Privacy Policy
1. Our Commitment to Privacy
JWT Viz is a **client-side, offline-first** web application designed for inspecting and visualizing JSON Web Tokens (JWTs). We operate under a **zero-data-collection policy**—your tokens, inputs, and usage never leave your browser. This Privacy Policy explains our practices to ensure complete transparency and trust.
2. No Data Collection
We **do not collect, store, or transmit** any of the following:
- JWT Tokens: Whether pasted, uploaded, or generated—all processing happens locally using Web Crypto and JavaScript.
- Personal Information: No names, emails, IP addresses, or device identifiers are recorded.
- Usage Analytics: No tracking pixels, Google Analytics, or behavior monitoring tools are used.
- Cookies or Local Storage: Session data is held only in memory and cleared on page refresh or close.
3. How JWT Viz Works
All functionality is **100% client-side**:
- Parsing & Decoding: Uses
jwt-decodeto split and decode Base64Url segments. - Tree Visualization: Built with Svelte reactivity and Bootstrap—no external rendering services.
- Signature Verification: Optional key input triggers
crypto.subtle.verify()in-browser only. - Exports: PNG screenshots via
html2canvasand JSON downloads are generated on your device.
Your data never touches a server.
4. Third-Party Libraries
We use minimal, trusted open-source libraries loaded via CDN or bundled locally:
bootstrap@5.3.3,highlight.js@11.11.1,html2canvas@1.4.1
These do **not** include analytics or tracking scripts. CDN usage is for performance only and does **not** enable user tracking.
5. Security & Responsibility
While we ensure no data leaves your browser, you are responsible for:
- Using JWT Viz on secure, updated devices
- Avoiding public or shared computers for sensitive tokens
- Reviewing exported files before sharing
6. Children’s Privacy
JWT Viz is not directed at children under 13. We do not knowingly process data from minors.
7. Compliance
By design, we comply with GDPR, CCPA, and other privacy laws—because **no personal data is processed**.
8. Changes to This Policy
Updates will be posted here with the new effective date. Continued use constitutes acceptance.
9. Contact
For privacy concerns, open an issue on our GitHub repository.
Your tokens. Your browser. Your privacy—guaranteed.