-production environments.
• Sentry — captures error reports and stack traces to help us fix bugs. No personal data is intentionally included in error reports.

5. Tracking

We do not use Apple's Identifier for Advertisers (IDFA) or any cross-app or cross-site tracking technologies. We do not participate in ad networks or share your data with data brokers. The iOS app does not display an App Tracking Transparency prompt because no tracking occurs.

6. Third-Party Services

We use the following external services:

7. Data Storage & Security

Your data is stored in a MySQL database on our server. Passwords are hashed using bcrypt and are never stored in plain text. API tokens are hashed with SHA-256 before storage. We do not sell, share, or transfer your personal data to third parties for marketing purposes.

Your data is retained for as long as your account exists. When you delete your account, all associated data is permanently and immediately removed. We do not retain backups of deleted user data beyond our standard 30-day database backup rotation.

8. Account Deletion

You can delete your account and all associated data at any time:

• Website: Visit our account deletion page or go to Profile Settings and click "Delete Account"
• iOS app: Go to Profile → Delete Account
• Apple Sign-In users: You can also revoke access from Apple ID Settings → Sign-In & Security → Sign in with Apple
• Email: Contact us at the address below and we will delete your account within 48 hours

When your account is deleted, all your data (todos, pastes, short links, ideas, UTM links, history, and API tokens) is permanently removed.

9. Your Rights

You have the right to:

• Access your personal data via your profile and the API
• Delete your account and all associated data at any time
• Export your data via the API

California residents (CCPA): We do not sell personal information as defined by the California Consumer Privacy Act.

EU residents (GDPR): You may exercise your rights under the General Data Protection Regulation by contacting [email protected].

10. Contact

For privacy-related questions or data deletion requests, contact: [email protected]

11. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email to registered users. The "last updated" date at the top of this page will always reflect the most recent revision.