Home /

Privacy Policy

Privacy Policy

Effective Date: November 07, 2025

1. Our Commitment to Privacy

JWT Viz is a **client-side, offline-first** web application designed for inspecting and visualizing JSON Web Tokens (JWTs). We operate under a **zero-data-collection policy**—your tokens, inputs, and usage never leave your browser. This Privacy Policy explains our practices to ensure complete transparency and trust.

2. No Data Collection

We **do not collect, store, or transmit** any of the following:

  • JWT Tokens: Whether pasted, uploaded, or generated—all processing happens locally using Web Crypto and JavaScript.
  • Personal Information: No names, emails, IP addresses, or device identifiers are recorded.
  • Usage Analytics: No tracking pixels, Google Analytics, or behavior monitoring tools are used.
  • Cookies or Local Storage: Session data is held only in memory and cleared on page refresh or close.

3. How JWT Viz Works

All functionality is **100% client-side**:

  • Parsing & Decoding: Uses jwt-decode to split and decode Base64Url segments.
  • Tree Visualization: Built with Svelte reactivity and Bootstrap—no external rendering services.
  • Signature Verification: Optional key input triggers crypto.subtle.verify() in-browser only.
  • Exports: PNG screenshots via html2canvas and JSON downloads are generated on your device.

Your data never touches a server.

4. Third-Party Libraries

We use minimal, trusted open-source libraries loaded via CDN or bundled locally:

  • bootstrap@5.3.3, highlight.js@11.11.1, html2canvas@1.4.1

These do **not** include analytics or tracking scripts. CDN usage is for performance only and does **not** enable user tracking.

5. Security & Responsibility

While we ensure no data leaves your browser, you are responsible for:

  • Using JWT Viz on secure, updated devices
  • Avoiding public or shared computers for sensitive tokens
  • Reviewing exported files before sharing

6. Children’s Privacy

JWT Viz is not directed at children under 13. We do not knowingly process data from minors.

7. Compliance

By design, we comply with GDPR, CCPA, and other privacy laws—because **no personal data is processed**.

8. Changes to This Policy

Updates will be posted here with the new effective date. Continued use constitutes acceptance.

9. Contact

For privacy concerns, open an issue on our GitHub repository.

Your tokens. Your browser. Your privacy—guaranteed.