Privacy Policy
Last Updated: April 17, 2025
Table of Contents
- 1. Introduction
- 2. Data We Don't Collect
- 3. Data We May Collect
- 4. How We Use Your Information
- 5. Legal Basis for Processing (GDPR)
- 6. Data Retention
- 7. How We Share Information
- 8. International Data Transfers
- 9. Your Privacy Rights
- 10. Data Security
- 11. Children's Privacy
- 12. Third-Party Services
- 13. Do Not Track Signals
- 14. Changes to This Privacy Policy
- 15. Contact Us
1. Introduction
Welcome to JWT Secret Key Generator ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience on our website. This Privacy Policy outlines our practices regarding information collection, use, and disclosure when you visit or use our website at jwtsecretkeygenerator.com.
We have designed this policy to be transparent, comprehensive, and compliant with global privacy regulations including the European Union's General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other applicable privacy laws.
Important Note: JWT Secret Key Generator is designed with privacy at its core. Our service operates entirely in your browser - the JWT secrets and keys you generate are never transmitted to our servers or stored by us in any way.
2. Data We Don't Collect
To be absolutely clear, JWT Secret Key Generator does not collect, process, store, transmit, or have access to:
- Any JWT secrets or keys you generate using our tool
- Any input data you enter into the generator
- Your cryptographic or project-related information
- Personal data beyond what is outlined in Section 3 below
All key generation functionality runs entirely in your browser's local environment. This client-side architecture ensures that sensitive cryptographic operations remain private and never leave your device.
3. Data We May Collect
3.1. Automatically Collected Information
When you visit our website, our web hosting provider may automatically collect certain technical information, including:
- Device Information: Type of device, operating system, browser type and version
- Connection Information: IP address (anonymized), referring website, pages visited on our site, time spent on pages
- Usage Data: Interactions with the website, features used, buttons clicked
- Performance Data: Page load times, errors encountered
This information is collected using server logs and analytics tools and is used in aggregate to improve our website performance, understand user behavior patterns, and enhance the user experience.
3.2. Cookies and Similar Technologies
We use a limited number of cookies and similar technologies to enhance your browsing experience and analyze website traffic. These may include:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Required for the website to function properly | Session/Persistent |
| Functional Cookies | Remember your preferences and settings | Up to 1 year |
| Analytics Cookies | Help us understand how visitors interact with our website (anonymized) | Up to 2 years |
You can manage or disable cookies through your browser settings. Please note that removing certain cookies may impact the functionality of our website.
For more detailed information about our use of cookies, please see our Cookie Policy.
4. How We Use Your Information
We use the limited data we collect solely for the following legitimate purposes:
- Website Functionality: To operate, maintain, and improve our website
- Analytics and Improvement: To analyze usage patterns, troubleshoot issues, and enhance user experience
- Security: To detect and prevent fraudulent activity and ensure the security of our website
- Legal Compliance: To comply with applicable laws and regulations
We do not use the information we collect for:
- Selling or renting to third parties
- Targeted advertising or marketing purposes
- Automated decision-making or profiling
5. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), United Kingdom, and where applicable, we process your personal data on the following legal bases:
- Legitimate Interest: We process data to improve and secure our website, which we believe does not override your privacy rights
- Consent: Where required by law, we process data based on your explicit consent
- Contractual Necessity: Processing necessary to provide you with access to our website and its features
- Legal Obligation: Processing necessary to comply with our legal obligations
6. Data Retention
We retain the limited data we collect only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Specifically:
- Anonymized analytics data may be retained for up to 26 months
- Server logs are typically retained for 90 days
- Cookie data is retained according to the durations specified in our Cookie Policy
When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.
7. How We Share Information
We do not sell, rent, or trade your personal information. We may share the limited information we collect with:
- Service Providers: Third-party services that help us operate our website, such as hosting providers and analytics services
- Legal Requirements: When required by law, court order, or governmental regulation
- Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate safeguards for your data
All third-party service providers that process data on our behalf are bound by data processing agreements that require them to protect your information in accordance with this Privacy Policy and applicable laws.
8. International Data Transfers
We operate our servers primarily within the European Economic Area (EEA). However, some of our service providers may process data outside the EEA. When we transfer data across borders, we implement appropriate safeguards including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Ensuring receiving countries have adequate data protection as determined by applicable authorities
- Obtaining your consent for specific transfers where required
9. Your Privacy Rights
9.1. GDPR Rights
If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the GDPR:
- Right to Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data in certain circumstances
- Right to Restriction: Request limitation of processing in certain circumstances
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or for direct marketing
- Right Against Automated Decision-Making: Not to be subject to decisions based solely on automated processing
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
9.2. CCPA/CPRA Rights
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know: Request disclosure of categories and specific pieces of personal information collected, sources, purposes, and third parties with whom information is shared
- Right to Delete: Request deletion of personal information
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out: Opt-out of the sale or sharing of personal information
- Right to Limit Use: Limit the use and disclosure of sensitive personal information
- Right to Non-Discrimination: Not to be discriminated against for exercising these rights
California Shine the Light: California residents may request information about disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.
9.3. Global Privacy Rights
We extend core privacy rights to all users regardless of location, including:
- Access to information about what data we collect
- Options to limit certain uses of information
- Notification of significant changes to our privacy practices
To exercise your privacy rights:
- Email us at: jwtsecretkeygenerator@gmail.com
- Use our contact form: Contact Form
We will respond to verified requests within the timeframe required by applicable law (typically 30 days for GDPR and 45 days for CCPA/CPRA).
10. Data Security
We implement appropriate technical and organizational measures to protect your information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:
- Encryption of data in transit using TLS/SSL
- Regular security assessments and penetration testing
- Access controls and authentication requirements
- Employee training on privacy and security practices
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
11. Children's Privacy
JWT Secret Key Generator is not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information from our records.
12. Third-Party Services
Our website may contain links to third-party websites or services that are not owned or controlled by JWT Secret Key Generator. This Privacy Policy applies only to our website. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.
We encourage you to review the privacy policies of any third-party websites you visit.
13. Do Not Track Signals
Some browsers have a "Do Not Track" feature that signals to websites that you do not want to have your online activities tracked. Due to the lack of a common industry standard for "Do Not Track" signals, we currently do not respond to browser "Do Not Track" signals. However, we provide you with the ability to manage your cookie preferences through your browser settings.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of any material changes by posting the updated Privacy Policy on this page with a revised "Last Updated" date.
We encourage you to review this Privacy Policy periodically to stay informed about our information practices. Your continued use of our website after the posting of changes constitutes your acceptance of such changes.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
- Email: jwtsecretkeygenerator@gmail.com
- Contact Form: https://jwtsecretkeygenerator.com/contact
Data Protection Officer:
JWT Secret Key Generator
Attn: Data Protection Officer
privacy@jwtsecretkeygenerator.com
For European Union Residents: If you feel your privacy rights have not been adequately addressed, you have the right to lodge a complaint with your local data protection authority.